Report - darjeelingtealovers.com/

Report Overview

Submitted URL
darjeelingtealovers.com/
IP
204.11.58.156
ASN
#394695 PUBLIC-DOMAIN-REGISTRY
Submitted
2022-12-05 22:18:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.20.60
ekr.zdassets.com	2396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	446 B	1.4 kB	104.18.70.113
v2.zopim.com	9869	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	698 B	806 B	104.16.107.139
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.darjeelingtealovers.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	50 kB	204.11.58.156
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	142.250.74.110
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	620 B	714 B	108.177.14.155
widget-mediator.zopim.com	2693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	600 B	620 B	18.157.122.19
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
shield.sitelock.com	65503	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	620 B	45.60.14.54
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	863 B	42 kB	216.58.207.227
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	216.58.211.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	32 kB	34.120.237.76
static.zdassets.com	2154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	1.0 kB	104.18.70.113
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	3.7 kB	142.250.74.74
darjeelingtealovers.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	1.7 MB	204.11.58.156

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	darjeelingtealovers.com/	Malware
2022-12-05	medium	darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.woff	Malware
2022-12-05	medium	darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.ttf	Malware
2022-12-05	medium	darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments	Malware
2022-12-05	medium	darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments	Malware
2022-12-05	medium	darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js	Malware
2022-12-05	medium	darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	darjeelingtealovers.com/	1.7 kB	2023-03-07	2024-02-28
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:13 Last Seen2024-02-28 21:18:19 Times Seen47 Hash 1c55a9b034f0b0f4055871fa557a3a67 21f77cf32cebf42907558be11031ba6d809bda9a 09d4d58ef483ba5ee56c52bdf568464aeb4e89935ba19dbff1bfd5c119d7c3dc Loading...

	darjeelingtealovers.com/	1.0 kB	2023-03-08	2023-03-08
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:07 Last Seen2023-03-08 19:52:07 Times Seen1 Hash 108f5aee76df9c403498b1c691439d3a 295aaf1659a26a29e9a4809c1cfd04dd774071ee 9c9a23a718656a94a68a85bbd14170aee2ba849967e74b47ab934cd068cb5b22 Loading...

	darjeelingtealovers.com/	1.2 kB	2023-03-08	2024-02-07
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2024-02-07 05:48:28 Times Seen1 Hash b2369bab127681abc26e9273425ca507 36214a98b0945953c4c9418b86b88c0736fe83be 971e7dde9284618dc17dbcd30235fc9633e70fa18a9dd221e95c8e020b3bf03d Loading...

	darjeelingtealovers.com/	92 B	2023-03-07	2024-03-29
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:24 Last Seen2024-03-29 16:52:42 Times Seen112 Hash 6a06bae7bc09dbf70919cf29f903b0f1 5664c204d552da47fd35445d0e59678e59f9a5a5 960b3a3b6e1aa3ca526badb4c58b8022cce663d2e59cfdf6cf5db7415077dc5b Loading...

	darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js	468 kB	2023-03-08	2023-03-08
Pretty URL darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:07 Last Seen2023-03-08 19:52:07 Times Seen1 Hash 1a781e1d48e14e3992648377d1390437 ea1c091ea1e58e4159568fe941b56650dc4380d2 5aaf73e7f0d5d9e3c8514f37c121fc5d3f65f29404c26023ea1a5b0fd820ac76 Loading...

	darjeelingtealovers.com/	209 B	2023-03-08	2024-02-07
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2024-02-07 05:48:28 Times Seen1 Hash 0c9dbb59e3a5cbf22b57307d89bdc7d6 8ebf4bb6f388fb417d9e4bdf499ff731007af184 3fc4576ed8260606bc55451425b47e77c68532cb93a25dfe3cd18e1bd12c68e1 Loading...

	darjeelingtealovers.com/	369 B	2023-03-08	2024-02-07
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2024-02-07 05:48:28 Times Seen1 Hash a0174280482ed406dde2604f8d275ff3 2cc8dfbbac92497b65da3c1fa31d2f1a8b4c881b 097b8460ad38cf1c644edf8ac4bb7928042c6c8751f1d2da8ebfc38d03925042 Loading...

	darjeelingtealovers.com/	20 B	2023-03-08	2024-02-07
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2024-02-07 05:48:29 Times Seen1 Hash f26a7ad33a1c4c758d33dfd7b8b3c9a0 ba75c2b654e8aaca85f049215372003ca7da7969 5915a9dabc3a8da007fcebcfa82eeecbd21803450ca36232ba439fb85f15c145 Loading...

	darjeelingtealovers.com/	2.4 kB	2023-03-08	2024-02-07
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2024-02-07 05:48:29 Times Seen1 Hash d4181ad7fb02bcb6160b703ffc93df9c a89816d0c96c7f61ec8d962ba889d955ce694a27 993f777afd47a45b8f3808a119f382795b4c0ad99812820bb7ee36b966f75154 Loading...

	darjeelingtealovers.com/	139 B	2023-03-07	2024-04-19
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:59 Last Seen2024-04-19 14:54:08 Times Seen22 Hash 2df0d4d95bdc31609b22dccbde18af60 18367f6dc0b52875b9b86430751bc151e9db2215 cbfa2247b76b7f48ed63e4c77463a6b85ae9092f65eb2c417f6c459446cf61bb Loading...

	darjeelingtealovers.com/	187 B	2023-03-08	2024-02-07
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2024-02-07 05:48:29 Times Seen1 Hash fb197870259ac04603bb1bc39f34f74e c93389cae1da048382425462536a50a2eae559b6 ae04183eba83c97221276ede35809fad806cf2088d76f97f9732231d2a155aa3 Loading...

	darjeelingtealovers.com/	322 B	2023-03-07	2023-08-04
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:00:59 Last Seen2023-08-04 03:09:34 Times Seen2 Hash a0ec9a7a899c7bf9bdcd4c523dcd2189 27fbe39491798b5c41b09ac0b2ff21e1037ec830 1164ec8b76b173748aeb3ad6e2af60fbfcbc86ccf50e370ed9469edd61028ba1 Loading...

	darjeelingtealovers.com/	121 B	2023-03-07	2024-04-26
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:01 Last Seen2024-04-26 14:57:39 Times Seen498 Hash 12d5206ce84aaf3f8932743c6060018b 74b0b3d8572408b45e33d3ab7d68486a62ac77fb c961c13ec5b0b257ee7049bdeb1078def025e3ee6c02ca609b6a45e2ca48056f Loading...

	darjeelingtealovers.com/	724 B	2023-03-07	2024-02-28
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:59:34 Last Seen2024-02-28 21:17:37 Times Seen12 Hash 26870ef737fad7ae886637f166cd4d5b d9dbab92c6ba4c0d45d197c03e187a07ff5b09c5 ab10db4fde07dd743db7936be53fd0edd0ee7dbc05dd66cca04f6b3bf3f85df5 Loading...

	v2.zopim.com/?1RgRO337491JaKEHK33JYNRuAbGhtwej	23 kB	2023-03-07	2023-07-05
Pretty URL v2.zopim.com/?1RgRO337491JaKEHK33JYNRuAbGhtwej IP 104.16.107.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2023-07-05 14:48:33 Times Seen125 Hash 5cae6ce528dce0c327b2bcbaad459fdb 802aa044d8f09eb89502b5343a1623a5ab0c6c32 c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2 Loading...

	v2.zopim.com/w?1RgRO337491JaKEHK33JYNRuAbGhtwej	1.1 MB	2023-03-07	2024-02-29
Pretty URL v2.zopim.com/w?1RgRO337491JaKEHK33JYNRuAbGhtwej IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2024-02-29 03:21:25 Times Seen751 Hash 5315ea727533e9a8cbcbf29b31d247e2 1fd3537e55e0d52a864a19065b3ff8e17f3ed0ce efbbdddc886eef4839a3e886def0e10a7000736c0be166bfcfabcbf3e6c96859 Loading...

	darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js	547 kB	2023-03-08	2023-12-02
Pretty URL darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2023-12-02 03:12:15 Times Seen5 Hash 7c991d2e9de1e329f7da54774190d700 36bfad271ad14b1ac54e42e3f764a8d26afb6438 097cda29e83d8d5e68b6519fad7190ab0b9045bec782f8130c2ded92664f408a Loading...

	darjeelingtealovers.com/	89 B	2023-03-08	2023-03-08
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:07 Last Seen2023-03-08 19:52:07 Times Seen1 Hash 6a21300b0499cdc94770f3e714c370f9 d3e69929b36556b4390feeb86cbc319faabeda2e a014659461fd34b39e572743db18aade5e7a1aa4c54b0ffbbc4d33921638a319 Loading...

	darjeelingtealovers.com/	363 B	2023-03-08	2024-02-07
Pretty URL darjeelingtealovers.com/ IP 204.11.58.156 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:06 Last Seen2024-02-07 05:48:29 Times Seen1 Hash cf7e903746f25a0cf2cefb346102c1f0 a1965317a4ee4c55daee7db594bc8bd3de21a119 65eb018a8b5c9636190cce1674c913e55a3f42479e17e7af9a207e255bb39b9b Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-27 02:03:36 Times Seen1536 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (75)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3826
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 22:18:47 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1609
Cache-Control: max-age=131961
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:47 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:58:08 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7354
Expires: Tue, 06 Dec 2022 00:21:21 GMT
Date: Mon, 05 Dec 2022 22:18:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 21:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3507
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Gf6HaM715qA9UHR3SDiYCRqe210EKRdv6MqB3oWqN+N8/B3TKgB7PRXJQayQnmlJq257iis18R0=
x-amz-request-id: MMA9B2N0EZ8XXGVE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 21:46:50 GMT
age: 1917
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:18:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 589
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1591
Cache-Control: max-age=126875
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:48 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:33:23 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

fonts.googleapis.com/css?family=Lato

142.250.74.74

200 OK

327 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Lato
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
327 B (327 bytes)
Hash
40e7a3163187a0d443589571b573647e
787c6f7a243202e0abab2670c0c87002d68eab62
5a1544436dcb3d3942a4a21a71d738ae75516c037f4e21b579713796ee5ea447

HTTP Headers

GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 22:18:48 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

fonts.googleapis.com/css?family=Open+Sans

142.250.74.74

200 OK

601 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Open+Sans
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
601 B (601 bytes)
Hash
75d181fc850170da6e8f60df6cfc3f07
8c36b95d4b2746668a67479d14c983993d415038
9f8f28568038df45d52650d52e7316819f7f787c480f016af0333127eb11b67e

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 22:18:48 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

darjeelingtealovers.com/

204.11.58.156

200 OK

16 kB

URL HTTP/1.1
darjeelingtealovers.com/
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16752)
Size
16 kB (16251 bytes)
Hash
4b73f61d2af0d65d423c47061c71e668
7880f880d17dea4b1471cf4e67f37fae0573c044
bed5114afa5333681101144c568b39ea942ebee2797b513e50fc6298cffa1542

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:46 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
Content-Encoding: gzip
WPO-Cache-Status: cached
Last-Modified: Mon, 05 Dec 2022 13:12:52 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Transfer-Encoding: chunked

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto:400

142.250.74.74

200 OK

983 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
983 B (983 bytes)
Hash
5f62e40e655aaf22009cd275ba9e9636
c5f599953b7b6d8e1a270454a056366ca30d3b9a
b28517025ff609421480589d13166633850de3f3b128057f87a93fc4912c812e

HTTP Headers

GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 22:18:48 GMT
date: Mon, 05 Dec 2022 22:18:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.20.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 865MK9DjXMKa529TGG+xQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gNlgEnCMY7wndKJbMq7SWZy4Ih4=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad493eb174ea0450e01ace0ccec568c
b478a7dc0ae09630f04f336bbfa5fe87d542c46e
4fee5bac00c3d43f7945d01c24952e1eb36ac00ccaddd0acbc34cd77f8049c80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FEE5BAC00C3D43F7945D01C24952E1EB36AC00CCADDD0ACBC34CD77F8049C80"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 04:18:46 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad493eb174ea0450e01ace0ccec568c
b478a7dc0ae09630f04f336bbfa5fe87d542c46e
4fee5bac00c3d43f7945d01c24952e1eb36ac00ccaddd0acbc34cd77f8049c80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FEE5BAC00C3D43F7945D01C24952E1EB36AC00CCADDD0ACBC34CD77F8049C80"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 04:18:46 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad493eb174ea0450e01ace0ccec568c
b478a7dc0ae09630f04f336bbfa5fe87d542c46e
4fee5bac00c3d43f7945d01c24952e1eb36ac00ccaddd0acbc34cd77f8049c80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FEE5BAC00C3D43F7945D01C24952E1EB36AC00CCADDD0ACBC34CD77F8049C80"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 04:18:46 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Connection: keep-alive

darjeelingtealovers.com/wp-content/uploads/2017/12/ssl.png

204.11.58.156

200 OK

21 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2017/12/ssl.png
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 235 x 105, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21297 bytes)
Hash
d27f408c8008a3fd819cc07088558ad3
5124c884ff88b21bb74d3dacac54a0b11db10a83
5eb7fbcb4898d74db8b1554bd5390957d771fc802b9b99710cb66f23e178bc89

HTTP Headers

GET /wp-content/uploads/2017/12/ssl.png HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Dec 2017 14:09:51 GMT
accept-ranges: bytes
content-length: 21297
content-type: image/png
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.darjeelingtealovers.com/wp-content/uploads/2014/06/shipping-dispatch.jpg

204.11.58.156

200 OK

5.9 kB

URL HTTP/2
www.darjeelingtealovers.com/wp-content/uploads/2014/06/shipping-dispatch.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 340x47, components 3\012- data
Size
5.9 kB (5867 bytes)
Hash
6046c73d870f26cbfcaa20a584c163dc
e169211b59f392a36f5070e02dfe0ab615979fe3
aa35dafea5b2246bd8ff50dc274a199aa020121bd6dacf89a49ad1a901bca0ec

HTTP Headers

GET /wp-content/uploads/2014/06/shipping-dispatch.jpg HTTP/1.1
Host: www.darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Jun 2014 00:00:00 GMT
accept-ranges: bytes
content-length: 5867
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.darjeelingtealovers.com/wp-content/uploads/2014/06/pay_pal.png

204.11.58.156

200 OK

21 kB

URL HTTP/2
www.darjeelingtealovers.com/wp-content/uploads/2014/06/pay_pal.png
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 205 x 58, 8-bit/color RGB, non-interlaced\012- data
Size
21 kB (21173 bytes)
Hash
6e49a5f2eccfd1555148622f8ca1395c
9782511642293198e9df114f323463dc4dcdacdf
870bf3c491d49141708d3c272427da297338bb775ae819dd0093d12b765ac54f

HTTP Headers

GET /wp-content/uploads/2014/06/pay_pal.png HTTP/1.1
Host: www.darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Jun 2014 00:00:00 GMT
accept-ranges: bytes
content-length: 21173
content-type: image/png
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.darjeelingtealovers.com/wp-content/uploads/2014/09/logo11.png

204.11.58.156

200 OK

23 kB

URL HTTP/2
www.darjeelingtealovers.com/wp-content/uploads/2014/09/logo11.png
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 268 x 85, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (22600 bytes)
Hash
3e599f47dda4b4264584981f82a4f636
119ca02d9d7ab9d57d3fd4d9f5daccabd8a571b0
9d19813c485e56140fde4f5ae8ff81d62ff30e9e68b3381ed501fa42a5e9f861

HTTP Headers

GET /wp-content/uploads/2014/09/logo11.png HTTP/1.1
Host: www.darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Sep 2014 00:00:00 GMT
accept-ranges: bytes
content-length: 22600
content-type: image/png
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

shield.sitelock.com/shield/darjeelingtealovers.com

45.60.14.54

200 OK

35 B

URL HTTP/1.1
shield.sitelock.com/shield/darjeelingtealovers.com
IP
45.60.14.54:0
ASN
#19551 INCAPSULA

File type
GIF image data, version 87a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
04d590ce36fcc6369f590ccfb7409e57
a3a71e8194f5541400b26be34f791d106f33256e
b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28

HTTP Headers

GET /shield/darjeelingtealovers.com HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 200 OK
Etag: "4435dfb4"
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 35
Cache-Control: max-age=5400, public
Expires: Mon, 05 Dec 2022 23:48:48 GMT
Date: Mon, 05 Dec 2022 22:18:48 GMT
Set-Cookie: visid_incap_275317=5Tsk2BpkSsq8mc7RBP4jbEhujmMAAAAAQUIPAAAAAAAEfEuxTfzbyWi87D9uaFJN; expires=Mon, 04 Dec 2023 22:33:40 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_721_275317=Pooua+eoj3OHYsfy84EBCkhujmMAAAAAq2OL51NerUf4mBVV+BvGaw==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 14-91391930-0 0CNN RT(1670278728861 4) q(0 -1 -1 -1) r(0 -1)

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3634
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 22:18:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3634
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 22:18:49 GMT
Connection: keep-alive

darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css

204.11.58.156

200 OK

100 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
data
Size
100 kB (100434 bytes)
Hash
243899349b8300c956c69f9480c755b9
ccf7b8a0ae1c65ded4a17c25b808346b01ab5bfa
edce3ab6a1fc047e164d3a7111b5fe5d3abeafe807d54ec71f0c25a2221108c8

HTTP Headers

GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sat, 03 Dec 2022 20:28:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8997 bytes)
Hash
9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6nXJg548cHz0REe43NepPeMmnFBAiWO_Fwy2PCKbco4XhNZnBs0Jhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
age: 1917
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i6QasBBRK9APW19sH0DdOipvUJA3gWj0CAMTzt7ejRCOk_V2psz-Xw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:47 GMT
age: 1982
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4905 bytes)
Hash
17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: d80a0dd7-01ec-4801-a5b5-6a1b01eb1944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csTMSHsyoAMF6BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6581-177e519d6dbd1875555b0961;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:41:21 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KmaWXiNE4GPEU9-X5rhVcEsUak4C9m-mjdTCdFUFCPFj8f2uGwCvcQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
age: 1917
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-4ba93cf0.min.css

204.11.58.156

200 OK

106 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-4ba93cf0.min.css
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
data
Size
106 kB (105830 bytes)
Hash
8b0fb3e8c072c27a6f387eb5f9ae48c6
f725bec7c181d170c177915b0e0e073742edd375
838dd85d722ff9077bf871bf3ebe742c4242baf5b05b3d4315669c5090881798

HTTP Headers

GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-4ba93cf0.min.css HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sat, 03 Dec 2022 20:28:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5790 bytes)
Hash
18bbcbf84b00d3bc602830478ff1bd7f
1f25392db4cf3693259202b24e898f21093b8bf9
cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
age: 1917
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4.jpg

204.11.58.156

200 OK

190 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:04:20, GPS-Data], baseline, precision 8, 800x531, components 3\012- data
Size
190 kB (190348 bytes)
Hash
bebc068c3efbdd50f6f7701b6c18f850
7a650770c9052771a5938ccef62d2098eee67457
3b53412b3b28caa9e6f0f4c4f6b6bdd03406e2eaa8ee7b630182859efeb9a987

HTTP Headers

GET /wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 20:22:59 GMT
accept-ranges: bytes
content-length: 190348
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2020/02/JUNGPANA-CLONAL-DELIGHT-2.jpg

204.11.58.156

200 OK

219 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2020/02/JUNGPANA-CLONAL-DELIGHT-2.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:12 15:58:03, GPS-Data], baseline, precision 8, 800x531, components 3\012- data
Size
219 kB (218832 bytes)
Hash
41c13bc1d131d80fd53ff7618c2dc2f3
7200463cdad69ae162f8602533cf23bcb3f36494
f4f2db4354c5231edc3b5a95362928d63a5f2d2ac5e5544a40704fa767a7b059

HTTP Headers

GET /wp-content/uploads/2020/02/JUNGPANA-CLONAL-DELIGHT-2.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 21:00:58 GMT
accept-ranges: bytes
content-length: 218832
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2018/05/new-arrivals.jpg

204.11.58.156

200 OK

33 kB

URL HTTP/1.1
darjeelingtealovers.com/wp-content/uploads/2018/05/new-arrivals.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 715x440, components 3\012- data
Size
33 kB (32846 bytes)
Hash
a72a0862ff2184ec00ed557b9173062e
886a3a9b06d65fa333470183eecdf355b7b296d4
73b289e3e51260213c45a3520fb1da5862b079a300a265194c7ac5e706f2ba4a

HTTP Headers

GET /wp-content/uploads/2018/05/new-arrivals.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: Apache
Last-Modified: Tue, 22 May 2018 07:03:34 GMT
Accept-Ranges: bytes
Content-Length: 32846
Content-Type: image/jpeg

darjeelingtealovers.com/wp-content/uploads/2018/05/first-flush.jpg

204.11.58.156

200 OK

22 kB

URL HTTP/1.1
darjeelingtealovers.com/wp-content/uploads/2018/05/first-flush.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 715x440, components 3\012- data
Size
22 kB (22155 bytes)
Hash
c4aa9b65316a5a4c0fdf63283a9c9b6a
a9ee516e962a04ad57647981b02c3a776c7334b1
058aa509c2750b3527b93aa31b2430a96d6bca9fd5a09864e4139bbd16c33fcd

HTTP Headers

GET /wp-content/uploads/2018/05/first-flush.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 22 May 2018 07:03:30 GMT
Accept-Ranges: bytes
Content-Length: 22155
Content-Type: image/jpeg

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

200 OK

17 kB

URL HTTP/1.1
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 19:00:04 GMT
Expires: Tue, 05 Dec 2023 19:00:04 GMT
Cache-Control: public, max-age=31536000
Age: 11925
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL HTTP/1.1
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:43:28 GMT
Expires: Wed, 29 Nov 2023 17:43:28 GMT
Cache-Control: public, max-age=31536000
Age: 534921
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2

darjeelingtealovers.com/wp-content/uploads/2018/05/second-flush.jpg

204.11.58.156

200 OK

32 kB

URL HTTP/1.1
darjeelingtealovers.com/wp-content/uploads/2018/05/second-flush.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 715x440, components 3\012- data
Size
32 kB (32372 bytes)
Hash
7024595fe960c10ddb39c5badfdcfdda
0bf9fbd5f750bcab0acc7b9c2a33057c94ea9588
430370bfb96e136883ee8c30d4de00cf6fc061b99d8f5f82f05a30fb70156c28

HTTP Headers

GET /wp-content/uploads/2018/05/second-flush.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 22 May 2018 07:03:39 GMT
Accept-Ranges: bytes
Content-Length: 32372
Content-Type: image/jpeg

darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.woff

204.11.58.156

200 OK

90 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.woff
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, TrueType, length 90076, version 0.0\012- data
Size
90 kB (90076 bytes)
Hash
6f6e658862e83f9649855747d38e8556
1744d5a2cfb2b74c7448d9c118117c240ccbac83
bf9851feb57fce1ab0f0e20d16b53cf1b4d621125c16a5357e32b4e24421aa63

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/goodstore/css/fonts/jaw-icon.woff HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: https://darjeelingtealovers.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2017 04:58:02 GMT
accept-ranges: bytes
content-length: 90076
content-type: font/woff
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4-150x150.jpg

204.11.58.156

200 OK

54 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4-150x150.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:04:20, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Size
54 kB (53831 bytes)
Hash
6b5833ad9d6b38e0f19b0fa0d2fcdbb4
967a42340e9566dd8730a34f777b6b5e414b021b
89267fcc7ce0eb56851df58aee78b07b81cdd2c5f0668506af4354e1e5076b49

HTTP Headers

GET /wp-content/uploads/2020/02/AVONGROVE-EUPHORIA-4-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 20:23:01 GMT
accept-ranges: bytes
content-length: 53831
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2017/07/MARGARETS-HOPE-TIPPY-CLONAL-1-150x150.jpg

204.11.58.156

200 OK

54 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2017/07/MARGARETS-HOPE-TIPPY-CLONAL-1-150x150.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:22:17, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Size
54 kB (54203 bytes)
Hash
5e7281420622d658689d07ccc0e8aa66
3976a01e442335bb1052429f5fb8a42876ec4b80
94724c75852400adaa3e841abfaa9ecc63e1ed13b231cb146da82df204743828

HTTP Headers

GET /wp-content/uploads/2017/07/MARGARETS-HOPE-TIPPY-CLONAL-1-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 16 Jul 2019 23:28:27 GMT
accept-ranges: bytes
content-length: 54203
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2021/05/SINGBULI-CHINA-FLOWERY-6-274x293.jpg

204.11.58.156

200 OK

65 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2021/05/SINGBULI-CHINA-FLOWERY-6-274x293.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:15 19:17:33, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Size
65 kB (65371 bytes)
Hash
eea72fb0b569eedf0aafd42fbd81d0a6
4ea0b8c2bb7c9ba8ee998dbc8f14c18a2b1a0d57
8344d93b2a8236ce8be1905e01675d815ada07258efed8670eb6a75fadb40476

HTTP Headers

GET /wp-content/uploads/2021/05/SINGBULI-CHINA-FLOWERY-6-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 May 2021 13:32:02 GMT
accept-ranges: bytes
content-length: 65371
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2022/03/RINGTONG-SPRING-WONDER-2-274x293.jpg

204.11.58.156

200 OK

64 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2022/03/RINGTONG-SPRING-WONDER-2-274x293.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:14 18:09:27, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Size
64 kB (63894 bytes)
Hash
782e4626af87635a4185a0d5dfa80c57
88fcfb552dd843a9faa3cf5d2131ac09b9c24f3e
1094faf6e34169fa9c9fb986d9aef256218dac4f0d32ad8fd54879c779499c4e

HTTP Headers

GET /wp-content/uploads/2022/03/RINGTONG-SPRING-WONDER-2-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 15:48:27 GMT
accept-ranges: bytes
content-length: 63894
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-SUMMER-EUPHORIA-2-150x150.jpg

204.11.58.156

200 OK

50 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2020/02/AVONGROVE-SUMMER-EUPHORIA-2-150x150.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2018:07:11 18:38:30, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Size
50 kB (49823 bytes)
Hash
4505bac89639ba098cf49bb0cd84978a
72fe8a2a25b438c9126c6d18177660f6b786b68a
52586d121e0702a147423a8cd6554d0bd132384c183f025b64cae7cdf56b3d6a

HTTP Headers

GET /wp-content/uploads/2020/02/AVONGROVE-SUMMER-EUPHORIA-2-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 02 Feb 2020 20:50:22 GMT
accept-ranges: bytes
content-length: 49823
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2018/05/AVONGROVE-SPRING-EUPHORIA-GOLD-2-150x150.jpg

204.11.58.156

200 OK

54 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2018/05/AVONGROVE-SPRING-EUPHORIA-GOLD-2-150x150.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 17:03:46, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Size
54 kB (54020 bytes)
Hash
b4c38015b6fd7b9bd139b68b66b04294
00fa87bb2fdc18a06e730a63f8a85d24f08b38c0
5937d53b70b671cd58b782d82a420f82e9e383ca689bcc110e01d6e81c8001a5

HTTP Headers

GET /wp-content/uploads/2018/05/AVONGROVE-SPRING-EUPHORIA-GOLD-2-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 06 May 2018 13:46:45 GMT
accept-ranges: bytes
content-length: 54020
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2017/07/AVONGROVE-SUMMER-EUPHORIA-4-150x150.jpg

204.11.58.156

200 OK

54 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2017/07/AVONGROVE-SUMMER-EUPHORIA-4-150x150.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:12 16:00:14, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Size
54 kB (53556 bytes)
Hash
a103d6bb85e106cfd43029f04ca05f57
baa368d7bcdae7e431dd420a23301eecaa4a708a
915e13f7e43a8bccb0b7bc8e36c4a782de783e5f846867a4d88fa30e5559df51

HTTP Headers

GET /wp-content/uploads/2017/07/AVONGROVE-SUMMER-EUPHORIA-4-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 16 Jul 2019 12:40:32 GMT
accept-ranges: bytes
content-length: 53556
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-2-274x293.jpg

204.11.58.156

200 OK

63 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-2-274x293.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:16 14:28:51, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Size
63 kB (63211 bytes)
Hash
bff6d574d01eb5c44452b49afe6c319d
10fc5ff33084d960bfd9e3aca8ef5d1453063459
88d0dda4eeebbecaa82e86d62895fa573d591e6176e1745e24678cad5dc3487c

HTTP Headers

GET /wp-content/uploads/2021/05/JUNGPANA-WONDER-2-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 May 2021 13:39:39 GMT
accept-ranges: bytes
content-length: 63211
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-1-274x293.jpg

204.11.58.156

200 OK

66 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2021/05/JUNGPANA-WONDER-1-274x293.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:16 14:17:42, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Size
66 kB (66373 bytes)
Hash
e81ee1a674cf67db5474937f24759b15
14e594fba7873a5344ce31a4ae82829f14927f10
d21da3c5d4a10ccb764c449b928eb72ca024bc8c7a0f9ad19c476e6ab5cd79c4

HTTP Headers

GET /wp-content/uploads/2021/05/JUNGPANA-WONDER-1-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 May 2021 13:40:11 GMT
accept-ranges: bytes
content-length: 66373
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:49 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2018/05/ARYA-DIAMOND-4-150x150.jpg

204.11.58.156

200 OK

55 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2018/05/ARYA-DIAMOND-4-150x150.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2017:07:05 15:37:34, GPS-Data], baseline, precision 8, 150x150, components 3\012- data
Size
55 kB (54789 bytes)
Hash
b9310beb92abef1af3e54415848e2254
801a3c0675ff2b34030b66874fea88e42f5e72b8
3cc3ad83c5b0efb74f12e96a332d518660d786bd0c996a65280753cf9a942ff5

HTTP Headers

GET /wp-content/uploads/2018/05/ARYA-DIAMOND-4-150x150.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 06 May 2018 12:03:42 GMT
accept-ranges: bytes
content-length: 54789
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.ttf

204.11.58.156

200 OK

90 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/themes/goodstore/css/fonts/jaw-icon.ttf
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, jaw-iconVersion 0.0jaw-icona-cnjaw-iconRegularjaw-iconFont generated by IcoMoon.\012- data
Size
90 kB (90000 bytes)
Hash
5888f23919cba1ac01cb1a16c0ab7c5e
0cefe01b24c670ff9c03318efa8b8a858d434eca
2491bcfed03b8a192d5adac6ca20fd1601b48fa72d7f52cf4d38886dab194557

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/goodstore/css/fonts/jaw-icon.ttf HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: https://darjeelingtealovers.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
content-type: font/ttf
content-length: 90000
last-modified: Fri, 27 Jan 2017 04:58:02 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/plugins/revslider/public/assets/assets/loader.gif

204.11.58.156

200 OK

2.5 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
GIF image data, version 89a, 24 x 24\012- data
Size
2.5 kB (2545 bytes)
Hash
4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-6d4c6e3c.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 May 2021 07:16:29 GMT
accept-ranges: bytes
content-length: 2545
content-type: image/gif
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments

204.11.58.156

301 Moved Permanently

0 B

URL HTTP/1.1
darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 22:18:50 GMT
Server: Apache
X-Pingback: http://darjeelingtealovers.com/xmlrpc.php
WPO-Cache-Status: not cached
WPO-Cache-Message: The request method was not GET (POST), In the settings, caching is disabled for matches for one of the current request's GET parameters
X-Redirect-By: WordPress
Location: https://darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
Content-Length: 0
Content-Type: text/html; charset=UTF-8

v2.zopim.com/?1RgRO337491JaKEHK33JYNRuAbGhtwej

104.16.107.139

302 Moved Temporarily

0 B

URL HTTP/1.1
v2.zopim.com/?1RgRO337491JaKEHK33JYNRuAbGhtwej
IP
104.16.107.139:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?1RgRO337491JaKEHK33JYNRuAbGhtwej HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 302 Moved Temporarily
Date: Mon, 05 Dec 2022 22:18:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://static.zdassets.com/ekr/asset_composer.js
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775028f2792ab4eb-OSL

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/1.1
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Mon, 05 Dec 2022 20:23:05 GMT
Expires: Mon, 05 Dec 2022 22:23:05 GMT
Cache-Control: public, max-age=7200
Age: 6945
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bcccacf81bec5c6902d9811e8c7431ea
f8c64d3bfcdb92bdccd27c414adc77be8eb7f6dd
95223026adab95805aa1d52ff3d5ad3ab4b4a10084333f6d0d85b59c5eca34d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5926
Cache-Control: max-age=102081
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:50 GMT
Etag: "638d42e5-117"
Expires: Wed, 07 Dec 2022 02:40:11 GMT
Last-Modified: Mon, 05 Dec 2022 01:01:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&a=818374794&t=pageview&_s=1&dl=http%3A%2F%2Fdarjeelingtealovers.com%2F&ul=en-us&de=UTF-8&dt=Buy%20Darjeeling%20Tea%20Online&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=928673508&gjid=1348894344&cid=1254349837.1670278728&tid=UA-35147810-1&_gid=1642641354.1670278728&_r=1&_slc=1&z=1866843113

142.250.74.110

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=818374794&t=pageview&_s=1&dl=http%3A%2F%2Fdarjeelingtealovers.com%2F&ul=en-us&de=UTF-8&dt=Buy%20Darjeeling%20Tea%20Online&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=928673508&gjid=1348894344&cid=1254349837.1670278728&tid=UA-35147810-1&_gid=1642641354.1670278728&_r=1&_slc=1&z=1866843113
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=818374794&t=pageview&_s=1&dl=http%3A%2F%2Fdarjeelingtealovers.com%2F&ul=en-us&de=UTF-8&dt=Buy%20Darjeeling%20Tea%20Online&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=928673508&gjid=1348894344&cid=1254349837.1670278728&tid=UA-35147810-1&_gid=1642641354.1670278728&_r=1&_slc=1&z=1866843113 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://darjeelingtealovers.com
date: Mon, 05 Dec 2022 22:18:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments

204.11.58.156

200 OK

0 B

URL HTTP/2
darjeelingtealovers.com/?wc-ajax=get_refreshed_fragments
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

OPTIONS /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: http://darjeelingtealovers.com/
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-pingback: https://darjeelingtealovers.com/xmlrpc.php
wpo-cache-status: not cached
wpo-cache-message: The request method was not GET (OPTIONS), In the settings, caching is disabled for matches for one of the current request's GET parameters
access-control-allow-origin: http://darjeelingtealovers.com
access-control-allow-credentials: true
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 22:18:50 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/favicon.ico

204.11.58.156

301 Moved Permanently

0 B

URL HTTP/1.1
darjeelingtealovers.com/favicon.ico
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://darjeelingtealovers.com/

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 22:18:49 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Cache-Control: no-cache
X-Redirect-By: WordPress
Location: https://darjeelingtealovers.com/favicon.ico
X-Server-Cache: true
X-Proxy-Cache: EXPIRED

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35147810-1&cid=1254349837.1670278728&jid=928673508&gjid=1348894344&_gid=1642641354.1670278728&_u=IEBAAEAAAAAAACAAI~&z=1129965110

108.177.14.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35147810-1&cid=1254349837.1670278728&jid=928673508&gjid=1348894344&_gid=1642641354.1670278728&_u=IEBAAEAAAAAAACAAI~&z=1129965110
IP
108.177.14.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35147810-1&cid=1254349837.1670278728&jid=928673508&gjid=1348894344&_gid=1642641354.1670278728&_u=IEBAAEAAAAAAACAAI~&z=1129965110 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://darjeelingtealovers.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 22:18:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
785c1a3faaa6f4d03fdb40eb3b801f04
886845660e8020f664593ddc266814c24eeb3b4c
8c8115419e54ad7792c153acd7900c6c07900800281e6a9494c56cd2fc354c43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4296
Cache-Control: max-age=117338
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:18:51 GMT
Etag: "638d84dd-118"
Expires: Wed, 07 Dec 2022 06:54:29 GMT
Last-Modified: Mon, 05 Dec 2022 05:42:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

ekr.zdassets.com/compose/zopim_chat/1RgRO337491JaKEHK33JYNRuAbGhtwej

104.18.70.113

200 OK

151 B

URL HTTP/2
ekr.zdassets.com/compose/zopim_chat/1RgRO337491JaKEHK33JYNRuAbGhtwej
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
151 B (151 bytes)
Hash
17f1dc6ccb8c8452c42bf91bb4753202
180848d187ed6edd6fb0cb66a83e9239aec06492
9ee48acb88956719c69fd390a547649dd173893a7b6a8d244ef7a9c79c8249b6

HTTP Headers

GET /compose/zopim_chat/1RgRO337491JaKEHK33JYNRuAbGhtwej HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://darjeelingtealovers.com
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:51 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: 
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
etag: W/"5d26a70f78cf90906eb6ff4bed38f1b9"
x-request-id: 775028f3182ab500-SEA, 775028f3182ab500-SEA
x-runtime: 0.002838
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=066dW8ggNLutcBV68msWg3g7LAMnNdpD36guCbdCPzELl97j38Q%2BVmPKhLxFN6u2E4hcjFyeYLpFkNKRRKZk4Nqk0hMylQFR4oXE0fHkbF%2B9LOc4O5PL%2BGymzhOHMYHuKM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775028f3182ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2

darjeelingtealovers.com/favicon.ico

204.11.58.156

302 Found

0 B

URL HTTP/2
darjeelingtealovers.com/favicon.ico
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Mon, 05 Dec 2022 22:18:51 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-cache
link: <https://darjeelingtealovers.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://darjeelingtealovers.com/wp-includes/images/w-logo-blue-white-bg.png
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-includes/images/w-logo-blue-white-bg.png

204.11.58.156

200 OK

4.1 kB

URL HTTP/2
darjeelingtealovers.com/wp-includes/images/w-logo-blue-white-bg.png
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 05:34:00 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Mon, 05 Dec 2022 22:18:51 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
92b5fce026b4ab5039906bf6befc3567
f69c6238296f221d78c5c41030e308082a8840f8
1bd3c0a58f3d5d7ba82022b0176398df19a0a8e80b950d29f6b5233ea68d8f04

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161083
Date: Mon, 05 Dec 2022 22:18:51 GMT
Etag: "638e2817-1d7"
Expires: Wed, 07 Dec 2022 19:03:34 GMT
Last-Modified: Mon, 05 Dec 2022 17:19:19 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KeDJM33gt06SUg3YHKwiCXjBVwV98xbibMj14oXaVDUdf1wL6MyZzg==
Age: 6255

widget-mediator.zopim.com/s/W/ws/X9HeGBSZNW0LfS6k/c/1670278728746

18.157.122.19

101 Switching Protocols

0 B

URL HTTP/1.1
widget-mediator.zopim.com/s/W/ws/X9HeGBSZNW0LfS6k/c/1670278728746
IP
18.157.122.19:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/W/ws/X9HeGBSZNW0LfS6k/c/1670278728746 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://darjeelingtealovers.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9jlKEI0pob6eHSuESnar/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 05 Dec 2022 22:18:51 GMT
Connection: upgrade
Set-Cookie: AWSALB=waoK+Hpsh13OiCqSXQnU5AeriXxJsMEI92vtnC+DWmVUP074v929pLnBDpo4eKlEQhlx5YSTFjQ9dOD8luplQy+J7977uzUW+3sXsx4L12XHjejyB7n24fi4cOtN; Expires=Mon, 12 Dec 2022 22:18:51 GMT; Path=/
AWSALBCORS=waoK+Hpsh13OiCqSXQnU5AeriXxJsMEI92vtnC+DWmVUP074v929pLnBDpo4eKlEQhlx5YSTFjQ9dOD8luplQy+J7977uzUW+3sXsx4L12XHjejyB7n24fi4cOtN; Expires=Mon, 12 Dec 2022 22:18:51 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: mDh18PMUXDNOATWuKI4Q4nEvmSs=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets

darjeelingtealovers.com/wp-content/uploads/2021/05/GIDDAPAHAR-CHINA-SPECIAL-5-274x293.jpg

204.11.58.156

200 OK

64 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2021/05/GIDDAPAHAR-CHINA-SPECIAL-5-274x293.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:19 17:03:42, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Size
64 kB (64316 bytes)
Hash
77b6c2eefe4e102dacaf33d38874d467
8ec42510b2bf6f8c4450505e75a7c0384d2e21b2
4769ffbef07c2e2447267f125ba442a8f38ce4e9d082c99f4c4108b2f84731f9

HTTP Headers

GET /wp-content/uploads/2021/05/GIDDAPAHAR-CHINA-SPECIAL-5-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 May 2021 12:10:48 GMT
accept-ranges: bytes
content-length: 64316
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:55 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2021/05/OKAYTI-EXOTICA-FIRST-FLUSH-6-274x293.jpg

204.11.58.156

200 OK

66 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2021/05/OKAYTI-EXOTICA-FIRST-FLUSH-6-274x293.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:15 19:19:21, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Size
66 kB (65459 bytes)
Hash
2dccff69b85ecd06d2909df7db086517
40d1c5010d2e08e6413f81dd40a4b59c4fee0edc
3c49a69a32c1eaec37cd74a31f38d950eddd179639d7bbc37f69e70a0da5bb43

HTTP Headers

GET /wp-content/uploads/2021/05/OKAYTI-EXOTICA-FIRST-FLUSH-6-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 13 May 2021 11:43:00 GMT
accept-ranges: bytes
content-length: 65459
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:55 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/uploads/2021/05/RINTONG-WONDER-6-274x293.jpg

204.11.58.156

200 OK

64 kB

URL HTTP/2
darjeelingtealovers.com/wp-content/uploads/2021/05/RINTONG-WONDER-6-274x293.jpg
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=176, yresolution=184, resolutionunit=2, software=Ver.1.04 , datetime=2021:04:16 17:03:17, GPS-Data], progressive, precision 8, 274x293, components 3\012- data
Size
64 kB (64050 bytes)
Hash
4c7ac416a360bcad5a3c7735e537c264
31f0d4ee5b9b0a3c29f99fe3ca59ec4366be0de5
ef288e12df6d996e8c0caf893ecc0dcd77a2345b02f8cd6669923ab243eb25fe

HTTP Headers

GET /wp-content/uploads/2021/05/RINTONG-WONDER-6-274x293.jpg HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 10 May 2021 16:08:23 GMT
accept-ranges: bytes
content-length: 64050
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:18:55 GMT
server: Apache
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js

204.11.58.156

200 OK

0 B

URL HTTP/2
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-header-a93012a0.min.js HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sat, 03 Dec 2022 20:28:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

static.zdassets.com/ekr/asset_composer.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/ekr/asset_composer.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ekr/asset_composer.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:50 GMT
content-type: application/javascript
x-amz-id-2: dUZfshkH6s6HIQA7+U0tDhX+A5i1VSOF0AP1wrYwttudGl3FDx99SpKMnalxiwyFmxN4PZcqRnA=
x-amz-request-id: Y9E1NT7ZVNF7R3ZX
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: 57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
cf-cache-status: HIT
age: 59
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fNidfQN0eiEifZQU8Z8%2BV1IXYHedJg9j5q5qiTHXhBnlLR%2BdzS93Ar6QQt%2BGdU11PhIw8pImtjkOKeUWzgHr86UGILXXBY%2FQUGKqzr5Ig7NFMHxJdRTVPqrrHTTKMeX1ojd%2Fr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775028f2cdfcb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2

darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js

204.11.58.156

200 OK

0 B

URL HTTP/2
darjeelingtealovers.com/wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js
IP
204.11.58.156:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/wpo-minify/1670099293/assets/wpo-minify-footer-dbee550c.min.js HTTP/1.1
Host: darjeelingtealovers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://darjeelingtealovers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sun, 04 Dec 2022 07:16:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:18:48 GMT
server: Apache
X-Firefox-Spdy: h2

v2.zopim.com/bin/v/widget_v2.334.js

104.16.107.139

200 OK

0 B

URL HTTP/2
v2.zopim.com/bin/v/widget_v2.334.js
IP
104.16.107.139:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bin/v/widget_v2.334.js HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://darjeelingtealovers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:18:51 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 27 Jul 2022 03:35:19 GMT
vary: Accept-Encoding
etag: W/"62e0b277-10301f"
expires: Thu, 02 Dec 2032 22:18:51 GMT
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: HIT
age: 417467
server: cloudflare
cf-ray: 775028f609dbb503-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations