Report - safexpress.xyz/

Report Overview

Submitted URL
safexpress.xyz/
IP
172.67.195.190
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-03 03:59:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img6.wsimg.com	15438	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	794 B	35 kB	95.101.10.129
js.intercomcdn.com	2440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	727 B	110 kB	54.230.111.84
nexus-websocket-a.intercom.io	2137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	729 B	281 B	35.174.127.31
api-iam.intercom.io	2892	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	970 B	52.20.196.176
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.86.38.2
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	40 kB	142.250.74.40
cdn1.dan.com	88667	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	88 kB	143.204.55.93
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	587 B	702 B	108.177.14.154
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	54.230.245.100
safexpress.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	790 B	1.3 kB	172.67.195.190
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
widget.trustpilot.com	6018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	6.8 kB	143.204.55.80
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	22 kB	142.250.74.46
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
cdn0.dan.com	98973	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	72 kB	143.204.55.93
tags.tiqcdn.com	969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	748 B	2.18.173.203
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
cdn3.dan.com	95121	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	185 kB	143.204.55.93
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	694 B	142.250.74.67
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
d1lr4y73neawid.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	4.7 kB	54.230.245.229
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	694 B	142.250.74.132
widget.intercom.io	2417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	6.9 kB	143.204.237.85
events.api.secureserver.net	125179	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	2.2 kB	95.101.10.130
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
dan.com	27401	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	17 kB	3.70.113.20
cdn2.dan.com	96184	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	160 kB	143.204.55.93

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	safexpress.xyz/	Phishing
2022-12-03	medium	safexpress.xyz/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	dan.com/buy-domain/SafExpress.xyz	748 B	2023-03-08	2023-03-08
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:40 Last Seen2023-03-08 15:00:40 Times Seen1 Hash bcb0ec3ea4948412005adcc067ea9104 964f670f662f93ab6bfb700afb602803d3a1dd14 e59286a772742aed08e31863fa6ddb62bd76c5a2cb1c8a556dedbe9caeaf3607 Loading...

	cdn2.dan.com/packs/js/public/product-93565822ce0159cf7dd9.chunk.js	242 kB	2023-03-08	2023-03-11
Pretty URL cdn2.dan.com/packs/js/public/product-93565822ce0159cf7dd9.chunk.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:43 Last Seen2023-03-11 23:52:28 Times Seen1 Hash 5f3712b2a32ddc47456ffc7e3cb6837c 26b2276275303f8b778e036e27e90d9dbada2442 f87e4f09160d522e85a31c0465431b8249bee67bcb4d8b53f65c25ea3e878e1f Loading...

	cdn2.dan.com/packs/js/7-660c862ac12bd06876b1.chunk.js	11 kB	2023-03-08	2023-03-11
Pretty URL cdn2.dan.com/packs/js/7-660c862ac12bd06876b1.chunk.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-11 23:52:28 Times Seen1 Hash af98c1ec7f6bfd3cff37bb09808e18f5 7b68461fc8d5556d6b2cb8735909f4638db580f8 cdc6bf9e0e8c587feecbe2e08307b8058f65a36bf5e2acda0aac048c72d79549 Loading...

	dan.com/buy-domain/SafExpress.xyz	582 B	2023-03-07	2023-08-31
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:01 Last Seen2023-08-31 10:03:04 Times Seen403 Hash f232d74fba197990ebcee96271b75970 95f22873fe3fff185f60e6e98f580056099399a6 8445a66933031cfc24b902ac117a57ab02620fdac57640a0868b8550e0f7930e Loading...

	img6.wsimg.com/wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js	123 kB	2023-03-08	2023-03-11
Pretty URL img6.wsimg.com/wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js IP 95.101.10.129 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:13 Last Seen2023-03-11 23:52:28 Times Seen1 Hash 0bd7e7814002fbb87e2a508205f02600 e32003255518d3b8c92a058ad6097463200788f9 faf1cbb205d5ef757b13cf10ac2038d5c6ea05ec633d56f8a1e11f0bc78f8002 Loading...

	safexpress.xyz/ll.asp?url=https://dan.com/buy-domain/SafExpress.xyz&domain=SafExpress.xyz	5.8 kB	2023-03-08	2023-03-08
Pretty URL safexpress.xyz/ll.asp?url=https://dan.com/buy-domain/SafExpress.xyz&domain=SafExpress.xyz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:40 Last Seen2023-03-08 15:00:40 Times Seen1 Hash 328d9da053db6d3038ca19062280b1c7 ba009c998366c81ed554afb5b33e99ab56846623 ab4c55b7353e15bc66c2de612d489df260efad2a257d756ba618a5fc72e97d19 Loading...

	dan.com/buy-domain/SafExpress.xyz	5.3 kB	2023-03-08	2023-03-13
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-13 05:57:44 Times Seen1 Hash 3412c3833846aa13652989e38a612f50 43562fd449f312d6f33ccb0fd4502e8b5c78fe54 2ae87a7fa3761104cf1debf56bfdce6606ec0526d499da69783dad901bda5a5d Loading...

	tags.tiqcdn.com/utag/gpl/main/prod/utag.js	172 kB	2023-03-08	2023-03-11
Pretty URL tags.tiqcdn.com/utag/gpl/main/prod/utag.js IP 2.18.173.203 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-11 23:52:28 Times Seen1 Hash 439c93448d07863f01b4baa0db40ee45 2268bf35e5b6ba60bb20e75581ecd78a455c6d52 c3cc29b0246fdbcf74e5f03d1a54f93b9bca47501b3bc773f91dcce018f57f84 Loading...

	dan.com/buy-domain/SafExpress.xyz	331 B	2023-03-08	2023-05-16
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-05-16 10:21:31 Times Seen408 Hash dd49698d5f288a9b084fabf69fffd283 c1ccd0f349e4fdf94a9fdb1b38959bfd657176ad 6daa5f43fd2bb27dacd533141a7c1f20130f4c642a16a82081f20b024b194dc0 Loading...

	dan.com/buy-domain/SafExpress.xyz	122 B	2023-03-07	2024-04-26
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:43 Last Seen2024-04-26 21:59:44 Times Seen1630 Hash 6943ec1b309596d353d94121bab97d4b 508a3265739ea0e54dc92a84d1e4f5f30f108a2f 8242948efb8010b8c180c1ae21085c9565b72fbe9c81d83ddb56164607d62fc1 Loading...

	dan.com/buy-domain/SafExpress.xyz	16 B	2023-03-07	2024-04-26
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:43 Last Seen2024-04-26 21:59:44 Times Seen1658 Hash a2b4c127bce8b65bdf02e131b4d4db03 7b713aecb81f858380ad9f90b8ed66bb283a88ce b40e593a952e024291a8a0f37124e769d79291aba2d09cc6d384db9851f651f2 Loading...

	cdn3.dan.com/packs/js/runtime~public/fonts-029da93a03dc79cb1656.js	1.6 kB	2023-03-08	2023-03-13
Pretty URL cdn3.dan.com/packs/js/runtime~public/fonts-029da93a03dc79cb1656.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-13 05:57:44 Times Seen1 Hash 85428dc6c22d53f20d5bbb084f4494c0 1f4ca973bb39ce1b72a2803fa1f3ccae8d8549d2 d34c53591f359442a574e72a2be2d480bda289b4a5c49b80b8d84c454c34b3db Loading...

	cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js	1.6 kB	2023-03-08	2023-03-13
Pretty URL cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-13 05:57:44 Times Seen1 Hash f6c5e7430662685f183f0f1525b9136f 54c5cf5e9dcab6e5ca7302a1f3080831c2f32a4d 3a1fb298ebab5705573c342afdd681b5a9fb8f0b5a5a09d5dcde4b4a98367087 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js	15 kB	2023-03-07	2024-04-18
Pretty URL cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:43 Last Seen2024-04-18 10:57:13 Times Seen567 Hash 87aad237bde79c038958e4997b9d3fa2 e4dd67dd4c75a33c6e5232f1b592a1eff5b80d75 2eea9178de45da5b14f49d3cb4e2d24b133954a67f2f094d7ddbe614515b97ed Loading...

	cdn0.dan.com/packs/js/6-17cd7884e1fbb9bc9d21.chunk.js	286 kB	2023-03-08	2023-03-11
Pretty URL cdn0.dan.com/packs/js/6-17cd7884e1fbb9bc9d21.chunk.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:13 Last Seen2023-03-11 23:48:20 Times Seen1 Hash feb57c7a26b1a48fbf669ecd5aa61f62 3a927534b84b4dea35b80c117ff0380dd8c1175d 7ab6aa0bd37b566e2e4703cffb4e13c29a4ded95f69469f936a357b17f37f256 Loading...

	cdn0.dan.com/packs/js/public/shared-cc69b24f7d7e677da7f1.chunk.js	1.3 kB	2023-03-08	2023-03-11
Pretty URL cdn0.dan.com/packs/js/public/shared-cc69b24f7d7e677da7f1.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-11 23:52:28 Times Seen1 Hash 042c908dfb923a78b0a425de108cb695 7963a59b3e691671f20118fe5e0fea18133974d6 edde2dc7230839833fa9bc506f9cb9dd10fcdd9e9894ff5197001886aa863899 Loading...

	safexpress.xyz/buy-domain.php?url=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&domain=SafExpress.xyz	153 B	2023-03-07	2023-03-12
Pretty URL safexpress.xyz/buy-domain.php?url=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&domain=SafExpress.xyz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:21 Last Seen2023-03-12 21:36:40 Times Seen1 Hash fc507e1979decb7aa2f0e5a9472f331f 475ddeb6ec05cb2dd996e97ec55e5c0954122750 b1189619427e2a0ef2764dda934b557e531c4d0b2f0c1c06f128ee2c42c35dd6 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 22:00:19 Times Seen37102302 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dan.com/buy-domain/SafExpress.xyz	93 B	2023-03-08	2023-03-11
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-11 23:52:28 Times Seen1 Hash 3673647fc5574e0ff98a1f8eb03884c0 d3dc4e0ea0687c643f7dbdd4596d6509a2e66d88 329d33e6f5b7e37637a8e29dd39cf253877454ff65b7646441c7b73adbb29a67 Loading...

	dan.com/buy-domain/SafExpress.xyz	378 B	2023-03-07	2024-04-26
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:43 Last Seen2024-04-26 21:59:44 Times Seen1628 Hash d4f06960a842106951ad5d02208c026c 1b70a117239deab891f87816e3d2c475fee21561 40f49f1f28564c1e2037f31970e6c66a65637586f99060d373b57eb497f1a59f Loading...

	dan.com/buy-domain/SafExpress.xyz	366 B	2023-03-08	2023-03-08
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:40 Last Seen2023-03-08 15:00:40 Times Seen1 Hash c5421fef724dad7f810e4ea28abb3a45 d562366015bb9a6a08aa4a19567c628fbe455a64 a25771e8fc8fc07885ecf2151d341be4b000adebd7fee97afb043d0e5659856c Loading...

	safexpress.xyz/buy-domain.php?url=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&domain=SafExpress.xyz	2.1 kB	2023-03-08	2023-03-08
Pretty URL safexpress.xyz/buy-domain.php?url=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&domain=SafExpress.xyz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:40 Last Seen2023-03-08 15:00:40 Times Seen1 Hash f99a5aa20f32e1fc0210157253821e73 85c4d3578220e440bd7024ed5e3221f2df93b868 1badbe8250c52a3c4308bfbde3830d39fa7d12c10fe17d605cfda29cbad5b4a4 Loading...

	cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js	1.6 kB	2023-03-08	2023-03-13
Pretty URL cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-13 05:57:44 Times Seen1 Hash fe4f920f27cf5f375b525a8f79cc2965 8b194a97d664806596c427aa992ab3378ffb3226 6ca7eb08eb39fddd862a85d058e29bb24e7f96a529144ce0180f68449ec49cd5 Loading...

	dan.com/buy-domain/SafExpress.xyz	854 B	2023-03-08	2023-03-11
Pretty URL dan.com/buy-domain/SafExpress.xyz IP 3.70.113.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-11 23:52:28 Times Seen1 Hash 31b1b30f5477fe69cd6c571f03cf76e6 d341122ea69e7e9710ce8515932e6289c2f92621 3c0edec03d34e766a37322aaf5a7cc83472e103d7c2c2b3897f5e6a3933bd977 Loading...

	js.intercomcdn.com/frame.369c9ae4.js	525 kB	2023-03-08	2023-03-08
Pretty URL js.intercomcdn.com/frame.369c9ae4.js IP 54.230.111.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:55:37 Last Seen2023-03-08 19:39:40 Times Seen1 Hash df86b7658e59565267223049f7fc8764 222cb5738ce523dff6ebf0f474e9a66c8df9d0d4 ae8f89239d001193610643b3b5caeb3007849dc61ff486f3955702edbbce83dc Loading...

	tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1	2 B	2023-03-07	2024-04-26
Pretty URL tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1 IP 2.18.173.203 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 21:47:15 Times Seen21821 Hash 7bc0ee636b3b83484fc3b9348863bd22 ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610 a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Loading...

	cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js	1.9 kB	2023-03-07	2024-04-26
Pretty URL cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:43 Last Seen2024-04-26 21:59:44 Times Seen2931 Hash d7c6eba1935cb8bac2073e7ca78efa77 803b041933e31b0a1d76ccc1174689a3fb7ccbce 2881e3020d68a1be03871f3d506033f494dba5c8e43071136adb004c17c9facd Loading...

	cdn1.dan.com/packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js	652 B	2023-03-08	2023-03-11
Pretty URL cdn1.dan.com/packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js IP 143.204.55.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:45 Last Seen2023-03-11 23:52:28 Times Seen1 Hash 3545d378c9cb47133587d3b612eb86ec 02d03ddac0f36ef20808493a321f13a661ee1881 44ffe18c0a6b9c3dc8dddc7f74b19137c7d31405684d51c753a10dd324374265 Loading...

	widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js	19 kB	2023-03-07	2023-11-04
Pretty URL widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-11-04 14:10:25 Times Seen853 Hash 09f25c4b4cb4f5d5bd2bf7adf3235bc0 dbe22054d87d6ef7127d98ceab7650eaa0f6ed68 f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb Loading...

	www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer	101 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:37 Last Seen2023-03-08 15:00:40 Times Seen1 Hash bb06b4959dc00f841eb140abbcfb53e3 786b099d834420fc42ef26232f9113a46862d3d6 5a1e2ceb6fd5b4e0bfc3fc46f7b7d12a0dc3b0c71b46b4a80cb070f22024db92 Loading...

	widget.intercom.io/widget/e2frgfyw	19 kB	2023-03-08	2023-03-08
Pretty URL widget.intercom.io/widget/e2frgfyw IP 143.204.237.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:48:02 Last Seen2023-03-08 19:39:40 Times Seen1 Hash dd0da671f49ff30aa88378c13e38946d 2c47d7a77e18a19e8f436647800157075ef8c891 beb4f3633eb7bf0c6b45a9948f0585abcedf1bea2df11d5dd4deddda99332dae Loading...

	img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js	25 kB	2023-03-07	2024-02-02
Pretty URL img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js IP 95.101.10.129 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-02-02 18:24:37 Times Seen8238 Hash ce554d2333f3801abafb32da18213ff7 ef2b32494849244d9b9d8c23178e082cec9eab7f 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312 Loading...

		Size	First Seen	Last Seen
	#1 Write - dd815899dab4cb41abda1845d57fc730	1.4 kB	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 12:23:21 Last Seen2024-02-05 05:00:35 Times Seen2 Hash dd815899dab4cb41abda1845d57fc730 ccecdf543f23affc65a604dc18d0dd2d9a2e8838 8a353467b1818dc4fb918046eb3a24ef2766004bcda4dcf9fbab5b9b7f1ee90e Loading...

	#2 Write - 35dfbd23b93aed23c6828a8075d38946	23 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 12:23:21 Last Seen2024-02-05 05:00:35 Times Seen2 Hash 35dfbd23b93aed23c6828a8075d38946 6bc2646316d9afa59717b29039a97dad3708c62b 9556fb3fa7ffd9fd109cee5671e2ba90b2755eea6db2505a9d1ab80c70988efb Loading...

	#3 Write - 167a1445263c181a746d5772d64d50eb	31 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 12:23:21 Last Seen2024-02-05 05:00:35 Times Seen2 Hash 167a1445263c181a746d5772d64d50eb cd7f253b97e0b7e8eb5e3b382f588fe358cfaf2f c4b26e26c468e2b9f283b0f38f9bdf338e9cbb41092e88b20fcf059b14baa34c Loading...

	#4 Write - bfb8e6329d32e411313fe85bdcc482e9	93 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 12:23:21 Last Seen2024-02-05 05:00:35 Times Seen2 Hash bfb8e6329d32e411313fe85bdcc482e9 b999a760555fc13c940c55fc60facb0d117ab742 22eac06e4b2b5c8cedec65f5c293475175f57e871c3458b288d29b08e6552501 Loading...

	#5 Write - cbae78ea25a9af0c062b4e513e9a1b5f	33 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 12:23:21 Last Seen2024-02-05 05:00:35 Times Seen2 Hash cbae78ea25a9af0c062b4e513e9a1b5f 566bb08d055db6da64541a907a5e03f07dbfd459 17630e8ed626ba12f0b87985c2444eb8da7c0c478c6f162c18c8ef021f4b56ed Loading...

	#6 Write - 153710e1f1712490815a9645bf8d4c4b	8 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:03:56 Last Seen2024-04-25 20:37:23 Times Seen958 Hash 153710e1f1712490815a9645bf8d4c4b ba9482d6daa14a14e214094f184b6f66c1d9894d 4c57a8afdb03336819aa7e8106a07d6dbee031a2aa824d0f875a60693de0a5a3 Loading...

	#7 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-26 21:39:39 Times Seen14334 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (79)

URL IP Response Size

safexpress.xyz/

172.67.195.190

301 Moved Permanently

0 B

URL HTTP/1.1
safexpress.xyz/
IP
172.67.195.190:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: safexpress.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 03:59:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 Dec 2022 04:59:09 GMT
Location: https://safexpress.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaRu8qQZi2UA7sajQiTZYjEOPktfUV6iCk8kjWR2DQVaqDdKWUcMeo9UhIbmJyUX3aWMrydoyzJMU0tE%2FzIiEgyqZp3ur6QsAidUaT8AzUvaC6RTNArojdsUd%2BCg8%2BxelA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77396353b9b4b4f4-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6568
Expires: Sat, 03 Dec 2022 05:48:37 GMT
Date: Sat, 03 Dec 2022 03:59:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 427
Cache-Control: max-age=110353
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:09 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:38:22 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5434
Expires: Sat, 03 Dec 2022 05:29:43 GMT
Date: Sat, 03 Dec 2022 03:59:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 03:19:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2351
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: YEhVgwVi86mLj/2Aj147VXKqLQmDAH0yqvkEKsxA/NBjR13Nx7TA2igZZSZiZz535bky/sasTtqpseEClI0mHQ==
x-amz-request-id: RHY7WWE3TB2E9AG7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 03:46:25 GMT
age: 764
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 03:59:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
dd03c37115cda79f52a5e42939fc615b
79b5ea9101ee0c57d097facf5ad072f46a19513a
ab81e15bad30af30beeeff5077b98b7346576c52a7f8a5e3160dc22387e33d25

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AB81E15BAD30AF30BEEEFF5077B98B7346576C52A7F8A5E3160DC22387E33D25"
Last-Modified: Wed, 30 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Sat, 03 Dec 2022 09:58:24 GMT
Date: Sat, 03 Dec 2022 03:59:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 03:08:58 GMT
cache-control: public,max-age=3600
age: 3012
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 423
Cache-Control: max-age=105287
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:10 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:13:57 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
dd03c37115cda79f52a5e42939fc615b
79b5ea9101ee0c57d097facf5ad072f46a19513a
ab81e15bad30af30beeeff5077b98b7346576c52a7f8a5e3160dc22387e33d25

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AB81E15BAD30AF30BEEEFF5077B98B7346576C52A7F8A5E3160DC22387E33D25"
Last-Modified: Wed, 30 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Sat, 03 Dec 2022 09:58:24 GMT
Date: Sat, 03 Dec 2022 03:59:10 GMT
Connection: keep-alive

push.services.mozilla.com/

35.86.38.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.86.38.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ns26FJ6SunRT69k6pjSDQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CkIGNZ0sgt+McOQYuEyneJam0m8=

widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

143.204.55.80

200 OK

6.1 kB

URL HTTP/2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size
6.1 kB (6124 bytes)
Hash
5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0

HTTP Headers

GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 03 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: r5FFPMstF5yQF24aKTwkDF5aifl43bt6o3EtUtWPEX73iXGfPMV60A==
age: 9048
X-Firefox-Spdy: h2

cdn3.dan.com/assets/public-8ffa433e8f7295de7212a1970b503cbca5e2f51861329f2a83d95683ae5ca9bd.css

143.204.55.93

200 OK

70 kB

URL HTTP/2
cdn3.dan.com/assets/public-8ffa433e8f7295de7212a1970b503cbca5e2f51861329f2a83d95683ae5ca9bd.css
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
70 kB (69630 bytes)
Hash
00067c642881479946a1cc9726cf90c3
7bc179cdcd23aaefdce393c81d08acc1f35f0f55
d8fc3dd331510ef42b89c5701f6240eb1d64c00a90a47a47cacbbef683df8f54

HTTP Headers

GET /assets/public-8ffa433e8f7295de7212a1970b503cbca5e2f51861329f2a83d95683ae5ca9bd.css HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
content-length: 69630
server: openresty
date: Fri, 02 Dec 2022 12:39:13 GMT
last-modified: Fri, 02 Dec 2022 12:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kGlzuhooMUZ5GtKdhbqx1f5muaguTWD-fkTzFHa6HVPy3jH3G6L-Gg==
age: 55198
X-Firefox-Spdy: h2

cdn3.dan.com/packs/js/3-9876ac5e584cf01380f0.chunk.js

143.204.55.93

200 OK

56 kB

URL HTTP/2
cdn3.dan.com/packs/js/3-9876ac5e584cf01380f0.chunk.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65450)
Size
56 kB (55649 bytes)
Hash
344cf972b803b139cbe02cbbd55f0c63
beb028cc1664bce14495b9a4e6d22355c80fd180
08ff1998650ec7851229c8f0c9f231d3facd71bec2d3e52ae525cedd3e5206a0

HTTP Headers

GET /packs/js/3-9876ac5e584cf01380f0.chunk.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 55649
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MO89r5cMU3oCTW-v-6J-_lJ8OZiNIEtPOMFmEm7ccyzFyyvkAh4smg==
age: 1607572
X-Firefox-Spdy: h2

dan.com/buy-domain/SafExpress.xyz

3.70.113.20

200 OK

14 kB

URL HTTP/2
dan.com/buy-domain/SafExpress.xyz
IP
3.70.113.20:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9029)
Size
14 kB (14206 bytes)
Hash
bddc566635894f99b96cbb7e50df795c
1810078f7561e71eea8456d8c6dd8b829468116e
8037ba15ac166ee025ed6f2ca2bec01fdbe4ab1f1a24542002fd32f6bf981f49

HTTP Headers

GET /buy-domain/SafExpress.xyz HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://safexpress.xyz/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Sat, 03 Dec 2022 03:59:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"0eb972095e0793a4367cbc337ad1f04b"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=8pqtSjK4sZPwhXPfh1lZOyCmlT7t8SV%2FDgrBANCX0yEzt53oKBlXKQn%2FpmRfljHXvHLkZ8968q9C6Ak7nbaNnDu6npA5CZdoK8a3lOCcXTb00PwiKyiaXW77JGxU75K%2FdFj6VUssS8hssRXNR%2BHP6%2BfqWS6c8rJhDPPvgxQzqCg6IEit1rdpBeexX2gmcDs7WCt%2F0SalQ55XTccdJ%2BHz6a7Rt%2BczqhV7YBqm7y7sND4HhnVDO1csHTGJHFn4KpragiYuUKIajUdzCcwpk8YY6g6WTGJbZFjhsrr5sEVqPPKfr7s78dMUTf4Sz33IVlhQxDCKwWrC%2B7Lj6%2BTe3hAqq7QqNS5Ii5SAHqCRUqBejISjEzUSvQyrZmPX8UKaWjK3cRyI0tQwObIAmAmde1ig7TYKWVmNCT1gC89PFSwhui4qF0C9b3FkCjNf47AQiTiNGG3oy%2BjwGw9UUNDLrhF7aA%3D%3D--gi6YyoJ29UvzeJ42--06K5%2FXYnPsnzRAnSoT0c2A%3D%3D; path=/; secure; HttpOnly
x-request-id: ed52c994-76e5-4b09-a177-23e9a6914b7a
x-runtime: 0.072028
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2

cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js

143.204.55.93

200 OK

786 B

URL HTTP/2
cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1516)
Size
786 B (786 bytes)
Hash
37935f037e803e39105049fb0adeb1d4
f0a909ba834ba0ede36be821631ed8146699c8cb
aae6afa879fa3810847400272ebe7786d3f2b2d1be87ef9d16a235f05797b3bf

HTTP Headers

GET /packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 786
server: openresty
date: Tue, 01 Nov 2022 11:05:04 GMT
last-modified: Tue, 01 Nov 2022 11:03:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uU2hC40j-t2eax653ni_J9acS97WZPRbqAZRHH4IgOS6-JMe1AN80g==
age: 2739247
X-Firefox-Spdy: h2

cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js

143.204.55.93

200 OK

4.4 kB

URL HTTP/2
cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (15400), with no line terminators
Size
4.4 kB (4434 bytes)
Hash
de2f4a801d555fd16c042093f091acd4
86110e7d996ff7d52e1bbb9f0083f5369c965634
8d772411db1b7ce8f803656bdc1e7e0dfb299eb51371d957fe5ef8656a4819c6

HTTP Headers

GET /assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 4434
server: openresty
date: Sat, 12 Nov 2022 03:32:31 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 65PYUHu0SGPfSzB3Qvq_C4t_o_yjZbxDPJu0ABo6HhO8YQXPYI-BQw==
age: 1816000
X-Firefox-Spdy: h2

cdn1.dan.com/packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js

143.204.55.93

200 OK

425 B

URL HTTP/2
cdn1.dan.com/packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (591)
Size
425 B (425 bytes)
Hash
3dd92657579fb4ef22a0502eb48543b1
6ee0af04b4f4ae96cddfe089c423fb8c849311b7
14cad7e04cdbb39145dc4708ea94a7550fda3d4421eedc5e2c0ff13dec7a61b9

HTTP Headers

GET /packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 425
server: openresty
date: Fri, 11 Nov 2022 12:53:48 GMT
last-modified: Fri, 11 Nov 2022 12:52:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZtZbRMiWknQvmTRbV8wn4tkn100qEYXMD0xgfm0yue2r4KsdeBdIRQ==
age: 1868723
X-Firefox-Spdy: h2

cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js

143.204.55.93

200 OK

982 B

URL HTTP/2
cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1896), with no line terminators
Size
982 B (982 bytes)
Hash
7e27a1f78cf2901cf631835d1abdd80d
2a470ea7454f0d0da5d3f8c22052f96fdf949eb4
1b1e6270bc0e76e8f70a5024015b12e3833db1d9a3d8252a343b57edd2efdf2f

HTTP Headers

GET /assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 982
server: openresty
date: Wed, 16 Nov 2022 01:55:36 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6cQvFmwJCKSmCLfqal2AvMCrZtbF7u-tFmfr3TIaMcOlR17CMhdTbw==
age: 1476215
X-Firefox-Spdy: h2

cdn0.dan.com/packs/js/6-17cd7884e1fbb9bc9d21.chunk.js

143.204.55.93

200 OK

65 kB

URL HTTP/2
cdn0.dan.com/packs/js/6-17cd7884e1fbb9bc9d21.chunk.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
65 kB (65352 bytes)
Hash
27e648758f2bca5f82c01704a02cb711
166c0f2e5b295e2f9e475f2c03923de511f83f2a
7e3c00bfc50b0666525c90c95e75f24db094b46ef147710d5b1016355259a311

HTTP Headers

GET /packs/js/6-17cd7884e1fbb9bc9d21.chunk.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 65352
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xSbi_5XtXyLGsdsf3f2NBS0tZ8q8vypy53j696FAHNSLhAXvPnFwDg==
age: 1607572
X-Firefox-Spdy: h2

cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js

143.204.55.93

200 OK

790 B

URL HTTP/2
cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1516)
Size
790 B (790 bytes)
Hash
5ded16adb29a0b410ea4663d16d31c40
dee72581a73c3a15eaa55c2da69baf6920f67871
212fa11629c831197de8b65ec9632e120479f34eeff90626c7f9d9c9d423e247

HTTP Headers

GET /packs/js/runtime~public/shared-849f663fc27cc3b2248e.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 790
server: openresty
date: Wed, 09 Nov 2022 01:32:23 GMT
last-modified: Tue, 08 Nov 2022 17:04:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vuywAqUa8vA4RtRKqCJz_4v6Jqjb8O-2KbEe8IkkEXSFjTpVS-H9SQ==
age: 2082408
X-Firefox-Spdy: h2

cdn2.dan.com/packs/js/public/product-93565822ce0159cf7dd9.chunk.js

143.204.55.93

200 OK

59 kB

URL HTTP/2
cdn2.dan.com/packs/js/public/product-93565822ce0159cf7dd9.chunk.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
59 kB (58634 bytes)
Hash
d1d54d6a01808d4a9baf84d5b7c8e076
5d3b4a3a69e8ce2ff17e3ce0e148c0ea34747e16
87d2ad7a0c7c5b57f41dc78f89020d8c9078ae79d48d1e37de908432911905a0

HTTP Headers

GET /packs/js/public/product-93565822ce0159cf7dd9.chunk.js HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 58634
server: openresty
date: Wed, 30 Nov 2022 13:32:53 GMT
last-modified: Wed, 30 Nov 2022 13:31:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GhcIc0advlCO57nNVrc6HTCYnU58Aw9yqhE7o9ZVi55NwutSwvPI7Q==
age: 224778
X-Firefox-Spdy: h2

cdn2.dan.com/packs/js/7-660c862ac12bd06876b1.chunk.js

143.204.55.93

200 OK

3.8 kB

URL HTTP/2
cdn2.dan.com/packs/js/7-660c862ac12bd06876b1.chunk.js
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (10731)
Size
3.8 kB (3847 bytes)
Hash
a4e27dceae1246f8f488d2dea69f3417
e3d1a77f5e912f4523c4de215516e414e9bb73ca
1a56a0bc05884f824dc2a48dee55f5fe47eb8bf00e4586765c021e125f63eba1

HTTP Headers

GET /packs/js/7-660c862ac12bd06876b1.chunk.js HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 3847
server: openresty
date: Wed, 30 Nov 2022 13:32:53 GMT
last-modified: Wed, 30 Nov 2022 13:31:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9DymGm3dMd1efUDrXG_vjpIfOKCfheC5ePgl2bHCyiNPskaTZxgEIw==
age: 224778
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg

143.204.55.93

200 OK

12 kB

URL HTTP/2
cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4396)
Size
12 kB (11658 bytes)
Hash
386fcff0359a238feae3616089163f60
3861370145d1176cdbeb8d44c70638efd49507e7
0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379

HTTP Headers

GET /assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 11658
server: openresty
date: Mon, 22 Aug 2022 01:42:32 GMT
last-modified: Mon, 18 Jul 2022 15:41:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M3QHn0qsgiPXf2_ajbj0iT702PIWptYRx-7O_6BwEgOHpnNO0zvgWQ==
age: 8907399
X-Firefox-Spdy: h2

cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png

143.204.55.93

200 OK

3.2 kB

URL HTTP/2
cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
PNG image data, 272 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3181 bytes)
Hash
1a20ff7a7df04a852f968c5c988dd6fa
260328a70eeb31d942e6bf3afdc3ba0abf9534f7
5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387

HTTP Headers

GET /assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3181
server: openresty
date: Sun, 28 Aug 2022 01:45:55 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IVnpyJ6ReePTeYvmRfW76aG5k0_S8L_WeWQq4u8bfJhHQbh55QP9dQ==
age: 8388796
X-Firefox-Spdy: h2

cdn2.dan.com/assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg

143.204.55.93

200 OK

4.3 kB

URL HTTP/2
cdn2.dan.com/assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (898)
Size
4.3 kB (4277 bytes)
Hash
b4a9f0ba344eb285f99ea324daeab7d0
82020383fea04966c27241f53e7aad2a74eab53a
523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f

HTTP Headers

GET /assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4277
server: openresty
date: Wed, 07 Sep 2022 02:34:32 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Dw1tTWy1yqA-pbObC8jGoKOF5izc7mDsk1RVq54KPahJ3azD39yA5A==
age: 7521879
X-Firefox-Spdy: h2

cdn1.dan.com/assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg

143.204.55.93

200 OK

2.5 kB

URL HTTP/2
cdn1.dan.com/assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2008)
Size
2.5 kB (2452 bytes)
Hash
60377485c532698023ddb3324aafaff7
9fa2b7b0ee6792bdf3641cb45446b6d72496de1a
374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606

HTTP Headers

GET /assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2452
server: openresty
date: Sat, 05 Nov 2022 03:09:54 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KyjaiuSLGv1iDhWHORolZjrlu9A3lC25lAqK5x_nroO4UQXfXjHqlg==
age: 2422157
X-Firefox-Spdy: h2

cdn0.dan.com/assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg

143.204.55.93

200 OK

4.3 kB

URL HTTP/2
cdn0.dan.com/assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (633)
Size
4.3 kB (4341 bytes)
Hash
4663788bd6ea455409d8d873a1a67005
96bb83e405812d18655e9211ad390d0fbde6a7b1
fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851

HTTP Headers

GET /assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4341
server: openresty
date: Mon, 31 Oct 2022 09:35:37 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pkIfCCWuMP2E-LUCAE9Y19kbII22qtknhy_ggYfM5fUoxUxqSX_BSQ==
age: 2831014
X-Firefox-Spdy: h2

cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2

143.204.55.93

200 OK

42 kB

URL HTTP/2
cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 42052, version 1.0\012- data
Size
42 kB (42052 bytes)
Hash
7d992431ee5e40d98d9ab99cb5cde954
3e82b380c81c2f83e143e4bb1a4437903c689f05
560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc

HTTP Headers

GET /assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2 HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
content-length: 42052
server: openresty
date: Sun, 28 Aug 2022 13:39:13 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9xU4n-ypZpf-vLHrpBvPrrfVxvfgFlKQSMGigtOwYMqJsUGe3JSdEw==
age: 8345998
X-Firefox-Spdy: h2

cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2

143.204.55.93

200 OK

37 kB

URL HTTP/2
cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 37172, version 1.0\012- data
Size
37 kB (37172 bytes)
Hash
6b2f88dd1fc37ad2228bc4b0e12bb011
088cd68a9ce402835ff00e8e2c8ef2ccf4081a3b
1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6

HTTP Headers

GET /assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2 HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
content-length: 37172
server: openresty
date: Thu, 25 Aug 2022 03:15:09 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZC8JPU8DMflB28UfoVynYNs24jQl648XTdXoY7hPlOUqQDDT1RQb3A==
age: 8642642
X-Firefox-Spdy: h2

cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2

143.204.55.93

200 OK

39 kB

URL HTTP/2
cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 38556, version 1.0\012- data
Size
39 kB (38556 bytes)
Hash
15e0a4e9b6fc2834eec6ccba1973aa45
080a7126b7fb4063ea36c06beca3ebfdc4cc63ef
11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a

HTTP Headers

GET /assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
content-length: 38556
server: openresty
date: Tue, 04 Oct 2022 23:13:23 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lDu1uyH_NnFGECJBvBZhOIi2Ebvm3uEyXmqftD61z_Jurh3jqp6j7w==
age: 5114748
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer

142.250.74.40

200 OK

39 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3336)
Size
39 kB (39167 bytes)
Hash
c7fadeb90e74db8ceb642f457fd4335a
276ad4ca5aa0716f31969d879a60881f01ebfd10
eece3529335bb8cac4e7979279bb5b83fb17e747cb8afde5c915be2b5c4f6eb9

HTTP Headers

GET /gtm.js?id=GTM-SXRF&l=_gaDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 03:59:11 GMT
expires: Sat, 03 Dec 2022 03:59:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2

143.204.55.93

200 OK

36 kB

URL HTTP/2
cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 36308, version 1.0\012- data
Size
36 kB (36308 bytes)
Hash
47f09a78e5d17d771fb06bc91e174499
b335fe0226d224782678ff7bea49773993e6f052
cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3

HTTP Headers

GET /assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
content-length: 36308
server: openresty
date: Sat, 01 Oct 2022 04:00:17 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2F71BuxNaNZpjNLzB6puDeapyZ0qEyhQvGj9bggthhInJFBx5bAY6Q==
age: 5443134
X-Firefox-Spdy: h2

cdn1.dan.com/assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2

143.204.55.93

200 OK

34 kB

URL HTTP/2
cdn1.dan.com/assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 34092, version 1.0\012- data
Size
34 kB (34092 bytes)
Hash
9e90e7eccd164bdeee5ae1e9331316d5
4a8c44ec681947f676ee97f33aab743a079eff7b
683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e

HTTP Headers

GET /assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2 HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
content-length: 34092
server: openresty
date: Sun, 02 Oct 2022 02:47:45 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dvHTFWScky57g6KYcnExzXEu0-NqH2Phxue8e1bE695VewC4DsUeFQ==
age: 5361086
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png

143.204.55.93

200 OK

3.1 kB

URL HTTP/2
cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3054 bytes)
Hash
0c59777f5725af9a1d2d9153da1d7176
bc06fbcbf2170fe049279b7a1b6003eef8d6986a
56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290

HTTP Headers

GET /assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3054
server: openresty
date: Tue, 06 Sep 2022 00:23:51 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zPxVvPhLyeu5YKmV9bY7MHpDRra1otvaR8rt6simr1EmksHb2ty6mA==
age: 7616120
X-Firefox-Spdy: h2

cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico

143.204.55.93

200 OK

15 kB

URL HTTP/2
cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15406 bytes)
Hash
91b5b75e4f52df43982200873c1feef6
8a01193959229d10a361d4965e305490544c428c
17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f

HTTP Headers

GET /assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15406
server: openresty
date: Fri, 02 Sep 2022 02:50:15 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Rr_1Ic2qDPL7AsCYShc3I6ublKApoI17UUrvkOGqJ-1-MTWwxE-5rw==
age: 7952936
X-Firefox-Spdy: h2

d1lr4y73neawid.cloudfront.net/clients/pictures/000/012/546/thumb/789.png?1633982593

54.230.245.229

200 OK

4.3 kB

URL HTTP/2
d1lr4y73neawid.cloudfront.net/clients/pictures/000/012/546/thumb/789.png?1633982593
IP
54.230.245.229:0
ASN
#16509 AMAZON-02

File type
PNG image data, 100 x 97, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4278 bytes)
Hash
789c528463dd081487fe3ce90c72ad01
5245906359641ca7cf89b43f694d176a0f4902e7
baebdfbff4a93b9f82000a42da824d8102173ea67d6c8683bde8973461d52b82

HTTP Headers

GET /clients/pictures/000/012/546/thumb/789.png?1633982593 HTTP/1.1
Host: d1lr4y73neawid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 4278
date: Fri, 02 Dec 2022 22:05:03 GMT
last-modified: Mon, 11 Oct 2021 20:03:14 GMT
etag: "789c528463dd081487fe3ce90c72ad01"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bvrlgzv5anYlw3F7j5QxZXArw6VMAm6OLl7q74WETvC3s4Aybxhy9A==
age: 21249
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 02:46:55 GMT
expires: Sat, 03 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 4336
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Domain%20Negotiation&ea=00%20-%20Domain%20Detail%20Page%20-%20Viewed&el=&ev=0&_u=YCDAgEABAAAAAEAAI~&jid=&gjid=&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=773288313

142.250.74.46

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Domain%20Negotiation&ea=00%20-%20Domain%20Detail%20Page%20-%20Viewed&el=&ev=0&_u=YCDAgEABAAAAAEAAI~&jid=&gjid=&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=773288313
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /collect?v=1&_v=j98&aip=1&a=739951943&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Domain%20Negotiation&ea=00%20-%20Domain%20Detail%20Page%20-%20Viewed&el=&ev=0&_u=YCDAgEABAAAAAEAAI~&jid=&gjid=&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=773288313 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Fri, 02 Dec 2022 21:14:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 24298
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&dp=%2Fbuy-domain%2FSafExpress.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=34358707&gjid=961921500&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=748157991

142.250.74.46

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&dp=%2Fbuy-domain%2FSafExpress.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=34358707&gjid=961921500&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=748157991
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /collect?v=1&_v=j98&aip=1&a=739951943&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&dp=%2Fbuy-domain%2FSafExpress.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=34358707&gjid=961921500&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=748157991 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Fri, 02 Dec 2022 21:14:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 24298
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10877 bytes)
Hash
dbee75c6c314655f738b57b828bef016
bb36d39c7adf764e8a7dcf7f91125001623975b4
fd40949b9711db01be746d1723f78c2bb04d356063c6249b8b5ae1470532367a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10877
x-amzn-requestid: bebc4f7f-7349-4973-99f5-d6c3b8a27072
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1G2uIAMFryg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-0637a1a946db78074bc19dc3;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WKEeqfEv-NjZr_39K27vuE9FrqYcJCI5oQk0_JIl_HuO3iA0f57_vw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "bb36d39c7adf764e8a7dcf7f91125001623975b4"
content-type: image/jpeg
age: 22184
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6119 bytes)
Hash
7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: cac5842e-2b57-4eda-9b09-27ec8a0b1bf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMiE7Hq0oAMFzHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381b085-151f123551f999a918de8a3a;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 06:21:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrS561ug59NStQyD3cH4ndqGvY3QiLVeMFOoC86ktj52PghNjeYa5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 20:55:39 GMT
age: 25412
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:43:28 GMT
age: 15343
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10454 bytes)
Hash
94556ef834fbd97092ea3e546fece90d
3f75442d8577c6272b9a3fdf2c5d1305c5e02703
0e49c3b246f4f999404e408e5326c636584f18ddaeec4ff50ffdd74ad48b9dd3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10454
x-amzn-requestid: 3c95e941-d127-43a5-a338-7fff4e751367
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfcG82IAMF2JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f95-4dde51fa769890d057216cfa;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9SmDwSJvrZtLjFHfJaAyU400NiFVaBvpQhBGte0ghHYwc2UGj-rT6g==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:46:19 GMT
age: 69172
etag: "3f75442d8577c6272b9a3fdf2c5d1305c5e02703"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11942 bytes)
Hash
becc8cdba57494c6fe212eb67634e1eb
c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8
fbb25b88b10a818bb0c6ad385b1e5ba54b87672c73bfa8a9c1ecb17dcc689d5a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11942
x-amzn-requestid: ba8a5d03-7796-4c6d-a6df-3cc71b1c5259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: chqukGmWoAMFtLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a24c3-609dc90d769060d30a16e3df;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 16:16:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m6j_3bDGFIAHQYzrZ1zXqUb-HbEJ8XCoGH5mgBFOWRbLzoSiuNBnhg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:59:25 GMT
age: 21586
etag: "c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&gjid=961921500&_gid=551397498.1670039950&_u=YCDAgEABAAAAAEAAI~&z=1915156602

108.177.14.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&gjid=961921500&_gid=551397498.1670039950&_u=YCDAgEABAAAAAEAAI~&z=1915156602
IP
108.177.14.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&gjid=961921500&_gid=551397498.1670039950&_u=YCDAgEABAAAAAEAAI~&z=1915156602 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://dan.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 03:59:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img6.wsimg.com/wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js

95.101.10.129

200 OK

26 kB

URL HTTP/2
img6.wsimg.com/wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js
IP
95.101.10.129:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26451 bytes)
Hash
1b35ac89aa280157745cc3b566070fa3
8ae3305e9d1e5e2e7258a48557a15e1e2fc636ad
fe1df342da34e32551cff1e667de4b39d9cca5c022c92a9ade464949558a740d

HTTP Headers

GET /wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "0bd7e7814002fbb87e2a508205f02600"
last-modified: Thu, 01 Dec 2022 16:44:00 GMT
vary: Accept-Encoding
x-amz-id-2: PpHUH6LOgBrEbknCqxTTVhP6ob+Rb+6fNWeuOpbvf/PRd8WlJeSn+8kgwfWK3xDAWj0w5wm/QX0=
x-amz-request-id: 05Y6FBB0K3S54JG8
x-amz-server-side-encryption: AES256
x-amz-version-id: TxSv3j0ESygXAmch._bj0eAa2T9J5IsX
content-length: 26451
cache-control: max-age=31536000
date: Sat, 03 Dec 2022 03:59:11 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

widget.intercom.io/widget/e2frgfyw

143.204.237.85

200 OK

6.2 kB

URL HTTP/2
widget.intercom.io/widget/e2frgfyw
IP
143.204.237.85:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Size
6.2 kB (6169 bytes)
Hash
c09ae91e2dcfb777d597f4dedc79710f
d344e323099e3cb698054abbf16d65fc2649eaeb
2fc33c960726f83f005d0990df446e45120785f0b57565cd27799e17ce903204

HTTP Headers

GET /widget/e2frgfyw HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6169
last-modified: Fri, 02 Dec 2022 13:52:24 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: d_IbJEDUE2FVwmaU2TO8SWvN318LPCj2
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 03:46:35 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "c09ae91e2dcfb777d597f4dedc79710f"
x-cache: Error from cloudfront
via: 1.1 e5f9cea29f02f6a9a9b4da9c89f48d00.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uaK55y3qHDYmoWJ5R04Z2gvYhYOoZEXmLafQg-ohi3O6nDw3o1PpFA==
age: 840
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

95.101.10.129

200 OK

7.5 kB

URL HTTP/2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP
95.101.10.129:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (24676)
Size
7.5 kB (7498 bytes)
Hash
b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492

HTTP Headers

GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Wed, 16 Jun 2021 22:03:01 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 3
x-edgeconnect-origin-mex-latency: 654
x-amz-id-2: Bt3x3iTv8Fk+aaaS+GUkBMe+ASr0HEMDh339t8gjL9ozG+jBiKIjzxbTtgmm6ZRh5XVuxORtokQ=
x-amz-request-id: XNK8Z8KQATPTCZRH
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Sat, 03 Dec 2022 03:59:12 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.intercomcdn.com/vendor.938ae274.js

54.230.111.84

200 OK

108 kB

URL HTTP/2
js.intercomcdn.com/vendor.938ae274.js
IP
54.230.111.84:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65431)
Size
108 kB (108202 bytes)
Hash
b7988c135790ccd3f4d341afb68cca5b
0385874ae2b2bb0020ba46b45c7bab2142302ff7
1956f01618e3481ef2bf085d8e332eb54ee20ec239a419a9ff9194a354e90adf

HTTP Headers

GET /vendor.938ae274.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108202
last-modified: Thu, 01 Dec 2022 15:09:17 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: tyzNczSTUeCL7.nKG3IX3S.1ZBSF0MXp
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 03:10:55 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "b7988c135790ccd3f4d341afb68cca5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sT20zqG99-HZpqfB3bqUBzVNkhtkaPuBVav7sgFZbhabAaT3yWNfeQ==
age: 2897
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6416 bytes)
Hash
585e7e56aed6b2f2f5e658f46bb791c4
34b768eb68f6cb850ff984fd687096e089649523
5412ba902e667571b0bbb3879ba6b9ad39501abce59381e84e6aa09779e7198b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: f5456dd6-8459-4a19-a9b5-b7b567fceb01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cik2pG5aoAMFrVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a81c3-0923232b35133f471332062b;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 22:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BcPHhLbQww4yB62w_Sijc6jSoM9okXUlZhMmjri_4thEEniDgcdGuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:57:10 GMT
etag: "34b768eb68f6cb850ff984fd687096e089649523"
content-type: image/jpeg
age: 121
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 03:59:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 03:59:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2bbe46fa69c17bc5e3500bf9ffa148a5
a4d9195bdf52bc00e934fdff7ccd1552e0cbafae
f2ebec6ae0f33d289de0d86468f249fdc39bf2c8f44a2eb14de1fa2231ca5476

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137444
Date: Sat, 03 Dec 2022 03:59:12 GMT
Etag: "638a26df-1d7"
Expires: Sun, 04 Dec 2022 18:09:56 GMT
Last-Modified: Fri, 02 Dec 2022 16:25:03 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q4cwAhCBHOeGx18xY7ecifEbr6ow924uDgs_flr6hNM651e_MwT8QA==
Age: 6293

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1c30f6c1039e48267b51395e9cc95cd2
4e936f935a921b0e1ed9c5594346db864c008b32
63d4a4d1faff59ad6b08f04c1627a9bbaccc19a6ccf2dc0c0e2c7eba4c66573b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120882
Date: Sat, 03 Dec 2022 03:59:12 GMT
Etag: "6389e643-1d7"
Expires: Sun, 04 Dec 2022 13:33:54 GMT
Last-Modified: Fri, 02 Dec 2022 11:49:23 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZgujmZWeNmQdCDZPnMTYQvMdTPAewvoyu3LAVQJ65TLxhqhnlU4EWA==
Age: 6271

events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f&timestamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none

95.101.10.130

302 Found

0 B

URL HTTP/2
events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f&timestamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none
IP
95.101.10.130:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f&timestamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
location: https://events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f&timestamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&CookieTest=1
date: Sat, 03 Dec 2022 03:59:12 GMT
set-cookie: traffic=; domain=.secureserver.net; path=/;
X-Firefox-Spdy: h2

events.api.secureserver.net/b.aspx?timestamp=1670039950039&corrid=710629098&referrer=https%3A%2F%2Fsafexpress.xyz%2F&vs=visible&rand=363794553&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2022-12-03T03%3A59%3A10.040Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1670039949231&connectStart=1670039949170&domComplete=1670039949853&domContentLoadedEventEnd=1670039949753&domContentLoadedEventStart=1670039949752&domInteractive=1670039949734&domLoading=1670039949362&domainLookupEnd=1670039949169&domainLookupStart=1670039949136&fetchStart=1670039949115&navigationStart=1670039949114&requestStart=1670039949231&responseEnd=1670039949359&responseStart=1670039949358&loadEventStart=1670039949853&loadEventEnd=1670039949854&transferSize=14807&encodedBodySize=13416&decodedBodySize=46681&navigationType=navigate&fcp=556&hit_id=9525587b-679a-5495-ba90-0217c04f4b2c&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&trace_id=00b98c789a82577d96a336bc0b284b4f

95.101.10.130

200 OK

43 B

URL HTTP/2
events.api.secureserver.net/b.aspx?timestamp=1670039950039&corrid=710629098&referrer=https%3A%2F%2Fsafexpress.xyz%2F&vs=visible&rand=363794553&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2022-12-03T03%3A59%3A10.040Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1670039949231&connectStart=1670039949170&domComplete=1670039949853&domContentLoadedEventEnd=1670039949753&domContentLoadedEventStart=1670039949752&domInteractive=1670039949734&domLoading=1670039949362&domainLookupEnd=1670039949169&domainLookupStart=1670039949136&fetchStart=1670039949115&navigationStart=1670039949114&requestStart=1670039949231&responseEnd=1670039949359&responseStart=1670039949358&loadEventStart=1670039949853&loadEventEnd=1670039949854&transferSize=14807&encodedBodySize=13416&decodedBodySize=46681&navigationType=navigate&fcp=556&hit_id=9525587b-679a-5495-ba90-0217c04f4b2c&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&trace_id=00b98c789a82577d96a336bc0b284b4f
IP
95.101.10.130:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /b.aspx?timestamp=1670039950039&corrid=710629098&referrer=https%3A%2F%2Fsafexpress.xyz%2F&vs=visible&rand=363794553&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2022-12-03T03%3A59%3A10.040Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1670039949231&connectStart=1670039949170&domComplete=1670039949853&domContentLoadedEventEnd=1670039949753&domContentLoadedEventStart=1670039949752&domInteractive=1670039949734&domLoading=1670039949362&domainLookupEnd=1670039949169&domainLookupStart=1670039949136&fetchStart=1670039949115&navigationStart=1670039949114&requestStart=1670039949231&responseEnd=1670039949359&responseStart=1670039949358&loadEventStart=1670039949853&loadEventEnd=1670039949854&transferSize=14807&encodedBodySize=13416&decodedBodySize=46681&navigationType=navigate&fcp=556&hit_id=9525587b-679a-5495-ba90-0217c04f4b2c&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&trace_id=00b98c789a82577d96a336bc0b284b4f HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1

2.18.173.203

200 OK

2 B

URL HTTP/2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1
IP
2.18.173.203:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

HTTP Headers

GET /utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
unused62: 8096267
cache-control: max-age=600
expires: Sat, 03 Dec 2022 04:09:12 GMT
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2

95.101.10.130

200 OK

43 B

URL HTTP/2
events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f&timestamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&CookieTest=1
IP
95.101.10.130:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f&timestamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&CookieTest=1 HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dan.com
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2

nexus-websocket-a.intercom.io/pubsub/5-fn2ToC45Ip8WMiiSh11iVjgLrmaPX89yHZq3cey2F4CdoF2S3Wxm-Ctvpq1EZnLTXksYKMatzHoprwALXuMatMxceUNkxZqnhq-H?c=1&X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined

35.174.127.31

101 Switching Protocols

0 B

URL HTTP/1.1
nexus-websocket-a.intercom.io/pubsub/5-fn2ToC45Ip8WMiiSh11iVjgLrmaPX89yHZq3cey2F4CdoF2S3Wxm-Ctvpq1EZnLTXksYKMatzHoprwALXuMatMxceUNkxZqnhq-H?c=1&X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP
35.174.127.31:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-fn2ToC45Ip8WMiiSh11iVjgLrmaPX89yHZq3cey2F4CdoF2S3Wxm-Ctvpq1EZnLTXksYKMatzHoprwALXuMatMxceUNkxZqnhq-H?c=1&X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://dan.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J9Zdt2GNZ7ALeweVVNeq4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sat, 03 Dec 2022 03:59:13 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JII8r5EpiCJfdlJIR9erl5JHqfE=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

safexpress.xyz/

172.67.195.190

200 OK

0 B

URL HTTP/2
safexpress.xyz/
IP
172.67.195.190:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: safexpress.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 03 Dec 2022 03:59:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNXGdTtR7HFbxF%2Bq%2F3%2BpIFQpDtvKuSlkRD3AknWKX4GwEFryBcBL8FtF5FWBcD%2FDQZjQr0%2FvG12ewhyjtQms3k3KoVcUbN5Kp0dkrXn7kcrF8U3UDSzO5KNcHkx0tH5RQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773963572bacb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dan.com/packs/spritemap.svg

3.70.113.20

200 OK

0 B

URL HTTP/2
dan.com/packs/spritemap.svg
IP
3.70.113.20:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /packs/spritemap.svg HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/SafExpress.xyz
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=8pqtSjK4sZPwhXPfh1lZOyCmlT7t8SV%2FDgrBANCX0yEzt53oKBlXKQn%2FpmRfljHXvHLkZ8968q9C6Ak7nbaNnDu6npA5CZdoK8a3lOCcXTb00PwiKyiaXW77JGxU75K%2FdFj6VUssS8hssRXNR%2BHP6%2BfqWS6c8rJhDPPvgxQzqCg6IEit1rdpBeexX2gmcDs7WCt%2F0SalQ55XTccdJ%2BHz6a7Rt%2BczqhV7YBqm7y7sND4HhnVDO1csHTGJHFn4KpragiYuUKIajUdzCcwpk8YY6g6WTGJbZFjhsrr5sEVqPPKfr7s78dMUTf4Sz33IVlhQxDCKwWrC%2B7Lj6%2BTe3hAqq7QqNS5Ii5SAHqCRUqBejISjEzUSvQyrZmPX8UKaWjK3cRyI0tQwObIAmAmde1ig7TYKWVmNCT1gC89PFSwhui4qF0C9b3FkCjNf47AQiTiNGG3oy%2BjwGw9UUNDLrhF7aA%3D%3D--gi6YyoJ29UvzeJ42--06K5%2FXYnPsnzRAnSoT0c2A%3D%3D; time_zone_offset=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 03 Dec 2022 03:59:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 15:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

js.intercomcdn.com/frame.369c9ae4.js

54.230.111.84

200 OK

0 B

URL HTTP/2
js.intercomcdn.com/frame.369c9ae4.js
IP
54.230.111.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frame.369c9ae4.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138356
last-modified: Fri, 02 Dec 2022 13:50:53 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: DHm_4aT7Sj3vHeacrpdQ2rEImbnQ7YzP
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 03:52:28 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "d11253baa33f7f10ed37abcb98047875"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _UYLvR2HMb7zQNeVRkf6lL3Pv_hT0eEVXl9BeuP3mSiycT_ORyWXsA==
age: 404
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/gpl/main/prod/utag.js

2.18.173.203

200 OK

0 B

URL HTTP/2
tags.tiqcdn.com/utag/gpl/main/prod/utag.js
IP
2.18.173.203:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /utag/gpl/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "439c93448d07863f01b4baa0db40ee45:1642582496.491697"
last-modified: Wed, 19 Jan 2022 08:54:56 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 03 Dec 2022 04:04:12 GMT
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2

dan.com/domain_views

3.70.113.20

200 OK

0 B

URL HTTP/2
dan.com/domain_views
IP
3.70.113.20:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /domain_views HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/SafExpress.xyz
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 140
Origin: https://dan.com
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=8pqtSjK4sZPwhXPfh1lZOyCmlT7t8SV%2FDgrBANCX0yEzt53oKBlXKQn%2FpmRfljHXvHLkZ8968q9C6Ak7nbaNnDu6npA5CZdoK8a3lOCcXTb00PwiKyiaXW77JGxU75K%2FdFj6VUssS8hssRXNR%2BHP6%2BfqWS6c8rJhDPPvgxQzqCg6IEit1rdpBeexX2gmcDs7WCt%2F0SalQ55XTccdJ%2BHz6a7Rt%2BczqhV7YBqm7y7sND4HhnVDO1csHTGJHFn4KpragiYuUKIajUdzCcwpk8YY6g6WTGJbZFjhsrr5sEVqPPKfr7s78dMUTf4Sz33IVlhQxDCKwWrC%2B7Lj6%2BTe3hAqq7QqNS5Ii5SAHqCRUqBejISjEzUSvQyrZmPX8UKaWjK3cRyI0tQwObIAmAmde1ig7TYKWVmNCT1gC89PFSwhui4qF0C9b3FkCjNf47AQiTiNGG3oy%2BjwGw9UUNDLrhF7aA%3D%3D--gi6YyoJ29UvzeJ42--06K5%2FXYnPsnzRAnSoT0c2A%3D%3D; time_zone_offset=0; _gid=GA1.2.551397498.1670039950; _gat=1; traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=82d45c0d-5378-5c54-865b-ee8fb7a33dfb; fb_sessiontraffic=C_TOUCH=2022-12-03T03:59:10.030Z&pathway=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&V_DATE=2022-12-03T03:59:10.028Z&pc=1; visitor=vid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 03 Dec 2022 03:59:12 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=rwGEf3KOBuipC3pBVNn7%2FXQRbPllC8TOR1chwhywwkiDCEpSstjRSKp%2BEGS7vEvzojC9Y02GVYIvNaiW4aOy27N%2FB3Wf6go19UvGp2RpoPNCJwxg65%2FCo%2Fni%2BegEIIKCrXZV3gRLWd4oOoy%2FFgM8v6CH1vbKqNnqJBb41sKvu5vm8lKbStnoADWwgWcthCEuBNZRGJE4pbNeeMI7eCyHK3npkFvrewSejVsF5SQYxxLfj50powH8rqBIcY1izqtrlUExj2di%2FnRMsFpjHwJ%2F9QkGbJMmbq%2FrTmnVPrJr%2F8NhzRpjF2s8jgtkGyHAGAlyDKko%2BY3XjO4pjMYkIrcv9%2F0qrGHlZvf61kg2xEshm3ZQnP9wk0uo%2ByLdXjW42pTOWTcMLIoFHDT24LL9LDp9caM9ICfEBmu19XnTU6GIbo2lQxrsMCgQLOaztSvNtHCKIaO9Pd9x%2F9f86oRWrrzPFhXyH1CTmmiGWyKnojU8Ii%2Fqk6O1W0B%2FGeL%2Bx%2FzFy02fPcwrwKhtCEw2qCnc--VWcM%2FBgUW1WZVt7H--fI%2BlIODYFi9fOCIXkoqyAA%3D%3D; path=/; secure; HttpOnly
x-request-id: 0d77bfcc-9ef9-4ba3-91ed-3b147e3d33e8
x-runtime: 0.012418
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2

api-iam.intercom.io/messenger/web/ping

52.20.196.176

200 OK

0 B

URL HTTP/2
api-iam.intercom.io/messenger/web/ping
IP
52.20.196.176:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 511
Origin: https://dan.com
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 03:59:12 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1670039960
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13319
access-control-allow-origin: https://dan.com
vary: Accept,Accept-Encoding
x-intercom-version: 59933413683577c3bea1b8fcabfd7f09460f2e4a
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 000a3l56js15ad1cs4ag
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"3e1a61f18c1f7011e430a41434a2ae3f"
x-runtime: 0.255750
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0e0148d2928d0c348
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations