r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3826
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 22:18:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1609
Cache-Control: max-age=131961
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:47 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:58:08 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7354
Expires: Tue, 06 Dec 2022 00:21:21 GMT
Date: Mon, 05 Dec 2022 22:18:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 21:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3507
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Gf6HaM715qA9UHR3SDiYCRqe210EKRdv6MqB3oWqN+N8/B3TKgB7PRXJQayQnmlJq257iis18R0=
x-amz-request-id: MMA9B2N0EZ8XXGVE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 21:46:50 GMT
age: 1917
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:18:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 589
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1591
Cache-Control: max-age=126875
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:48 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:33:23 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Lato
142.250.74.74200 OK 327 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato
IP 142.250.74.74:0
Hash 40e7a3163187a0d443589571b573647e
787c6f7a243202e0abab2670c0c87002d68eab62
5a1544436dcb3d3942a4a21a71d738ae75516c037f4e21b579713796ee5ea447
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 22:18:48 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans
142.250.74.74200 OK 601 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.74:0
Hash 75d181fc850170da6e8f60df6cfc3f07
8c36b95d4b2746668a67479d14c983993d415038
9f8f28568038df45d52650d52e7316819f7f787c480f016af0333127eb11b67e
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 22:18:48 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
darjeelingtealovers.com/
204.11.58.156200 OK 16 kB IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16752)
Hash 4b73f61d2af0d65d423c47061c71e668
7880f880d17dea4b1471cf4e67f37fae0573c044
bed5114afa5333681101144c568b39ea942ebee2797b513e50fc6298cffa1542
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:46 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
Content-Encoding: gzip
WPO-Cache-Status: cached
Last-Modified: Mon, 05 Dec 2022 13:12:52 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400
142.250.74.74200 OK 983 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400
IP 142.250.74.74:0
Hash 5f62e40e655aaf22009cd275ba9e9636
c5f599953b7b6d8e1a270454a056366ca30d3b9a
b28517025ff609421480589d13166633850de3f3b128057f87a93fc4912c812e
GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 22:18:48 GMT
date: Mon, 05 Dec 2022 22:18:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 865MK9DjXMKa529TGG+xQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gNlgEnCMY7wndKJbMq7SWZy4Ih4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0ad493eb174ea0450e01ace0ccec568c
b478a7dc0ae09630f04f336bbfa5fe87d542c46e
4fee5bac00c3d43f7945d01c24952e1eb36ac00ccaddd0acbc34cd77f8049c80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FEE5BAC00C3D43F7945D01C24952E1EB36AC00CCADDD0ACBC34CD77F8049C80"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 04:18:46 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0ad493eb174ea0450e01ace0ccec568c
b478a7dc0ae09630f04f336bbfa5fe87d542c46e
4fee5bac00c3d43f7945d01c24952e1eb36ac00ccaddd0acbc34cd77f8049c80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FEE5BAC00C3D43F7945D01C24952E1EB36AC00CCADDD0ACBC34CD77F8049C80"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 04:18:46 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0ad493eb174ea0450e01ace0ccec568c
b478a7dc0ae09630f04f336bbfa5fe87d542c46e
4fee5bac00c3d43f7945d01c24952e1eb36ac00ccaddd0acbc34cd77f8049c80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FEE5BAC00C3D43F7945D01C24952E1EB36AC00CCADDD0ACBC34CD77F8049C80"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 04:18:46 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Connection: keep-alive
darjeelingtealovers.com/wp-content/uploads/2017/12/ssl.png
