Report - shop.gtdm1314.com/wp-includes/image/index.html

Report Overview

Submitted URL
shop.gtdm1314.com/wp-includes/image/index.html
IP
103.123.243.9
ASN
#0
Submitted
2022-11-30 08:55:06
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.150.237
ocsp.dcocsp.cn	33518	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	1.1 kB	47.246.44.227
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	88 kB	142.250.74.40
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.comodoca.com	1696	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	1.0 kB	104.18.32.68
www.micstatic.com	120170	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	89 kB	104.18.21.229
fa.micstatic.com	153248	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.5 kB	1.6 kB	104.18.24.206
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.3 kB	74.125.131.156
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	8.6 kB	93.184.220.29
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	21 kB	142.250.74.110
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	696 B	757 B	216.58.207.228
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
shop.gtdm1314.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	403 kB	103.123.243.9
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	58 kB	34.120.237.76
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	14 kB	204.79.197.200
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	694 B	142.250.74.67
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	737 B	564 B	216.239.34.36
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	623 B	349 B	31.13.72.36
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	917 B	104.18.10.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	shop.gtdm1314.com/wp-includes/image/index.html	Phishing
2022-11-30	medium	shop.gtdm1314.com/wp-includes/image/js/jquery-3.3.1.js	Phishing
2022-11-30	medium	shop.gtdm1314.com/wp-includes/image/js/jquery.min.js	Phishing
2022-11-30	medium	shop.gtdm1314.com/wp-includes/image/js/jquery-3.1.1.min.js	Phishing
2022-11-30	medium	shop.gtdm1314.com/wp-includes/image/js/jquery-3.2.1.slim.min.js	Phishing
2022-11-30	medium	shop.gtdm1314.com/wp-includes/image/js/popper.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	shop.gtdm1314.com/wp-includes/image/js/jquery.min.js	86 kB	2023-03-07	2024-04-19
Pretty URL shop.gtdm1314.com/wp-includes/image/js/jquery.min.js IP 103.123.243.9 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-19 21:11:29 Times Seen878 Hash bceabde9d4ba653fd1f4bb171bff0c01 c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f 7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5 Loading...

	shop.gtdm1314.com/wp-includes/image/index.html	627 B	2023-03-07	2024-04-18
Pretty URL shop.gtdm1314.com/wp-includes/image/index.html IP 103.123.243.9 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:53 Times Seen501 Hash f8ecd4d7fd8da5baf55337d6790e0fac d6e502a27fe637b7f06df2d4ca39670e0a5c4bc0 5ab917714cb496bdba1ad47213a9aabd9147bba19c7eff0ddf7e46b4aa1ec1e7 Loading...

	www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144	12 kB	2023-03-07	2024-04-18
Pretty URL www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:52 Times Seen339 Hash 95467c965832dc00267d2a325d82c001 29bf7b62fa29d3ecbde481d61b756367dddfec5d a1c95b6fb809e633322e011fe013c565faeb61264527ce028d53387fba3b4924 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-20
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-20 06:50:14 Times Seen241280 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	shop.gtdm1314.com/wp-includes/image/index.html	3.9 kB	2023-03-07	2023-04-05
Pretty URL shop.gtdm1314.com/wp-includes/image/index.html IP 103.123.243.9 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-04-05 02:01:11 Times Seen23 Hash f34e88cd7daba7171812c4fd33b47e94 3eed4cdbf99a78d068e0096e515210508fc1079a c28bb3aa503150dce87c87496492a4840a03730909bff6195d20daa57fce4ad3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144	278 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:55:41 Last Seen2023-03-11 22:55:41 Times Seen1 Hash 40439cd4a6c92702dfb507eefe1ed317 f1f6c6d986c6ae2862504af0a4a98c53d0ca2385 aad472b1e61a6ab3ae7af4061af6bc1633dca7b4899608b6d0835efa644aacfb Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1669798498470&cv=11&fst=1669798498470&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=816475205.1669798498&rfmt=3&fmt=4	2.0 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1669798498470&cv=11&fst=1669798498470&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=816475205.1669798498&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:55:41 Last Seen2023-03-11 22:55:41 Times Seen1 Hash b25bfdc89a940ba3c4cefa938b287b99 629b66a3a9948c076cab06c696bbfcb85e13ab44 b20a8e39edf8817c821608116fa8c51de14ac9f0f12641e4b680637b42240f01 Loading...

	shop.gtdm1314.com/wp-includes/image/js/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-04-18
Pretty URL shop.gtdm1314.com/wp-includes/image/js/jquery-3.1.1.min.js IP 103.123.243.9 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:53 Times Seen420 Hash c0824025d4496be6a20e1ee0e465b15e 543cc3ba239e701d1e7aa91dee559c67e25763ef e65e86fddc1b72935d9b37afd5e5589ca9ee4eecf1878acb3ab8a6074ffdf64d Loading...

	shop.gtdm1314.com/wp-includes/image/index.html	4.2 kB	2023-03-07	2024-04-18
Pretty URL shop.gtdm1314.com/wp-includes/image/index.html IP 103.123.243.9 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:52 Times Seen210 Hash 249cd4ac7d9f2218d937a6df51656f1c 10cca701fe98e14448b3fb0bfe1bd56b7c7860d4 4967494754818ef2e325bd555b126362ae96d6ee5f46fb502ce2f3c41aa1fcce Loading...

	pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144	38 kB	2023-03-09	2023-03-13
Pretty URL pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:33:51 Last Seen2023-03-13 18:54:06 Times Seen1 Hash b831237fffa5ea8137b63bcf29bbb567 dda3021bbcf58b3c7fe009155f017e5ee2b44236 5a19aa650fcd2a79f503b6dd8dec11a6fa4bd70d94822bc0d0b8bc02253b78ff Loading...

	www.made-in-china.com/faw-store.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.made-in-china.com/faw-store.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-04-05 02:01:11 Times Seen31 Hash b9499081fdda5abcccaf45ded37dea11 0e4a72d1fa8e1f868df6c11cd68ab904d59653dd 2c52a305241ca743835be48315d9913e2d3857e826a9c5a8a74bec0157907e21 Loading...

	www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144	85 kB	2023-03-07	2024-04-18
Pretty URL www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:53 Times Seen155 Hash c727cdcf1f851383293dfa1bff462722 ada0c63651e642891f4fd5905eefcf28d3ad4baf 40707e9d2cf9581ad9fcc531e1626245a63ae9d25e8e9df268b9bc2106683653 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-11	2023-03-11
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:44:33 Last Seen2023-03-11 23:41:50 Times Seen1 Hash 99f174703ca98046fd8767b9fd86e5d0 3b4a7147bc44ea65bcc4e3526e83ad631e1505cf 392425902d88b7a53df4f8d49d741e698c42f0f612f64732658f60b5b1d08227 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-20
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-20 06:50:14 Times Seen135885 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	shop.gtdm1314.com/wp-includes/image/index.html	423 B	2023-03-07	2024-04-18
Pretty URL shop.gtdm1314.com/wp-includes/image/index.html IP 103.123.243.9 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:52 Times Seen209 Hash 8a09c565a275efe2ce5842ab478db31e 99b6847a2eb4bbda95e8e012628c0d7c0f616124 906d76ac0dcec17f85e4b663f14d199e7ddd704bbf3c30cd01b7e766db0ef2e7 Loading...

	www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c	237 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:55:41 Last Seen2023-03-11 22:55:41 Times Seen1 Hash 80c181ea87eaa17b3cde360c0b9551e2 ac678bace420c9de4baf2033c94766a3aed1458d 8909fe29b899c6b08a41782738632e8be68b97d35c83f38d9b67890acc48c171 Loading...

	www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144	43 kB	2023-03-07	2023-08-21
Pretty URL www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-08-21 13:26:16 Times Seen97 Hash 822ea3240b208f1f999f7b310a5822a5 45770ed738c820889f01b765d69ddb7fa11e0150 2d5936bdf065891a6b78defc315eaefd9c44360668642651b69341b23d13433f Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 06:50:33 Times Seen36969979 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8c6111627570105b72c66ae4a136ad6c	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 8c6111627570105b72c66ae4a136ad6c 6b7122f256493ff4b4288c01b1766b772797be96 e1ecbf397014aadd393ea098a3d9c9e4f2e75fc8d2466ee3823302b0855e3afd Loading...

	#2 Eval - 5f06f61cf6ac55db29f1bfd302257331	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 5f06f61cf6ac55db29f1bfd302257331 78de01e817370cb8310801e2f66be0d33099f82c 7d700ca9f03f467b4a3f58a598871f71c4bc8ae368b6a986e41b3e6584670165 Loading...

	#3 Eval - 4d12a11d93617efa27441f47869d156d	401 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:53 Times Seen618 Hash 4d12a11d93617efa27441f47869d156d 70dd822485874fe16f334468bfffe5dad153abbd 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d Loading...

	#4 Eval - 8e535fdc93d8214dc44f3555fb9b7430	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 8e535fdc93d8214dc44f3555fb9b7430 656c3b48682e3158985a8c4101ebe29158ec0e79 deaf1dce980857d82e49407063fc48aad4b2fb87e45f46b4c81aaf02fff1075a Loading...

HTTP Transactions (69)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15426
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 08:54:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2331
Expires: Wed, 30 Nov 2022 09:33:45 GMT
Date: Wed, 30 Nov 2022 08:54:54 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3176
Cache-Control: max-age=95353
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:54 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:24:07 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jJs8YwsR744O1h4iScOfxgVeZXKb4Te/jT5HcLMP3ZbTrxg1Hr/2xreBD9NGUw/QzYwJscD8Ofo=
x-amz-request-id: 1WY2Y0XSECWXGCJ2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 08:45:48 GMT
age: 546
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 08:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2113
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:54:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 08:08:56 GMT
cache-control: public,max-age=3600
age: 2759
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.comodoca.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
141eadeea9027e0a6e5cd001818857af
057f7acf91a3bba46cb00e401beaa8c67f6889df
cfbdb3bb9adfe4fd234dff2fe5fbfbb35574d20b09e9386cd4f42ce26f18ef2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:54:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 06:26:12 GMT
Expires: Tue, 06 Dec 2022 06:26:11 GMT
Etag: "057f7acf91a3bba46cb00e401beaa8c67f6889df"
Cache-Control: max-age=508875,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77225c738d5fb4fa-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3183
Cache-Control: max-age=90296
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:55 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:59:51 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3176
Cache-Control: max-age=169166
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:55 GMT
Etag: "6386ffc5-117"
Expires: Fri, 02 Dec 2022 07:54:21 GMT
Last-Modified: Wed, 30 Nov 2022 07:01:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3176
Cache-Control: max-age=169166
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:55 GMT
Etag: "6386ffc5-117"
Expires: Fri, 02 Dec 2022 07:54:21 GMT
Last-Modified: Wed, 30 Nov 2022 07:01:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

shop.gtdm1314.com/wp-includes/image/index.html

103.123.243.9

200 OK

17 kB

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/index.html
IP
103.123.243.9:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (4278), with CRLF line terminators
Size
17 kB (16700 bytes)
Hash
a4f3538839e24a7a74d57d00a0a242ed
1ef91f20bffd6c74e39bf8a4cdd720dbe4ee5345
9760fbd1a4f972e58e8c5316a194afdc02c6b17e64866fb49d6668c6e514ed63

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/image/index.html HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
last-modified: Sun, 27 Nov 2022 22:44:52 GMT
accept-ranges: bytes
content-length: 16700
content-type: text/html
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tqRUmHtYxXcod+KTPSsLJw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ncPyh51MYsbW9YDo30ItR6Em6cg=

shop.gtdm1314.com/wp-includes/image/js/jquery-3.3.1.js

103.123.243.9

200 OK

20 kB

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/js/jquery-3.3.1.js
IP
103.123.243.9:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF line terminators
Size
20 kB (19465 bytes)
Hash
85d9b333f9418bd5d777f774ea8d206c
376a8114a806b7ed616ca90ea3c5de4653503514
997e73c2dfeb1c0f820cd0e8356914ae831b4a2e57938e64c2a2987d2bf3a78f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/image/js/jquery-3.3.1.js HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 27 Nov 2022 22:44:52 GMT
accept-ranges: bytes
content-length: 19465
content-type: application/javascript
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

shop.gtdm1314.com/wp-includes/image/js/jquery.min.js

103.123.243.9

200 OK

86 kB

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/js/jquery.min.js
IP
103.123.243.9:0
ASN
#0

File type
ASCII text, with very long lines (32065), with CRLF line terminators
Size
86 kB (85584 bytes)
Hash
bceabde9d4ba653fd1f4bb171bff0c01
c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f
7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/image/js/jquery.min.js HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 27 Nov 2022 22:44:52 GMT
accept-ranges: bytes
content-length: 85584
content-type: application/javascript
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

shop.gtdm1314.com/wp-includes/image/js/jquery-3.1.1.min.js

103.123.243.9

200 OK

87 kB

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/js/jquery-3.1.1.min.js
IP
103.123.243.9:0
ASN
#0

File type
ASCII text, with very long lines (32030), with CRLF line terminators
Size
87 kB (86715 bytes)
Hash
c0824025d4496be6a20e1ee0e465b15e
543cc3ba239e701d1e7aa91dee559c67e25763ef
e65e86fddc1b72935d9b37afd5e5589ca9ee4eecf1878acb3ab8a6074ffdf64d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/image/js/jquery-3.1.1.min.js HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 27 Nov 2022 22:44:52 GMT
accept-ranges: bytes
content-length: 86715
content-type: application/javascript
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

shop.gtdm1314.com/wp-includes/image/css/logon_40922b23.css

103.123.243.9

200 OK

129 kB

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/css/logon_40922b23.css
IP
103.123.243.9:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
129 kB (128804 bytes)
Hash
171ff0ae1eed11075ec5e4b7c92a453b
bd84838d8e1d21897e097a12ce894ff3ce168a79
fc866e700468e2bd3c224d7020dff638261bae728e95b1fc6baf9ebaff904087

HTTP Headers

GET /wp-includes/image/css/logon_40922b23.css HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 27 Nov 2022 22:44:52 GMT
accept-ranges: bytes
content-length: 128804
content-type: text/css
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

shop.gtdm1314.com/wp-includes/image/images/sign-default-buyer.jpg

103.123.243.9

200 OK

59 kB

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/images/sign-default-buyer.jpg
IP
103.123.243.9:0
ASN
#0

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Size
59 kB (59332 bytes)
Hash
aad747a416ac43e97070741668013b7d
545d66347ffafc166225f72072fb915ae52b970e
844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3

HTTP Headers

GET /wp-includes/image/images/sign-default-buyer.jpg HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 27 Nov 2022 22:44:52 GMT
accept-ranges: bytes
content-length: 59332
content-type: image/jpeg
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f176381f9b0cdaa296a0e9ecd94d3e5
08bb3e77bc86bd1fa927beb1a6798c60bc55f76d
80dc9d8b8fc81e9c5bfd02eb43f46413d33ac50d7b0b64fe68407f8b6b6467d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2159
Cache-Control: max-age=151211
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:56 GMT
Etag: "6386bd9c-1d7"
Expires: Fri, 02 Dec 2022 02:55:07 GMT
Last-Modified: Wed, 30 Nov 2022 02:19:08 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2