204.11.58.156200 OK 21 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2017/12/ssl.png
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 235 x 105, 8-bit/color RGBA, non-interlaced\012- data
Hash d27f408c8008a3fd819cc07088558ad3
5124c884ff88b21bb74d3dacac54a0b11db10a83
5eb7fbcb4898d74db8b1554bd5390957d771fc802b9b99710cb66f23e178bc89
GET /wp-content/uploads/2017/12/ssl.png HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Dec 2017 14:09:51 GMT
accept-ranges: bytes
content-length: 21297
content-type: image/png
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.darjeelingtealovers.com/wp-content/uploads/2014/06/shipping-dispatch.jpg
204.11.58.156200 OK 5.9 kB URL HTTP/2 www.darjeelingtealovers.com/wp-content/uploads/2014/06/shipping-dispatch.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 340x47, components 3\012- data
Hash 6046c73d870f26cbfcaa20a584c163dc
e169211b59f392a36f5070e02dfe0ab615979fe3
aa35dafea5b2246bd8ff50dc274a199aa020121bd6dacf89a49ad1a901bca0ec
GET /wp-content/uploads/2014/06/shipping-dispatch.jpg HTTP/1.1
Host: www.darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Jun 2014 00:00:00 GMT
accept-ranges: bytes
content-length: 5867
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.darjeelingtealovers.com/wp-content/uploads/2014/06/pay_pal.png
204.11.58.156200 OK 21 kB URL HTTP/2 www.darjeelingtealovers.com/wp-content/uploads/2014/06/pay_pal.png
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 205 x 58, 8-bit/color RGB, non-interlaced\012- data
Hash 6e49a5f2eccfd1555148622f8ca1395c
9782511642293198e9df114f323463dc4dcdacdf
870bf3c491d49141708d3c272427da297338bb775ae819dd0093d12b765ac54f
GET /wp-content/uploads/2014/06/pay_pal.png HTTP/1.1
Host: www.darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Jun 2014 00:00:00 GMT
accept-ranges: bytes
content-length: 21173
content-type: image/png
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.darjeelingtealovers.com/wp-content/uploads/2014/09/logo11.png
204.11.58.156200 OK 23 kB URL HTTP/2 www.darjeelingtealovers.com/wp-content/uploads/2014/09/logo11.png
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 268 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e599f47dda4b4264584981f82a4f636
119ca02d9d7ab9d57d3fd4d9f5daccabd8a571b0
9d19813c485e56140fde4f5ae8ff81d62ff30e9e68b3381ed501fa42a5e9f861
GET /wp-content/uploads/2014/09/logo11.png HTTP/1.1
Host: www.darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 09 Sep 2014 00:00:00 GMT
accept-ranges: bytes
content-length: 22600
content-type: image/png
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
shield.sitelock.com/shield/darjeelingtealovers.com
45.60.14.54200 OK 35 B URL HTTP/1.1 shield.sitelock.com/shield/darjeelingtealovers.com
IP 45.60.14.54:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 04d590ce36fcc6369f590ccfb7409e57
a3a71e8194f5541400b26be34f791d106f33256e
b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28
GET /shield/darjeelingtealovers.com HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 200 OK
Etag: "4435dfb4"
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 35
Cache-Control: max-age=5400, public
Expires: Mon, 05 Dec 2022 23:48:48 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Set-Cookie: visid_incap_275317=5Tsk2BpkSsq8mc7RBP4jbEhujmMAAAAAQUIPAAAAAAAEfEuxTfzbyWi87D9uaFJN; expires=Mon, 04 Dec 2023 22:33:40 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_721_275317=Pooua+eoj3OHYsfy84EBCkhujmMAAAAAq2OL51NerUf4mBVV+BvGaw==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 14-91391930-0 0CNN RT(1670278728861 4) q(0 -1 -1 -1) r(0 -1)
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3634
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 22:18:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3634
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 22:18:49 GMT
Connection: keep-alive
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css
204.11.58.156200 OK 100 kB URL HTTP/2 darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 100 kB (100434 bytes)
Hash 243899349b8300c956c69f9480c755b9
ccf7b8a0ae1c65ded4a17c25b808346b01ab5bfa
edce3ab6a1fc047e164d3a7111b5fe5d3abeafe807d54ec71f0c25a2221108c8
GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 03 Dec 2022 20:28:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6nXJg548cHz0REe43NepPeMmnFBAiWO_Fwy2PCKbco4XhNZnBs0Jhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
age: 1917
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i6QasBBRK9APW19sH0DdOipvUJA3gWj0CAMTzt7ejRCOk_V2psz-Xw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:47 GMT
age: 1982
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: d80a0dd7-01ec-4801-a5b5-6a1b01eb1944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csTMSHsyoAMF6BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6581-177e519d6dbd1875555b0961;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:41:21 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KmaWXiNE4GPEU9-X5rhVcEsUak4C9m-mjdTCdFUFCPFj8f2uGwCvcQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
age: 1917
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-4ba93cf0.min.css
204.11.58.156200 OK 106 kB URL HTTP/2 darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-4ba93cf0.min.css
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 106 kB (105830 bytes)
Hash 8b0fb3e8c072c27a6f387eb5f9ae48c6
f725bec7c181d170c177915b0e0e073742edd375
838dd85d722ff9077bf871bf3ebe742c4242baf5b05b3d4315669c5090881798
GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-4ba93cf0.min.css HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 03 Dec 2022 20:28:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18bbcbf84b00d3bc602830478ff1bd7f
1f25392db4cf3693259202b24e898f21093b8bf9
cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
age: 1917
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4.jpg
204.11.58.156200 OK 190 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:04:20, GPS-Data], baseline, precision 8, 800x531, components 3\012- data
Size 190 kB (190348 bytes)
Hash bebc068c3efbdd50f6f7701b6c18f850
7a650770c9052771a5938ccef62d2098eee67457
3b53412b3b28caa9e6f0f4c4f6b6bdd03406e2eaa8ee7b630182859efeb9a987
GET /wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 20:22:59 GMT
accept-ranges: bytes
content-length: 190348
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2020/02/JUNGPANA-CLONAL-DELIGHT-2.jpg
204.11.58.156200 OK 219 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2020/02/JUNGPANA-CLONAL-DELIGHT-2.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:12 15:58:03, GPS-Data], baseline, precision 8, 800x531, components 3\012- data
Size 219 kB (218832 bytes)
Hash 41c13bc1d131d80fd53ff7618c2dc2f3
7200463cdad69ae162f8602533cf23bcb3f36494
f4f2db4354c5231edc3b5a95362928d63a5f2d2ac5e5544a40704fa767a7b059
GET /wp-content/uploads/2020/02/JUNGPANA-CLONAL-DELIGHT-2.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 21:00:58 GMT
accept-ranges: bytes
content-length: 218832
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2018/05/new-arrivals.jpg
204.11.58.156200 OK 33 kB URL HTTP/1.1 darjeelingtealovers.com/wp-content/uploads/2018/05/new-arrivals.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 715x440, components 3\012- data
Hash a72a0862ff2184ec00ed557b9173062e
886a3a9b06d65fa333470183eecdf355b7b296d4
73b289e3e51260213c45a3520fb1da5862b079a300a265194c7ac5e706f2ba4a
GET /wp-content/uploads/2018/05/new-arrivals.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: Apache
Last-Modified: Tue, 22 May 2018 07:03:34 GMT
Accept-Ranges: bytes
Content-Length: 32846
Content-Type: image/jpeg
darjeelingtealovers.com/wp-content/uploads/2018/05/first-flush.jpg
204.11.58.156200 OK 22 kB URL HTTP/1.1 darjeelingtealovers.com/wp-content/uploads/2018/05/first-flush.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 715x440, components 3\012- data
Hash c4aa9b65316a5a4c0fdf63283a9c9b6a
a9ee516e962a04ad57647981b02c3a776c7334b1
058aa509c2750b3527b93aa31b2430a96d6bca9fd5a09864e4139bbd16c33fcd
GET /wp-content/uploads/2018/05/first-flush.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 22 May 2018 07:03:30 GMT
Accept-Ranges: bytes
Content-Length: 22155
Content-Type: image/jpeg
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.227200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 19:00:04 GMT
Expires: Tue, 05 Dec 2023 19:00:04 GMT
Cache-Control: public, max-age=31536000
Age: 11925
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:43:28 GMT
Expires: Wed, 29 Nov 2023 17:43:28 GMT
Cache-Control: public, max-age=31536000
Age: 534921
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
darjeelingtealovers.com/wp-content/uploads/2018/05/second-flush.jpg
204.11.58.156200 OK 32 kB URL HTTP/1.1 darjeelingtealovers.com/wp-content/uploads/2018/05/second-flush.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 715x440, components 3\012- data
Hash 7024595fe960c10ddb39c5badfdcfdda
0bf9fbd5f750bcab0acc7b9c2a33057c94ea9588
430370bfb96e136883ee8c30d4de00cf6fc061b99d8f5f82f05a30fb70156c28
GET /wp-content/uploads/2018/05/second-flush.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 22 May 2018 07:03:39 GMT
Accept-Ranges: bytes
Content-Length: 32372
Content-Type: image/jpeg
darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.woff
204.11.58.156200 OK 90 kB URL HTTP/2 darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.woff
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 90076, version 0.0\012- data
Hash 6f6e658862e83f9649855747d38e8556
1744d5a2cfb2b74c7448d9c118117c240ccbac83
bf9851feb57fce1ab0f0e20d16b53cf1b4d621125c16a5357e32b4e24421aa63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/goodstore/css/fonts/jaw-icon.woff HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: https://darjeelingtealovers.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2017 04:58:02 GMT
accept-ranges: bytes
content-length: 90076
content-type: font/woff
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4-150x150.jpg
204.11.58.156200 OK 54 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4-150x150.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:04:20, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Hash 6b5833ad9d6b38e0f19b0fa0d2fcdbb4
967a42340e9566dd8730a34f777b6b5e414b021b
89267fcc7ce0eb56851df58aee78b07b81cdd2c5f0668506af4354e1e5076b49
GET /wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 20:23:01 GMT
accept-ranges: bytes
content-length: 53831
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2017/07/MARGARETS-HOPE-TIPPY-CLONAL-1-150x150.jpg
204.11.58.156200 OK 54 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2017/07/MARGARETS-HOPE-TIPPY-CLONAL-1-150x150.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:22:17, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Hash 5e7281420622d658689d07ccc0e8aa66
3976a01e442335bb1052429f5fb8a42876ec4b80
94724c75852400adaa3e841abfaa9ecc63e1ed13b231cb146da82df204743828
GET /wp-content/uploads/2017/07/MARGARETS-HOPE-TIPPY-CLONAL-1-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Jul 2019 23:28:27 GMT
accept-ranges: bytes
content-length: 54203
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2021/05/SINGBULI-CHINA-FLOWERY-6-274x293.jpg
204.11.58.156200 OK 65 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2021/05/SINGBULI-CHINA-FLOWERY-6-274x293.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:15 19:17:33, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Hash eea72fb0b569eedf0aafd42fbd81d0a6
4ea0b8c2bb7c9ba8ee998dbc8f14c18a2b1a0d57
8344d93b2a8236ce8be1905e01675d815ada07258efed8670eb6a75fadb40476
GET /wp-content/uploads/2021/05/SINGBULI-CHINA-FLOWERY-6-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 May 2021 13:32:02 GMT
accept-ranges: bytes
content-length: 65371
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2022/03/RINGTONG-SPRING-WONDER-2-274x293.jpg
204.11.58.156200 OK 64 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2022/03/RINGTONG-SPRING-WONDER-2-274x293.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:14 18:09:27, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Hash 782e4626af87635a4185a0d5dfa80c57
88fcfb552dd843a9faa3cf5d2131ac09b9c24f3e
1094faf6e34169fa9c9fb986d9aef256218dac4f0d32ad8fd54879c779499c4e
GET /wp-content/uploads/2022/03/RINGTONG-SPRING-WONDER-2-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 15:48:27 GMT
accept-ranges: bytes
content-length: 63894
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-SUMMER-EUPHORIA-2-150x150.jpg
204.11.58.156200 OK 50 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-SUMMER-EUPHORIA-2-150x150.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2018:07:11 18:38:30, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Hash 4505bac89639ba098cf49bb0cd84978a
72fe8a2a25b438c9126c6d18177660f6b786b68a
52586d121e0702a147423a8cd6554d0bd132384c183f025b64cae7cdf56b3d6a
GET /wp-content/uploads/2020/02/AVONGROVE-SUMMER-EUPHORIA-2-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 20:50:22 GMT
accept-ranges: bytes
content-length: 49823
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2018/05/AVONGROVE-SPRING-EUPHORIA-GOLD-2-150x150.jpg
204.11.58.156200 OK 54 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2018/05/AVONGROVE-SPRING-EUPHORIA-GOLD-2-150x150.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:03:46, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Hash b4c38015b6fd7b9bd139b68b66b04294
00fa87bb2fdc18a06e730a63f8a85d24f08b38c0
5937d53b70b671cd58b782d82a420f82e9e383ca689bcc110e01d6e81c8001a5
GET /wp-content/uploads/2018/05/AVONGROVE-SPRING-EUPHORIA-GOLD-2-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 06 May 2018 13:46:45 GMT
accept-ranges: bytes
content-length: 54020
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2017/07/AVONGROVE-SUMMER-EUPHORIA-4-150x150.jpg
204.11.58.156200 OK 54 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2017/07/AVONGROVE-SUMMER-EUPHORIA-4-150x150.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:12 16:00:14, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Hash a103d6bb85e106cfd43029f04ca05f57
baa368d7bcdae7e431dd420a23301eecaa4a708a
915e13f7e43a8bccb0b7bc8e36c4a782de783e5f846867a4d88fa30e5559df51
GET /wp-content/uploads/2017/07/AVONGROVE-SUMMER-EUPHORIA-4-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Jul 2019 12:40:32 GMT
accept-ranges: bytes
content-length: 53556
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-2-274x293.jpg
204.11.58.156200 OK 63 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-2-274x293.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:16 14:28:51, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Hash bff6d574d01eb5c44452b49afe6c319d
10fc5ff33084d960bfd9e3aca8ef5d1453063459
88d0dda4eeebbecaa82e86d62895fa573d591e6176e1745e24678cad5dc3487c
GET /wp-content/uploads/2021/05/JUNGPANA-WONDER-2-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 May 2021 13:39:39 GMT
accept-ranges: bytes
content-length: 63211
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-1-274x293.jpg
204.11.58.156200 OK 66 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-1-274x293.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:16 14:17:42, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Hash e81ee1a674cf67db5474937f24759b15
14e594fba7873a5344ce31a4ae82829f14927f10
d21da3c5d4a10ccb764c449b928eb72ca024bc8c7a0f9ad19c476e6ab5cd79c4
GET /wp-content/uploads/2021/05/JUNGPANA-WONDER-1-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 May 2021 13:40:11 GMT
accept-ranges: bytes
content-length: 66373
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2018/05/ARYA-DIAMOND-4-150x150.jpg
204.11.58.156200 OK 55 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2018/05/ARYA-DIAMOND-4-150x150.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 15:37:34, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Hash b9310beb92abef1af3e54415848e2254
801a3c0675ff2b34030b66874fea88e42f5e72b8
3cc3ad83c5b0efb74f12e96a332d518660d786bd0c996a65280753cf9a942ff5
GET /wp-content/uploads/2018/05/ARYA-DIAMOND-4-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 06 May 2018 12:03:42 GMT
accept-ranges: bytes
content-length: 54789
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.ttf
204.11.58.156200 OK 90 kB URL HTTP/2 darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.ttf
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, jaw-iconVersion 0.0jaw-icona-cnjaw-iconRegularjaw-iconFont generated by IcoMoon.\012- data
Hash 5888f23919cba1ac01cb1a16c0ab7c5e
0cefe01b24c670ff9c03318efa8b8a858d434eca
2491bcfed03b8a192d5adac6ca20fd1601b48fa72d7f52cf4d38886dab194557
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/goodstore/css/fonts/jaw-icon.ttf HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: https://darjeelingtealovers.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
content-type: font/ttf
content-length: 90000
last-modified: Fri, 27 Jan 2017 04:58:02 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
204.11.58.156200 OK 2.5 kB URL HTTP/2 darjeelingtealovers.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 May 2021 07:16:29 GMT
accept-ranges: bytes
content-length: 2545
content-type: image/gif
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
204.11.58.156301 Moved Permanently 0 B URL HTTP/1.1 darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 22:18:50 GMT
Server: Apache
X-Pingback: http://darjeelingtealovers.com/xmlrpc.php
WPO-Cache-Status: not cached
WPO-Cache-Message: The request method was not GET (POST), In the settings, caching is disabled for matches for one of the current request's GET parameters
X-Redirect-By: WordPress
Location: https://darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
Content-Length: 0
Content-Type: text/html; charset=UTF-8
v2.zopim.com/?1RgRO337491JaKEHK33JYNRuAbGhtwej
104.16.107.139302 Moved Temporarily 0 B URL HTTP/1.1 v2.zopim.com/?1RgRO337491JaKEHK33JYNRuAbGhtwej
IP 104.16.107.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?1RgRO337491JaKEHK33JYNRuAbGhtwej HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 302 Moved Temporarily
Date: Mon, 05 Dec 2022 22:18:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://static.zdassets.com/ekr/asset_composer.js
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775028f2792ab4eb-OSL
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Mon, 05 Dec 2022 20:23:05 GMT
Expires: Mon, 05 Dec 2022 22:23:05 GMT
Cache-Control: public, max-age=7200
Age: 6945
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bcccacf81bec5c6902d9811e8c7431ea
f8c64d3bfcdb92bdccd27c414adc77be8eb7f6dd
95223026adab95805aa1d52ff3d5ad3ab4b4a10084333f6d0d85b59c5eca34d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5926
Cache-Control: max-age=102081
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:50 GMT
Etag: "638d42e5-117"
Expires: Wed, 07 Dec 2022 02:40:11 GMT
Last-Modified: Mon, 05 Dec 2022 01:01:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=818374794&t=pageview&_s=1&dl=http%3A%2F%2Fdarjeelingtealovers.com%2F&ul=en-us&de=UTF-8&dt=Buy%20Darjeeling%20Tea%20Online&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=928673508&gjid=1348894344&cid=1254349837.1670278728&tid=UA-35147810-1&_gid=1642641354.1670278728&_r=1&_slc=1&z=1866843113
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=818374794&t=pageview&_s=1&dl=http%3A%2F%2Fdarjeelingtealovers.com%2F&ul=en-us&de=UTF-8&dt=Buy%20Darjeeling%20Tea%20Online&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=928673508&gjid=1348894344&cid=1254349837.1670278728&tid=UA-35147810-1&_gid=1642641354.1670278728&_r=1&_slc=1&z=1866843113
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=818374794&t=pageview&_s=1&dl=http%3A%2F%2Fdarjeelingtealovers.com%2F&ul=en-us&de=UTF-8&dt=Buy%20Darjeeling%20Tea%20Online&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=928673508&gjid=1348894344&cid=1254349837.1670278728&tid=UA-35147810-1&_gid=1642641354.1670278728&_r=1&_slc=1&z=1866843113 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://darjeelingtealovers.com
date: Mon, 05 Dec 2022 22:18:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
204.11.58.156200 OK 0 B URL HTTP/2 darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: http://darjeelingtealovers.com/
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-pingback: https://darjeelingtealovers.com/xmlrpc.php
wpo-cache-status: not cached
wpo-cache-message: The request method was not GET (OPTIONS), In the settings, caching is disabled for matches for one of the current request's GET parameters
access-control-allow-origin: http://darjeelingtealovers.com
access-control-allow-credentials: true
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/favicon.ico
204.11.58.156301 Moved Permanently 0 B URL HTTP/1.1 darjeelingtealovers.com/favicon.ico
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Cache-Control: no-cache
X-Redirect-By: WordPress
Location: https://darjeelingtealovers.com/favicon.ico
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35147810-1&cid=1254349837.1670278728&jid=928673508&gjid=1348894344&_gid=1642641354.1670278728&_u=IEBAAEAAAAAAACAAI~&z=1129965110
108.177.14.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35147810-1&cid=1254349837.1670278728&jid=928673508&gjid=1348894344&_gid=1642641354.1670278728&_u=IEBAAEAAAAAAACAAI~&z=1129965110
IP 108.177.14.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35147810-1&cid=1254349837.1670278728&jid=928673508&gjid=1348894344&_gid=1642641354.1670278728&_u=IEBAAEAAAAAAACAAI~&z=1129965110 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://darjeelingtealovers.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 22:18:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 785c1a3faaa6f4d03fdb40eb3b801f04
886845660e8020f664593ddc266814c24eeb3b4c
8c8115419e54ad7792c153acd7900c6c07900800281e6a9494c56cd2fc354c43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4296
Cache-Control: max-age=117338
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:51 GMT
Etag: "638d84dd-118"
Expires: Wed, 07 Dec 2022 06:54:29 GMT
Last-Modified: Mon, 05 Dec 2022 05:42:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ekr.zdassets.com/compose/zopim_chat/1RgRO337491JaKEHK33JYNRuAbGhtwej
104.18.70.113200 OK 151 B URL HTTP/2 ekr.zdassets.com/compose/zopim_chat/1RgRO337491JaKEHK33JYNRuAbGhtwej
IP 104.18.70.113:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 17f1dc6ccb8c8452c42bf91bb4753202
180848d187ed6edd6fb0cb66a83e9239aec06492
9ee48acb88956719c69fd390a547649dd173893a7b6a8d244ef7a9c79c8249b6
GET /compose/zopim_chat/1RgRO337491JaKEHK33JYNRuAbGhtwej HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:51 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
etag: W/"5d26a70f78cf90906eb6ff4bed38f1b9"
x-request-id: 775028f3182ab500-SEA, 775028f3182ab500-SEA
x-runtime: 0.002838
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=066dW8ggNLutcBV68msWg3g7LAMnNdpD36guCbdCPzELl97j38Q%2BVmPKhLxFN6u2E4hcjFyeYLpFkNKRRKZk4Nqk0hMylQFR4oXE0fHkbF%2B9LOc4O5PL%2BGymzhOHMYHuKM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775028f3182ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
darjeelingtealovers.com/favicon.ico
204.11.58.156302 Found 0 B URL HTTP/2 darjeelingtealovers.com/favicon.ico
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 22:18:51 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-cache
link: <https://darjeelingtealovers.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://darjeelingtealovers.com/wp-includes/images/w-logo-blue-white-bg.png
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-includes/images/w-logo-blue-white-bg.png
204.11.58.156200 OK 4.1 kB URL HTTP/2 darjeelingtealovers.com/wp-includes/images/w-logo-blue-white-bg.png
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 05:34:00 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Mon, 05 Dec 2022 22:18:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 92b5fce026b4ab5039906bf6befc3567
f69c6238296f221d78c5c41030e308082a8840f8
1bd3c0a58f3d5d7ba82022b0176398df19a0a8e80b950d29f6b5233ea68d8f04
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161083
Date: Mon, 05 Dec 2022 22:18:51 GMT
Etag: "638e2817-1d7"
Expires: Wed, 07 Dec 2022 19:03:34 GMT
Last-Modified: Mon, 05 Dec 2022 17:19:19 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KeDJM33gt06SUg3YHKwiCXjBVwV98xbibMj14oXaVDUdf1wL6MyZzg==
Age: 6255
widget-mediator.zopim.com/s/W/ws/X9HeGBSZNW0LfS6k/c/1670278728746
18.157.122.19101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/X9HeGBSZNW0LfS6k/c/1670278728746
IP 18.157.122.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/X9HeGBSZNW0LfS6k/c/1670278728746 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://darjeelingtealovers.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9jlKEI0pob6eHSuESnar/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 05 Dec 2022 22:18:51 GMT
Connection: upgrade
Set-Cookie: AWSALB=waoK+Hpsh13OiCqSXQnU5AeriXxJsMEI92vtnC+DWmVUP074v929pLnBDpo4eKlEQhlx5YSTFjQ9dOD8luplQy+J7977uzUW+3sXsx4L12XHjejyB7n24fi4cOtN; Expires=Mon, 12 Dec 2022 22:18:51 GMT; Path=/
AWSALBCORS=waoK+Hpsh13OiCqSXQnU5AeriXxJsMEI92vtnC+DWmVUP074v929pLnBDpo4eKlEQhlx5YSTFjQ9dOD8luplQy+J7977uzUW+3sXsx4L12XHjejyB7n24fi4cOtN; Expires=Mon, 12 Dec 2022 22:18:51 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: mDh18PMUXDNOATWuKI4Q4nEvmSs=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
darjeelingtealovers.com/wp-content/uploads/2021/05/GIDDAPAHAR-CHINA-SPECIAL-5-274x293.jpg
204.11.58.156200 OK 64 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2021/05/GIDDAPAHAR-CHINA-SPECIAL-5-274x293.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:19 17:03:42, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Hash 77b6c2eefe4e102dacaf33d38874d467
8ec42510b2bf6f8c4450505e75a7c0384d2e21b2
4769ffbef07c2e2447267f125ba442a8f38ce4e9d082c99f4c4108b2f84731f9
GET /wp-content/uploads/2021/05/GIDDAPAHAR-CHINA-SPECIAL-5-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 May 2021 12:10:48 GMT
accept-ranges: bytes
content-length: 64316
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:55 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2021/05/OKAYTI-EXOTICA-FIRST-FLUSH-6-274x293.jpg
204.11.58.156200 OK 66 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2021/05/OKAYTI-EXOTICA-FIRST-FLUSH-6-274x293.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:15 19:19:21, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Hash 2dccff69b85ecd06d2909df7db086517
40d1c5010d2e08e6413f81dd40a4b59c4fee0edc
3c49a69a32c1eaec37cd74a31f38d950eddd179639d7bbc37f69e70a0da5bb43
GET /wp-content/uploads/2021/05/OKAYTI-EXOTICA-FIRST-FLUSH-6-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 13 May 2021 11:43:00 GMT
accept-ranges: bytes
content-length: 65459
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:55 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/uploads/2021/05/RINTONG-WONDER-6-274x293.jpg
204.11.58.156200 OK 64 kB URL HTTP/2 darjeelingtealovers.com/wp-content/uploads/2021/05/RINTONG-WONDER-6-274x293.jpg
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:16 17:03:17, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Hash 4c7ac416a360bcad5a3c7735e537c264
31f0d4ee5b9b0a3c29f99fe3ca59ec4366be0de5
ef288e12df6d996e8c0caf893ecc0dcd77a2345b02f8cd6669923ab243eb25fe
GET /wp-content/uploads/2021/05/RINTONG-WONDER-6-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 May 2021 16:08:23 GMT
accept-ranges: bytes
content-length: 64050
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:55 GMT
server: Apache
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js
204.11.58.156200 OK 0 B URL HTTP/2 darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 03 Dec 2022 20:28:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
static.zdassets.com/ekr/asset_composer.js
104.18.70.113200 OK 0 B URL HTTP/2 static.zdassets.com/ekr/asset_composer.js
IP 104.18.70.113:0
GET /ekr/asset_composer.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:50 GMT
content-type: application/javascript
x-amz-id-2: dUZfshkH6s6HIQA7+U0tDhX+A5i1VSOF0AP1wrYwttudGl3FDx99SpKMnalxiwyFmxN4PZcqRnA=
x-amz-request-id: Y9E1NT7ZVNF7R3ZX
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: 57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
cf-cache-status: HIT
age: 59
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fNidfQN0eiEifZQU8Z8%2BV1IXYHedJg9j5q5qiTHXhBnlLR%2BdzS93Ar6QQt%2BGdU11PhIw8pImtjkOKeUWzgHr86UGILXXBY%2FQUGKqzr5Ig7NFMHxJdRTVPqrrHTTKMeX1ojd%2Fr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775028f2cdfcb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js
204.11.58.156200 OK 0 B URL HTTP/2 darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js
IP 204.11.58.156:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 04 Dec 2022 07:16:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2
v2.zopim.com/bin/v/widget_v2.334.js
104.16.107.139200 OK 0 B URL HTTP/2 v2.zopim.com/bin/v/widget_v2.334.js
IP 104.16.107.139:0
GET /bin/v/widget_v2.334.js HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:51 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 27 Jul 2022 03:35:19 GMT
vary: Accept-Encoding
etag: W/"62e0b277-10301f"
expires: Thu, 02 Dec 2032 22:18:51 GMT
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: HIT
age: 417467
server: cloudflare
cf-ray: 775028f609dbb503-OSL
X-Firefox-Spdy: h2