104.18.21.229

200 OK

4.6 kB

URL HTTP/2
www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 257 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4621 bytes)
Hash
b173e18fb61eb3d489bfad3b2ea570fe
71703d796c502703619ec696e447c937f700b605
488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d

HTTP Headers

GET /common/img/logo-2019/logo_d0822075.png?v=2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:54:56 GMT
content-type: image/png
content-length: 4621
last-modified: Wed, 16 Jun 2021 11:14:07 GMT
etag: "60c9dcff-120d"
expires: Sat, 27 Nov 2032 08:54:56 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 165150
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77225c7b9ff3b4fa-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f176381f9b0cdaa296a0e9ecd94d3e5
08bb3e77bc86bd1fa927beb1a6798c60bc55f76d
80dc9d8b8fc81e9c5bfd02eb43f46413d33ac50d7b0b64fe68407f8b6b6467d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2159
Cache-Control: max-age=151211
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:56 GMT
Etag: "6386bd9c-1d7"
Expires: Fri, 02 Dec 2022 02:55:07 GMT
Last-Modified: Wed, 30 Nov 2022 02:19:08 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f176381f9b0cdaa296a0e9ecd94d3e5
08bb3e77bc86bd1fa927beb1a6798c60bc55f76d
80dc9d8b8fc81e9c5bfd02eb43f46413d33ac50d7b0b64fe68407f8b6b6467d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3850
Cache-Control: max-age=152902
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:56 GMT
Etag: "6386bd9c-1d7"
Expires: Fri, 02 Dec 2022 03:23:18 GMT
Last-Modified: Wed, 30 Nov 2022 02:19:08 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103

104.18.21.229

200 OK

26 kB

URL HTTP/2
www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 25720, version 1.0\012- data
Size
26 kB (25720 bytes)
Hash
90c821175fe52b5e89497d4249dce3b6
0bbacc3050dcf88f37fd6042a6719f83ba6ad83a
18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3

HTTP Headers

GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shop.gtdm1314.com
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:54:56 GMT
content-type: font/woff2
content-length: 25720
last-modified: Tue, 07 Jun 2022 11:17:37 GMT
etag: "629f33d1-6478"
expires: Sat, 27 Nov 2032 08:54:56 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77225c7bad21b52d-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2

104.18.21.229

200 OK

20 kB

URL HTTP/2
www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 19832, version 2.8978\012- data
Size
20 kB (19832 bytes)
Hash
ed2022705048507e5995ee72717e7fd4
570864c3bccc3e0e203fdd67be3cf850387faefb
e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a

HTTP Headers

GET /common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shop.gtdm1314.com
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:54:56 GMT
content-type: font/woff2
content-length: 19832
last-modified: Wed, 16 Jun 2021 11:14:08 GMT
etag: "60c9dd00-4d78"
expires: Sat, 27 Nov 2032 08:54:56 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77225c7bad24b52d-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12003
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:54:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12003
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:54:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12003
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 08:54:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 23:32:45 GMT
age: 33731
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7971 bytes)
Hash
9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 38604
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 40210
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10068 bytes)
Hash
f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ec2HkhHmHE2ddGBpLsJ5Rn7SCMjyR5kzaTyrguDoI9xOohgsCi08CQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 40230
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3719 bytes)
Hash
ceb8e975fb408de32c43f55febaa6414
453067f6ab356aa87a3ad3b56e33545376597852
e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KpgPP5VdjjU4rHaunbn3Yf-F5vLzZC7PhWu_QCF4WfuDHTqw3ufoyw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
content-type: image/jpeg
age: 40221
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9051 bytes)
Hash
05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 40209
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

shop.gtdm1314.com/wp-includes/image/images/favicon.ico

103.123.243.9

200 OK

4.3 kB

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/images/favicon.ico
IP
103.123.243.9:0
ASN
#0

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
db52c84bd7417fdc629f75300e5ce80c
ce8036fbd7714ce312034d7702fd2904a39bf6c1
85c7cda25b4a324b82f4e0efd6ae2eee4d606b9552c24a47eab44155f4d620c7

HTTP Headers

GET /wp-includes/image/images/favicon.ico HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 27 Nov 2022 22:44:52 GMT
accept-ranges: bytes
content-length: 4286
content-type: image/x-icon
date: Wed, 30 Nov 2022 08:54:58 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.dcocsp.cn/

47.246.44.227

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
26f6dd8aa8af4c9166d175f3069dfbc7
d4f4df0e77a193d5582bec057a29d45060cc4467
7e82c4088e439e685acc1b75cd5abce592a11d9b58ee6e55b8d24f70f4752bfc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 30 Nov 2022 08:51:49 GMT
Last-Modified: Wed, 30 Nov 2022 00:25:18 GMT
ETag: "6386a2ee-1d7"
Expires: Fri, 02 Dec 2022 00:25:18 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669798309
Via: cache21.l2de2[0,0,304-0,H], cache3.l2de2[0,0], cache2.se1[21,21,200-0,H], cache2.se1[22,0]
Age: 190
X-Cache: HIT TCP_REFRESH_HIT dirn:11:463166511
X-Swift-SaveTime: Wed, 30 Nov 2022 08:54:59 GMT
X-Swift-CacheTime: 3410
Timing-Allow-Origin: *
EagleId: 2ff62c9616697984993068053e

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144

142.250.74.40

200 OK

87 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (36973)
Size
87 kB (87029 bytes)
Hash
85739bc8040fdca0bd0211f69f138f30
373f36a539832143de31873e33a2e99d8044fd8c
214706c8cdd0dd87c44ef76f9825859796402f2e1dcbba2b72406f2af82f5078

HTTP Headers

GET /gtm.js?id=GTM-T39J99&r=1634120031144 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 08:54:59 GMT
expires: Wed, 30 Nov 2022 08:54:59 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 08:39:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5e55ca1666ab6570a35e729ad4b6f0e9
ebc2b6d8c570eaf7f4273e50b25648cdb5534d30
940c54c36ae67c98e94d0893cbfaf6cad49d21448a1e1bc57b68eb279695cb09

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 952
Cache-Control: max-age=158243
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:59 GMT
Etag: "6386ddcf-117"
Expires: Fri, 02 Dec 2022 04:52:22 GMT
Last-Modified: Wed, 30 Nov 2022 04:36:31 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5e55ca1666ab6570a35e729ad4b6f0e9
ebc2b6d8c570eaf7f4273e50b25648cdb5534d30
940c54c36ae67c98e94d0893cbfaf6cad49d21448a1e1bc57b68eb279695cb09

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2070
Cache-Control: max-age=159362
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:59 GMT
Etag: "6386ddcf-117"
Expires: Fri, 02 Dec 2022 05:11:01 GMT
Last-Modified: Wed, 30 Nov 2022 04:36:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5e55ca1666ab6570a35e729ad4b6f0e9
ebc2b6d8c570eaf7f4273e50b25648cdb5534d30
940c54c36ae67c98e94d0893cbfaf6cad49d21448a1e1bc57b68eb279695cb09

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5698
Cache-Control: max-age=162990
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:54:59 GMT
Etag: "6386ddcf-117"
Expires: Fri, 02 Dec 2022 06:11:29 GMT
Last-Modified: Wed, 30 Nov 2022 04:36:31 GMT
Server: ECS (amb/6B95)
X-Cache: HIT
Content-Length: 279

fa.micstatic.com/probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gj3ru2vr626%22%2Clinkid%3A%221gj3ru2vr626%22%2Curl%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%221003%22%2Cb%3A%220%22%2Cc%3A%2269%22%2Cd%3A%2269%22%2Ce%3A%221629%22%2Cf%3A%22702%22%2Cst%3A%22-1%22%2Ck%3A%222400%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fjs%252Fjquery-3.2.1.slim.min.js%22%2Cp%3A%2269%22%7D%2C%7Ba%3A%221003%22%2Cb%3A%220%22%2Cc%3A%2269%22%2Cd%3A%2269%22%2Ce%3A%221784%22%2Cf%3A%22558%22%2Cst%3A%22-1%22%2Ck%3A%222411%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fjs%252Fpopper.min.js%22%2Cp%3A%2269%22%7D%2C%7Ba%3A%221769%22%2Cb%3A%220%22%2Cc%3A%221772%22%2Cd%3A%221772%22%2Ce%3A%22156%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Ck%3A%221928%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fimages%252Ffavicon.ico%22%2Cp%3A%221772%22%7D%5D%7D

104.18.24.206

204 No Content

0 B

URL HTTP/2
fa.micstatic.com/probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gj3ru2vr626%22%2Clinkid%3A%221gj3ru2vr626%22%2Curl%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%221003%22%2Cb%3A%220%22%2Cc%3A%2269%22%2Cd%3A%2269%22%2Ce%3A%221629%22%2Cf%3A%22702%22%2Cst%3A%22-1%22%2Ck%3A%222400%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fjs%252Fjquery-3.2.1.slim.min.js%22%2Cp%3A%2269%22%7D%2C%7Ba%3A%221003%22%2Cb%3A%220%22%2Cc%3A%2269%22%2Cd%3A%2269%22%2Ce%3A%221784%22%2Cf%3A%22558%22%2Cst%3A%22-1%22%2Ck%3A%222411%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fjs%252Fpopper.min.js%22%2Cp%3A%2269%22%7D%2C%7Ba%3A%221769%22%2Cb%3A%220%22%2Cc%3A%221772%22%2Cd%3A%221772%22%2Ce%3A%22156%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Ck%3A%221928%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fimages%252Ffavicon.ico%22%2Cp%3A%221772%22%7D%5D%7D
IP
104.18.24.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/mine.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gj3ru2vr626%22%2Clinkid%3A%221gj3ru2vr626%22%2Curl%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%5B%7Ba%3A%221003%22%2Cb%3A%220%22%2Cc%3A%2269%22%2Cd%3A%2269%22%2Ce%3A%221629%22%2Cf%3A%22702%22%2Cst%3A%22-1%22%2Ck%3A%222400%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fjs%252Fjquery-3.2.1.slim.min.js%22%2Cp%3A%2269%22%7D%2C%7Ba%3A%221003%22%2Cb%3A%220%22%2Cc%3A%2269%22%2Cd%3A%2269%22%2Ce%3A%221784%22%2Cf%3A%22558%22%2Cst%3A%22-1%22%2Ck%3A%222411%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fjs%252Fpopper.min.js%22%2Cp%3A%2269%22%7D%2C%7Ba%3A%221769%22%2Cb%3A%220%22%2Cc%3A%221772%22%2Cd%3A%221772%22%2Ce%3A%22156%22%2Cf%3A%220%22%2Cst%3A%22-1%22%2Ck%3A%221928%22%2Cn%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Fimages%252Ffavicon.ico%22%2Cp%3A%221772%22%7D%5D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 30 Nov 2022 08:54:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77225c8e59a1b4f9-OSL
X-Firefox-Spdy: h2

fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gj3ru2vr626%22%2Clinkid%3A%221gj3ru2vr626%22%2Curl%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22186%22%2Cc%3A%22603%22%2Cd%3A%221%22%2Ce%3A%22156%22%2Cf%3A%22156%22%2Cst%3A%22-1%22%2Cg%3A%222441%22%2Ch%3A%223557%22%2Ci%3A%223439%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221758%22%2Cm%3A%220%22%2Ck%3A%224697%22%2Cp%3A%22444%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D

104.18.24.206

204 No Content

0 B

URL HTTP/2
fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gj3ru2vr626%22%2Clinkid%3A%221gj3ru2vr626%22%2Curl%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22186%22%2Cc%3A%22603%22%2Cd%3A%221%22%2Ce%3A%22156%22%2Cf%3A%22156%22%2Cst%3A%22-1%22%2Cg%3A%222441%22%2Ch%3A%223557%22%2Ci%3A%223439%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221758%22%2Cm%3A%220%22%2Ck%3A%224697%22%2Cp%3A%22444%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D
IP
104.18.24.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gj3ru2vr626%22%2Clinkid%3A%221gj3ru2vr626%22%2Curl%3A%22shop.gtdm1314.com%252Fwp-includes%252Fimage%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22186%22%2Cc%3A%22603%22%2Cd%3A%221%22%2Ce%3A%22156%22%2Cf%3A%22156%22%2Cst%3A%22-1%22%2Cg%3A%222441%22%2Ch%3A%223557%22%2Ci%3A%223439%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221758%22%2Cm%3A%220%22%2Ck%3A%224697%22%2Cp%3A%22444%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 30 Nov 2022 08:54:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77225c8e99deb4f9-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3235
Cache-Control: max-age=91761
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:55:00 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 10:24:21 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 08:41:08 GMT
expires: Wed, 30 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 832
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144

104.18.21.229

200 OK

37 kB

URL HTTP/2
www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (42866)
Size
37 kB (36844 bytes)
Hash
95533e4c0ed5a34c8002fbc75abf545e
c112c4c0cdc2532fb4ff8437689de0521874d850
52998e591b757727cdf30aefb33fe8167e63f630b3660e1c17ae5fc99023d5ea

HTTP Headers

GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:54:59 GMT
content-type: application/javascript
last-modified: Fri, 19 Nov 2021 07:38:32 GMT
etag: W/"61975478-a860"
expires: Sat, 27 Nov 2032 08:54:59 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 77225c8e5ffcb4fa-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bat.bing.com/bat.js

204.79.197.200

200 OK

11 kB

URL HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Size
11 kB (11421 bytes)
Hash
22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=07A4E06AA958686A1A20F206A8AD69B4; domain=.bing.com; expires=Mon, 25-Dec-2023 08:55:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1447E43C61F444C8E717CC6B69EA45E Ref B: OSL30EDGE0120 Ref C: 2022-11-30T08:55:00Z
date: Wed, 30 Nov 2022 08:54:59 GMT
X-Firefox-Spdy: h2

104.18.24.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIyLTExLTMwIDA4OjU0OjU4LjMwMiIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg0YzdiZjBmZjgzZjktMDAzOThmZjJlM2UzNzItYzUwNTQyNS0xMzEwNzIwLTE4NGM3YmYwZmY5NDAxIiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjgwMzMzODMwM30%3D&ext=crc%3D72259811
IP
104.18.24.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIyLTExLTMwIDA4OjU0OjU4LjMwMiIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg0YzdiZjBmZjgzZjktMDAzOThmZjJlM2UzNzItYzUwNTQyNS0xMzEwNzIwLTE4NGM3YmYwZmY5NDAxIiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjgwMzMzODMwM30%3D&ext=crc%3D72259811 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:55:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77225c8e59a9b4f9-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3219
Cache-Control: max-age=91745
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:55:00 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 10:24:05 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1787934653.1669798499&gtm=2oebs0&aip=1&z=1304483251

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1787934653.1669798499&gtm=2oebs0&aip=1&z=1304483251
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1787934653.1669798499&gtm=2oebs0&aip=1&z=1304483251 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:55:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdqM3J1MnQwOGMzIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwczovL3Nob3AuZ3RkbTEzMTQuY29tL3dwLWluY2x1ZGVzL2ltYWdlL2luZGV4Lmh0bWwiLCIkdXJsX3BhdGgiOiIvd3AtaW5jbHVkZXMvaW1hZ2UvaW5kZXguaHRtbCIsIiR0aXRsZSI6Ik1lc3NhZ2VzIHwgTWFkZSBsbiBDaGxuYSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRpc19maXJzdF90aW1lIjp0cnVlLCIkcmVmZXJyZXJfaG9zdCI6IiIsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiJ9LCJhbm9ueW1vdXNfaWQiOiIxODRjN2JmMGZmODNmOS0wMDM5OGZmMmUzZTM3Mi1jNTA1NDI1LTEzMTA3MjAtMTg0YzdiZjBmZjk0MDEiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6IiRwYWdldmlldyIsIl90cmFja19pZCI6Mzc4MDQ4MzA3fQ%3D%3D&ext=crc%3D1297530436

104.18.24.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdqM3J1MnQwOGMzIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwczovL3Nob3AuZ3RkbTEzMTQuY29tL3dwLWluY2x1ZGVzL2ltYWdlL2luZGV4Lmh0bWwiLCIkdXJsX3BhdGgiOiIvd3AtaW5jbHVkZXMvaW1hZ2UvaW5kZXguaHRtbCIsIiR0aXRsZSI6Ik1lc3NhZ2VzIHwgTWFkZSBsbiBDaGxuYSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRpc19maXJzdF90aW1lIjp0cnVlLCIkcmVmZXJyZXJfaG9zdCI6IiIsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiJ9LCJhbm9ueW1vdXNfaWQiOiIxODRjN2JmMGZmODNmOS0wMDM5OGZmMmUzZTM3Mi1jNTA1NDI1LTEzMTA3MjAtMTg0YzdiZjBmZjk0MDEiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6IiRwYWdldmlldyIsIl90cmFja19pZCI6Mzc4MDQ4MzA3fQ%3D%3D&ext=crc%3D1297530436
IP
104.18.24.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdqM3J1MnQwOGMzIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwczovL3Nob3AuZ3RkbTEzMTQuY29tL3dwLWluY2x1ZGVzL2ltYWdlL2luZGV4Lmh0bWwiLCIkdXJsX3BhdGgiOiIvd3AtaW5jbHVkZXMvaW1hZ2UvaW5kZXguaHRtbCIsIiR0aXRsZSI6Ik1lc3NhZ2VzIHwgTWFkZSBsbiBDaGxuYSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRpc19maXJzdF90aW1lIjp0cnVlLCIkcmVmZXJyZXJfaG9zdCI6IiIsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiJ9LCJhbm9ueW1vdXNfaWQiOiIxODRjN2JmMGZmODNmOS0wMDM5OGZmMmUzZTM3Mi1jNTA1NDI1LTEzMTA3MjAtMTg0YzdiZjBmZjk0MDEiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6IiRwYWdldmlldyIsIl90cmFja19pZCI6Mzc4MDQ4MzA3fQ%3D%3D&ext=crc%3D1297530436 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:55:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77225c8f5aedb4f9-OSL
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=2oebs0&_p=1464948936&_gaz=1&cid=1787934653.1669798499&ul=en-us&sr=1280x1024&_s=1&sid=1669798498&sct=1&seg=0&dl=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page_Hostname=shop.gtdm1314.com

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=2oebs0&_p=1464948936&_gaz=1&cid=1787934653.1669798499&ul=en-us&sr=1280x1024&_s=1&sid=1669798498&sct=1&seg=0&dl=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page_Hostname=shop.gtdm1314.com
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=2oebs0&_p=1464948936&_gaz=1&cid=1787934653.1669798499&ul=en-us&sr=1280x1024&_s=1&sid=1669798498&sct=1&seg=0&dl=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page_Hostname=shop.gtdm1314.com HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shop.gtdm1314.com
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://shop.gtdm1314.com
date: Wed, 30 Nov 2022 08:55:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=1787934653.1669798499&gtm=2oebs0&aip=1

74.125.131.156

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=1787934653.1669798499&gtm=2oebs0&aip=1
IP
74.125.131.156:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&cid=1787934653.1669798499&gtm=2oebs0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shop.gtdm1314.com
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://shop.gtdm1314.com
date: Wed, 30 Nov 2022 08:55:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=f46992a9-d039-4d22-b8c3-002db264fcd5&sid=ab4a9c60708c11ed8b5f5faf7be3cb48&vid=ab4a89f0708c11ed9d278561d890d9e9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&r=&lt=4700&evt=pageLoad&sv=1&rn=355867

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=f46992a9-d039-4d22-b8c3-002db264fcd5&sid=ab4a9c60708c11ed8b5f5faf7be3cb48&vid=ab4a89f0708c11ed9d278561d890d9e9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&r=&lt=4700&evt=pageLoad&sv=1&rn=355867
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=13001299&tm=gtm002&Ver=2&mid=f46992a9-d039-4d22-b8c3-002db264fcd5&sid=ab4a9c60708c11ed8b5f5faf7be3cb48&vid=ab4a89f0708c11ed9d278561d890d9e9&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&r=&lt=4700&evt=pageLoad&sv=1&rn=355867 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1179816EAAA26DF92EB39302AB576C50; domain=.bing.com; expires=Mon, 25-Dec-2023 08:55:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F074DE16B094280B605BE9391659966 Ref B: OSL30EDGE0120 Ref C: 2022-11-30T08:55:00Z
date: Wed, 30 Nov 2022 08:55:00 GMT
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37452587-1&cid=1787934653.1669798499&jid=1663727287&gjid=2007476126&_gid=1445059259.1669798499&_u=YADAAEAAAAAAACAAI~&z=951375686

74.125.131.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37452587-1&cid=1787934653.1669798499&jid=1663727287&gjid=2007476126&_gid=1445059259.1669798499&_u=YADAAEAAAAAAACAAI~&z=951375686
IP
74.125.131.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37452587-1&cid=1787934653.1669798499&jid=1663727287&gjid=2007476126&_gid=1445059259.1669798499&_u=YADAAEAAAAAAACAAI~&z=951375686 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://shop.gtdm1314.com
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://shop.gtdm1314.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 08:55:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/p/action/13001299.js

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/13001299.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/13001299.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=25EBDF03F96861ED160CCD6FF89D60DD; domain=.bing.com; expires=Mon, 25-Dec-2023 08:55:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF252F67A3AC46C5B5AE0B55FF443F28 Ref B: OSL30EDGE0120 Ref C: 2022-11-30T08:55:00Z
date: Wed, 30 Nov 2022 08:55:00 GMT
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/731984560/?random=1669798498470&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1102246777&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/731984560/?random=1669798498470&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1102246777&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/731984560/?random=1669798498470&cv=11&fst=1669795200000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1102246777&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 08:55:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdqM3J1MnQwOGMzIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwczovL3Nob3AuZ3RkbTEzMTQuY29tL3dwLWluY2x1ZGVzL2ltYWdlL2luZGV4Lmh0bWwifSwiYW5vbnltb3VzX2lkIjoiMTg0YzdiZjBmZjgzZjktMDAzOThmZjJlM2UzNzItYzUwNTQyNS0xMzEwNzIwLTE4NGM3YmYwZmY5NDAxIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiJmb3JtQWN0aW9uIiwiX3RyYWNrX2lkIjo4NTMwODMxNH0%3D&ext=crc%3D-1163539231

104.18.24.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdqM3J1MnQwOGMzIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwczovL3Nob3AuZ3RkbTEzMTQuY29tL3dwLWluY2x1ZGVzL2ltYWdlL2luZGV4Lmh0bWwifSwiYW5vbnltb3VzX2lkIjoiMTg0YzdiZjBmZjgzZjktMDAzOThmZjJlM2UzNzItYzUwNTQyNS0xMzEwNzIwLTE4NGM3YmYwZmY5NDAxIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiJmb3JtQWN0aW9uIiwiX3RyYWNrX2lkIjo4NTMwODMxNH0%3D&ext=crc%3D-1163539231
IP
104.18.24.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NGM3YmYwZmY4M2Y5LTAwMzk4ZmYyZTNlMzcyLWM1MDU0MjUtMTMxMDcyMC0xODRjN2JmMGZmOTQwMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdqM3J1MnQwOGMzIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwczovL3Nob3AuZ3RkbTEzMTQuY29tL3dwLWluY2x1ZGVzL2ltYWdlL2luZGV4Lmh0bWwifSwiYW5vbnltb3VzX2lkIjoiMTg0YzdiZjBmZjgzZjktMDAzOThmZjJlM2UzNzItYzUwNTQyNS0xMzEwNzIwLTE4NGM3YmYwZmY5NDAxIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiJmb3JtQWN0aW9uIiwiX3RyYWNrX2lkIjo4NTMwODMxNH0%3D&ext=crc%3D-1163539231 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:55:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77225c914ce5b4f9-OSL
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&rl=&if=false&ts=1669798499341&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669798499339.1000792613&it=1669798498978&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&rl=&if=false&ts=1669798499341&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669798499339.1000792613&it=1669798498978&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Fshop.gtdm1314.com%2Fwp-includes%2Fimage%2Findex.html&rl=&if=false&ts=1669798499341&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669798499339.1000792613&it=1669798498978&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Nov 2022 08:55:00 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5785 bytes)
Hash
59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 38824
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

shop.gtdm1314.com/wp-includes/image/js/jquery-3.2.1.slim.min.js

103.123.243.9

404 Not Found

0 B

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/js/jquery-3.2.1.slim.min.js
IP
103.123.243.9:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/image/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://shop.gtdm1314.com/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:54:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 12842242
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77225c769ddab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

shop.gtdm1314.com/wp-includes/image/js/popper.min.js

103.123.243.9

404 Not Found

0 B

URL HTTP/2
shop.gtdm1314.com/wp-includes/image/js/popper.min.js
IP
103.123.243.9:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/image/js/popper.min.js HTTP/1.1
Host: shop.gtdm1314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/wp-includes/image/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://shop.gtdm1314.com/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 08:54:55 GMT
server: Apache
X-Firefox-Spdy: h2

www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144

104.18.21.229

200 OK

0 B

URL HTTP/2
www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /common/js/libs/faw/faw.1.0.0.js?r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shop.gtdm1314.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:54:58 GMT
content-type: application/javascript
last-modified: Fri, 10 Sep 2021 13:44:55 GMT
etag: W/"613b6157-3042"
expires: Sat, 27 Nov 2032 08:54:58 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 77225c851b06b4fa-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations