| travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2020111217022617.PNG | 104.27.206.92 | | 15 kB |
URL travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2020111217022617.PNG IP104.27.206.92:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3 Hash93f724df075a25681817572cb7c26def bb949fa65bca93e8eabed96775f006d45a5fa85f 049409ae1f5609755051d9d8cd8ba8267730d625d22e362348f13e67fc2af812
GET /cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2020111217022617.PNG HTTP/1.1
Host: travelimg.yam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:12 GMT
content-type: image/jpeg
content-length: 15442
cf-ray: 87a7be8c4b36712a-OSL
cf-cache-status: HIT
accept-ranges: bytes
cache-control: max-age=16070400
etag: "cfn91FvyP0FgTqJWyf_bHwwUw__h8U8Ar-qbnpfcXEDQ:7495b8bd2b8d61:0"
last-modified: Thu, 12 Nov 2020 09:02:26 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=16+0 c=11+26 v=2024.4.0 l=15442
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
priority: u=1;i=?0,cf-chb=(259;u=3;i=?0 1772;u=5;i=?0 13514;u=6;i=?0)
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMzkRo6UqqESw%2BRAK%2Bf%2FZYL7HPr4dP2lUHLu6VDvw8EomX%2F2F6Khx4qZTJ4df3drNeoV1t66qRlbvXnNU3F2MSSa9iL2KH5wd6J89FEWR%2FaeUj2OK6HbYCxSCvDKvz6ayGg6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-16227618-1 | 142.250.74.168 | | 71 kB |
URL www.googletagmanager.com/gtag/js?id=UA-16227618-1 IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (1763) Hashb497c96a7ed26a4f6acd02258635605f 4cb0230819854b8f9779fc8b429b92f096264370 5007ed7030cd3a17d37f6a5fb2b6d1fded11b6f09d267bcbdda2758effabc9a2
GET /gtag/js?id=UA-16227618-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 15:53:12 GMT
expires: Fri, 26 Apr 2024 15:53:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js | 151.101.65.229 | | 33 kB |
URL cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js IP151.101.65.229:0
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /npm/jquery@3.5.1/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.5.1
x-jsd-version-type: version
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 15:53:12 GMT
age: 3775498
x-served-by: cache-fra-etou8220059-FRA, cache-hel1410026-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32699
X-Firefox-Spdy: h2
|
|
| s.yam.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyeWFtU2hhcmUtJUU3JUI4JUFFJUU3JUI2JUIyJUU1JTlEJTgwJUU2JTlDJThEJUU1JThCJTk5JTIyJTJDJTIyeCUyMiUzQTAuNDc1NzY1ODM4MzgyMjU0ODQlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnMueWFtLmNvbSUyRnhHaThEJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMCUyMiUyQyUyMmNvbmZpZyUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMSUyMiUyQyUyMlVBLTE2MjI3NjE4LTElMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q= | 104.27.206.92 | | 105 kB |
URL s.yam.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyeWFtU2hhcmUtJUU3JUI4JUFFJUU3JUI2JUIyJUU1JTlEJTgwJUU2JTlDJThEJUU1JThCJTk5JTIyJTJDJTIyeCUyMiUzQTAuNDc1NzY1ODM4MzgyMjU0ODQlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnMueWFtLmNvbSUyRnhHaThEJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMCUyMiUyQyUyMmNvbmZpZyUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMSUyMiUyQyUyMlVBLTE2MjI3NjE4LTElMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q= IP104.27.206.92:0
File typeJavaScript source, ASCII text, with very long lines (4388) Size105 kB (105138 bytes) Hash1ea1d536628a519bf091429718400302 60bc7fe52a5ba16e6004a10ff550a766de9f67d2 cbd1d0ec276f8f767b02da5f736cf4e6bfaf1a1430f67a8b47581474fb310e43
GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyeWFtU2hhcmUtJUU3JUI4JUFFJUU3JUI2JUIyJUU1JTlEJTgwJUU2JTlDJThEJUU1JThCJTk5JTIyJTJDJTIyeCUyMiUzQTAuNDc1NzY1ODM4MzgyMjU0ODQlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnMueWFtLmNvbSUyRnhHaThEJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMCUyMiUyQyUyMmNvbmZpZyUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMSUyMiUyQyUyMlVBLTE2MjI3NjE4LTElMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q= HTTP/1.1
Host: s.yam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.yam.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:12 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://s.yam.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-max-age: 600
set-cookie: google-analytics_v4_HXmK__engagementDuration=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_HXmK__engagementStart=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_HXmK__counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_HXmK__ga4sid=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_HXmK__session_counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_HXmK__ga4=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_HXmK__let=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_fhIF__engagementDuration=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_fhIF__engagementStart=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_fhIF__counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_fhIF__ga4sid=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_fhIF__session_counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_fhIF__ga4=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_fhIF__let=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_nmDu__engagementDuration=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_nmDu__engagementStart=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_nmDu__counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_nmDu__ga4sid=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_nmDu__session_counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_nmDu__ga4=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_nmDu__let=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_qlqb__engagementDuration=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_qlqb__engagementStart=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_qlqb__counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_qlqb__ga4sid=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_qlqb__session_counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_qlqb__ga4=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_qlqb__let=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR__engagementDuration=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR__engagementStart=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR__counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR__ga4sid=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR__session_counter=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR__ga4=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR___z_ga_audiences=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
google-analytics_v4_xcVR__let=; Domain=yam.com; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
cfz_google-analytics_v4=%7B%22HXmK_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_ga4sid%22%3A%7B%22v%22%3A%221888461634%22%2C%22e%22%3A1714148592578%7D%2C%22HXmK_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_ga4%22%3A%7B%22v%22%3A%221fd7144e-6a33-424f-8b7c-9c51ddf4473a%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_ga4sid%22%3A%7B%22v%22%3A%221444559350%22%2C%22e%22%3A1714148592578%7D%2C%22fhIF_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_ga4%22%3A%7B%22v%22%3A%220b3b66e8-4ad5-4ad2-a6bb-26c2be54869a%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_ga4sid%22%3A%7B%22v%22%3A%22789073938%22%2C%22e%22%3A1714148592578%7D%2C%22nmDu_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_ga4%22%3A%7B%22v%22%3A%2297ec5251-21b7-4455-aa9d-f2878fb16e12%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_ga4sid%22%3A%7B%22v%22%3A%222024086786%22%2C%22e%22%3A1714148592578%7D%2C%22qlqb_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_ga4%22%3A%7B%22v%22%3A%22edbee4e9-9742-4d88-8e45-c918200291c6%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_ga4sid%22%3A%7B%22v%22%3A%221019036373%22%2C%22e%22%3A1714148592578%7D%2C%22xcVR_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_ga4%22%3A%7B%22v%22%3A%22a045ec2c-8a78-4e0b-9735-d1c9a9ade8c5%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR__z_ga_audiences%22%3A%7B%22v%22%3A%22a045ec2c-8a78-4e0b-9735-d1c9a9ade8c5%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%7D; Domain=yam.com; Path=/; Max-Age=31536000000; HttpOnly; Secure; SameSite=Lax
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=duHBScmVp2%2FOcBmnKiKTKZB%2B9ILDHHwvXtKiUm8NPApLqAyVI29z45v%2F%2FKW2hSNjJNYiM6N%2FcYV%2B49O4yreDzR%2BDkmP4s19TowOB7RT7MPorbp6GDYseRLExUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a7be8d8cff712a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img.yamedia.tw/2021/share/logo.png | 104.21.61.68 | | 143 B |
URL img.yamedia.tw/2021/share/logo.png IP104.21.61.68:0
File typeHTML document, ASCII text, with CRLF line terminators Hashcb7b8f439b04c00f4a2d78160ddfee8d 9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4 12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e
GET /2021/share/logo.png HTTP/1.1
Host: img.yamedia.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 15:53:12 GMT
content-type: text/html
content-length: 143
location: https://yamedia.yam.com/2021/share/logo.png
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2BY6zUPpDC4T6%2FgxrOS%2FVkKru%2Bqnp7ELxDlH48ql6R%2B2BNxflwYgdHAmj3opDSHd1VARDxZoXm2x00jgmL%2Bv%2BlU%2F%2BM0dl67Ue23Rz0jlQLYD66O7CLXiNKM0k0KIwJC7qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7be8e3a8656a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2022082609183827.jpg | 104.27.206.92 | | 24 kB |
URL travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2022082609183827.jpg IP104.27.206.92:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3 Hashacd5b72fc1f23a2f4f212d089533e0b7 5078f4d77e4e0f171d18ec25226a4fed08df94af b46b27b83274ec04ae88b815c230bb55c686b393fed2eb5e5724a904364df941
GET /cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2022082609183827.jpg HTTP/1.1
Host: travelimg.yam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:12 GMT
content-type: image/jpeg
content-length: 24402
cf-ray: 87a7be8c4b38712a-OSL
cf-cache-status: HIT
accept-ranges: bytes
cache-control: max-age=16070400
etag: "cf0i-AlQ8TRhW2Ulg7CkVRK6p8_h8U8Ar-qbnpfcXEDQ:e1522ac5e9b8d81:0"
last-modified: Fri, 26 Aug 2022 01:18:38 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/h q=0 n=13+0 c=10+29 v=2024.4.0 l=24402
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
priority: u=1;i=?0,cf-chb=(261;u=3;i=?0 1864;u=5;i=?0 14170;u=6;i=?0)
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0a9PDzrTNpGuNdKoFL0gLDr515Do3Tg040zh5fQX%2B5UeqQbgnGFhRq7ro2DO3KRuN7SN%2F3WcSB%2FVfpYvr5KqzzOqyhMorzre9H%2BEilKJ1h6NaAqpe59NdnBbo9XEPJ71J4Ts"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
|
|
| yamedia.yam.com/2021/share/logo.png | 104.27.206.92 | | 12 kB |
URL yamedia.yam.com/2021/share/logo.png IP104.27.206.92:0
File typePNG image data, 300 x 200, 8-bit/color RGB, non-interlaced Hash1e4551e23432dece821020d90320483a 704bedcaa5c257a74a5674d31f6964a0de962707 5f997ca61624888d3988d80c47db733d41a48cfaafb851ff246b4b756eedf664
GET /2021/share/logo.png HTTP/1.1
Host: yamedia.yam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.yam.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:13 GMT
content-type: image/png
content-length: 11967
cf-bgj: imgq:100,h2pri
cf-polished: origSize=15099
content-md5: Y+1jEmgYjP8CiQLDg0WN9Q==
etag: "0x8D8C3382A364852"
last-modified: Thu, 28 Jan 2021 02:55:26 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0852fec3-f01e-0048-01c3-7992a3000000
x-ms-version: 2014-02-14
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QGq4U5s5XPgTVARMRf1reO0J3RCUkNviZSndRwPlqlvDBpQEk7Niogo5%2B1767W1saTrNhLzbfEw3CuyCCwzrOXBcIY%2BpQigyCXkJvMHn8VNdcR00pKhfr6dKQRHByrkFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7be8e7ded712a-OSL
X-Firefox-Spdy: h2
|
|
| affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3& | 34.149.108.21 | | 775 B |
URL affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3& IP34.149.108.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeHTML document, ASCII text, with very long lines (1158) Hash8fbf0dc99242ece9058015c5383e022f f3f56f7214d21717f1f00bbfd6f21ebbb7f871e1 9e7daa38bbdc37fcb94ed575b75e55bfee42d30d5b91d3d1fca2a5c4f8254652
GET /v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3& HTTP/1.1
Host: affiliate.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 775
date: Fri, 26 Apr 2024 15:53:12 GMT
vary: Accept-Encoding
set-cookie: kepler_id=9ccd2739-b9a8-4dbb-97c5-8d804150f822; path=/; expires=Sun, 26 Apr 2026 15:53:12 GMT; samesite=none; secure
server-timing: render-all;dur=1
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubdomains
x-readtime: 1
content-encoding: gzip
x-kong-upstream-latency: 3
x-kong-proxy-latency: 0
server: ReplaceHeaderValue
via: 1.1 google
x-cdn-vendor: gcp
x-cdn-cache: miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-NN9H58G4F7https%3A%2F%2Fs.yam.com%2FxGi8Ds.yam.com&cid=a045ec2c-8a78-4e0b-9735-d1c9a9ade8c5&_u=KGDAAEADQAAAAC%7E&z=2084220015&slf_rd=1 | 216.58.211.4 | | 42 B |
URL www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-NN9H58G4F7https%3A%2F%2Fs.yam.com%2FxGi8Ds.yam.com&cid=a045ec2c-8a78-4e0b-9735-d1c9a9ade8c5&_u=KGDAAEADQAAAAC%7E&z=2084220015&slf_rd=1 IP216.58.211.4:0
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-NN9H58G4F7https%3A%2F%2Fs.yam.com%2FxGi8Ds.yam.com&cid=a045ec2c-8a78-4e0b-9735-d1c9a9ade8c5&_u=KGDAAEADQAAAAC%7E&z=2084220015&slf_rd=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.yam.com/
Origin: https://s.yam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Apr 2024 15:53:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-origin: https://s.yam.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=1817582744.1714146793>m=45je44o0v874613512za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=794147826 | 142.250.74.163 | | 42 B |
URL www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=1817582744.1714146793>m=45je44o0v874613512za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=794147826 IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=1817582744.1714146793>m=45je44o0v874613512za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=794147826 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Apr 2024 15:53:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d7bbeb7f.js | 54.230.111.69 | | 104 kB |
URL cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d7bbeb7f.js IP54.230.111.69:0
File typegzip compressed data, from Unix Size104 kB (103931 bytes) Hashe831f042515f82ae25f19bb5a2df49e3 d71262d8e1576b4ac59cc71887c5bf3467a68b5e 71bf1b0ce7422dd5f3b485baa3289f9b7932c3530cbe6fdbc1e1cbe2b17958aa
GET /s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d7bbeb7f.js HTTP/1.1
Host: cdn.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://affiliate.klook.com
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
server: nginx
date: Tue, 02 Apr 2024 09:05:24 GMT
x-amz-id-2: C1kHsjcsSYu7ewzDAhxWvLA5VIXmff18SL81hQgQACn3gf2Iy1b7ii7PEMm7t2WYzNDqkdjbXKI=
x-amz-request-id: 2DB0BS9RHKT0MREN
last-modified: Tue, 02 Apr 2024 08:53:26 GMT
etag: W/"470ca841deb07688ba8a5f0d1fff0b89"
x-amz-server-side-encryption: AES256
expires: Wed, 02 Apr 2025 09:05:24 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubdomains
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w9Wk2nsc9zrYp9MMAHWExWyXCXt5cZTG5KWKtT8t8p6QdCAyP0dObA==
age: 2098069
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1693 | 216.239.32.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1693 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1693 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s.yam.com
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://s.yam.com
date: Fri, 26 Apr 2024 15:53:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/jhqvidoafgkvf4z1r14y.jpg | 54.230.111.69 | | 45 kB |
URL res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/jhqvidoafgkvf4z1r14y.jpg IP54.230.111.69:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 150x150, segment length 16, progressive, precision 8, 650x420, components 3 Hash07c109c31f87086d7b72c9c947aadfca 007e41b905ec6d64caddc7586ddc49b1b7ee0b3b 35b366ed70412171be1d79b16c7a871ea1f368f60b76f66f2acd556e9746e59b
GET /image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/jhqvidoafgkvf4z1r14y.jpg HTTP/1.1
Host: res.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 45072
etag: "07c109c31f87086d7b72c9c947aadfca"
last-modified: Thu, 11 Apr 2024 03:27:47 GMT
date: Thu, 11 Apr 2024 04:49:52 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PcMWf0Fo57M-s05HpYYjlLLJD5eXwSGCpcc7T8yT_u-_FuzmwMa1ww==
age: 1335801
X-Firefox-Spdy: h2
|
|
| res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mdhrbsteztsjyzjs8zy4.jpg | 54.230.111.69 | | 26 kB |
URL res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mdhrbsteztsjyzjs8zy4.jpg IP54.230.111.69:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 96x96, segment length 16, progressive, precision 8, 650x420, components 3 Hashf87ef95ea161ca827b9aa2a8021f09f1 5e92534524f04750d3c108ff3cd1bc1c0060e8c2 1b1d12f827f2c9b2d5f26dea3c869a60c3a8dd8fe52b243e6e959cf1330d46b0
GET /image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mdhrbsteztsjyzjs8zy4.jpg HTTP/1.1
Host: res.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 25503
etag: "f87ef95ea161ca827b9aa2a8021f09f1"
last-modified: Wed, 19 Apr 2023 03:46:09 GMT
date: Fri, 10 Nov 2023 10:44:02 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j2qoVWjsxFEm_RnbSqt25s29fLHdllZhRf5O-zhzP4SazIvh_l5rbw==
age: 14533752
X-Firefox-Spdy: h2
|
|
| cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js | 54.230.111.69 | | 2.4 kB |
URL cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js IP54.230.111.69:0
File typegzip compressed data, from Unix Hash49195db93c56e33ccb298680bba13a9d 7f742959ea07b253b41a75a64a53dfb793659328 068ac33ff3ce1b5cb558f7b3ec5740f292151e034108d0a1788b9145743442dc
GET /s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js HTTP/1.1
Host: cdn.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 29 Oct 2023 00:26:38 GMT
x-amz-id-2: Pzgf4wLwH9nhNf7/eulSaCCEjQW8Tne0ZnlFhvoMPgwjrsH8MJaI8e2LxpgXrdewspTiRPKeQXg=
x-amz-request-id: RHDYFT90J7N22T1F
last-modified: Mon, 18 Oct 2021 02:44:10 GMT
etag: W/"ceb152ddf5390a749f9c157d20252351"
expires: Mon, 28 Oct 2024 00:26:38 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubdomains
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E1kH5-_nESVEqLSPIG2JgRdF_6IJYc7Q-10U2WnnoM-7z3anDAMVJw==
age: 15607594
X-Firefox-Spdy: h2
|
|
| res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mx3wwxaeksh7zmb4ebga.jpg | 54.230.111.69 | | 34 kB |
URL res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mx3wwxaeksh7zmb4ebga.jpg IP54.230.111.69:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, progressive, precision 8, 650x420, components 3 Hash8d99dfbb6675d2a652aa80d2a5f4bccd 692fb7abcfa77cd28b3084d40e049657d08ecbc1 fbe7fec667dfa1ad50be0b5064ab1b940bac584aa1247c4798ffbf8d0804319a
GET /image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mx3wwxaeksh7zmb4ebga.jpg HTTP/1.1
Host: res.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 34205
etag: "8d99dfbb6675d2a652aa80d2a5f4bccd"
last-modified: Thu, 25 Jan 2024 12:38:13 GMT
date: Wed, 13 Mar 2024 07:04:56 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OiAdAUX9AudIktu4FK3CmsWvitYIFQ1xcSvPBp1-wsPm5QRdi-JIwA==
age: 3833298
X-Firefox-Spdy: h2
|
|
| affiliate.klook.com/v3/affsrv/ads/event | 34.149.108.21 | | 70 B |
URL affiliate.klook.com/v3/affsrv/ads/event IP34.149.108.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashe4811654ff7001186063514b66e5d58b 99e80ad04cf70e790961c234b072ba2853a7db64 dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29
POST /v3/affsrv/ads/event HTTP/1.1
Host: affiliate.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-iframe-Data: {"type":4,"data":""}
X-Klook-Kepler-Id: 9ccd2739-b9a8-4dbb-97c5-8d804150f822
X-Klook-Request-Id: 56149f0b-eb38-4d3a-878a-13611e46c7b1
Content-Length: 15
Origin: https://affiliate.klook.com
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Cookie: kepler_id=9ccd2739-b9a8-4dbb-97c5-8d804150f822
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json
content-length: 70
date: Fri, 26 Apr 2024 15:53:14 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
access-control-allow-methods: POST, OPTIONS
x-klook-request-id: 56149f0b-eb38-4d3a-878a-13611e46c7b1
x-kong-upstream-latency: 2
x-kong-proxy-latency: 1
server: ReplaceHeaderValue
via: 1.1 google
x-cdn-vendor: gcp
x-cdn-cache: uncacheable
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| log.klook.com/v2/frontlogsrv/log/web | 34.111.170.216 | | 0 B |
URL log.klook.com/v2/frontlogsrv/log/web IP34.111.170.216:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/frontlogsrv/log/web HTTP/1.1
Host: log.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-deviceid,x-platform
Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:15 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
via: 1.1 google
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| log.klook.com/v2/frontlogsrv/log/web | 34.111.170.216 | | 62 B |
URL log.klook.com/v2/frontlogsrv/log/web IP34.111.170.216:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash056ae30ebaafcd0ca1a148d15c0bdf54 813d12625202843516e789c2a859587919707fe3 168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2
POST /v2/frontlogsrv/log/web HTTP/1.1
Host: log.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Platform: desktop
X-DeviceId: 9ccd2739-b9a8-4dbb-97c5-8d804150f822
Content-Length: 1865
Origin: https://affiliate.klook.com
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:15 GMT
content-type: application/json; charset=UTF-8
content-length: 62
accept-language: en_US
access-control-allow-origin: *
currency: HKD
x-klook-lang: en_US
x-klook-request-id: 91a6de5
x-klook-service-id: 01
x-klook-version: 1
via: 1.1 google
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&_s=2&tfd=7490 | 216.239.32.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&_s=2&tfd=7490 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&_s=2&tfd=7490 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 169
Origin: https://s.yam.com
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://s.yam.com
date: Fri, 26 Apr 2024 15:53:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| affiliate.klook.com/v2/usrcsrv/hit/experiments | 34.149.108.21 | | 14 kB |
URL affiliate.klook.com/v2/usrcsrv/hit/experiments IP34.149.108.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hash43b555fc6f1c5508bb5ffc5dcbd4a65c 61d14db98f458c4933ddcc35c4f2f8baacd7f982 4bb0498bbe928791e350c0008d6db5195cced6df41e135254f786cdebf0e6fa3
GET /v2/usrcsrv/hit/experiments HTTP/1.1
Host: affiliate.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Klook-Kepler-Id: 9ccd2739-b9a8-4dbb-97c5-8d804150f822
X-Klook-Request-Id: 769f5be9-7273-4791-9f3e-4b1cd3255e23
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Cookie: kepler_id=9ccd2739-b9a8-4dbb-97c5-8d804150f822
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
date: Fri, 26 Apr 2024 15:53:13 GMT
vary: Accept-Encoding
accept-language: en_US
currency: HKD
x-klook-lang: en_US
x-klook-request-id: 769f5be9-7273-4791-9f3e-4b1cd3255e23
x-klook-service-id: 01
x-klook-version: 1
x-kong-upstream-latency: 3
x-kong-proxy-latency: 0
content-encoding: gzip
server: ReplaceHeaderValue
via: 1.1 google
x-cdn-vendor: gcp
x-cdn-cache: miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| log.klook.com/v3/frontlogsrv/log/web?platform=desktop | 34.111.170.216 | | 0 B |
URL log.klook.com/v3/frontlogsrv/log/web?platform=desktop IP34.111.170.216:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v3/frontlogsrv/log/web?platform=desktop HTTP/1.1
Host: log.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:20 GMT
content-length: 0
vary: Origin
access-control-allow-origin: https://affiliate.klook.com
access-control-allow-credentials: true
access-control-allow-headers: x-klook-host,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Currency,Authorization,Token,version,X-Platform,_pt,Accept-Language,Accept,Accept-Encoding,X-Klook-Request-Id,X-Klook-Kepler-Id,X-Klook-Tint,X-DeviceID,x-klook-traffic-channel,Date
access-control-allow-methods: GET,POST
access-control-max-age: 3600
x-kong-response-latency: 0
via: 1.1 google
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css | 185.114.247.232 | 200 OK | 924 B |
URL GET HTTP/2ce17574.tw1.ru/index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with CRLF line terminators Hasheabaf0aaf10e39b24e4bc7c25d2e7ec8 d0e48a9cdb4d870b510d88cdfc325a2614071327 31525381d30528a71a4c4419b0ee495b4053428b061e75ac0e9556b00d56d1e4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/css
content-length: 924
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "65c19ea4-39c"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/rules.js.download | 185.114.247.232 | 200 OK | 488 B |
URL GET HTTP/2ce17574.tw1.ru/index_files/rules.js.download IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with CRLF line terminators Hashcd884ffdf1f759fbdeaae54b636288d4 450ea313a0b4b250024abd0935c1f59617841134 f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/rules.js.download HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/x-javascript
content-length: 488
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "1e8-610ada6e9f100"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/gen_ui.png | 185.114.247.232 | 200 OK | 6.4 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/gen_ui.png IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced Hashf5f55947733314117f1109f93f826b5f 394e87fcb82200b9c108182bdc761dc6aa016467 c4763204659e2a150da0e4f784da55eff7c77ae08b0c4fe9156a832093fb90fb
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/gen_ui.png HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: image/png
content-length: 6380
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "65c19ea4-18ec"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/img/new_sprite.png | 185.114.247.232 | 200 OK | 10 kB |
URL GET HTTP/2ce17574.tw1.ru/img/new_sprite.png IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 312 x 104, 8-bit/color RGBA, non-interlaced Hash675d3d69bb78ed155d9d443bef4cccd8 8266846da238de6218a75a11744f35f821baff74 0d477834d11f75ff989d2b6bfbcbaaed80a8e4f8efe65569f4cee2ad603a73af
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /img/new_sprite.png HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: image/png
content-length: 9961
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "65c19ea4-26e9"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/print_20190320190559.min.css | 185.114.247.232 | 200 OK | 57 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/print_20190320190559.min.css IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Hash8f0ad12d9e0ad31642d0f4d720f38466 55570fa50acf26292d5fa58d18736f337c4be78f d6641337d84bb69e4516c06fb67adac95ca0df58a52449f2e299743884b60b5e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/print_20190320190559.min.css HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/css
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-bfb"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&_s=3&tfd=9830 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&_s=3&tfd=9830 IP216.239.32.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RE4LTMGVEF>m=45je44o0v874613512za200&_p=1714146792550&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1817582744.1714146793&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1714146792&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FxGi8D&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&_s=3&tfd=9830 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 200
Origin: https://s.yam.com
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://s.yam.com
date: Fri, 26 Apr 2024 15:53:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ce17574.tw1.ru/index_files/inbenta.css | 185.114.247.232 | 200 OK | 17 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/inbenta.css IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Hash19a2d8088f13cad37fda0f2a5309d873 c02de3f3f09471836280b83455e4e38285436a08 4f68ffe513731aace3b01020abbad6400ef9ce52a7af936d923c8a2dcf8c9175
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/inbenta.css HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/css
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-2268a"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/jquery2.js.download | 185.114.247.232 | 200 OK | 25 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/jquery2.js.download IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Hashfa1fcab3cb1b8aed3996ac067fa1ff19 d25b3ae39c39c9f7b1264277db8f5d3f36542d2e ce43ed8437f43d2b64287e814ed187a95324c270b62cdd6b6596fb90108d70da
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/jquery2.js.download HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: W/"11348-610ada6e9f100"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-semibold.eot | 185.114.247.232 | 404 Not Found | 196 B |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-semibold.eot IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-semibold.eot HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/jquery.js.download | 185.114.247.232 | 200 OK | 31 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/jquery.js.download IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Hash3137cd775cb83bf12dbbd0d1f196ab91 91ec5f56c56f694ac3de0d2101741f9fae14c62d 56bc2f97d10ccc90c2b6f8f6ccb1733bc086148512d4663731e9ff19a51d323a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/jquery.js.download HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: W/"15851-610ada6e9f100"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/index_20190723161948.min.css | 185.114.247.232 | 200 OK | 125 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/index_20190723161948.min.css IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Size125 kB (124762 bytes) Hash6664eae65d223ff8056830e91839b872 a6ce4fab7103fa976e4f33422ca819ae41407c0d 135d2500adbb5b860d3ea59d2af66f39e5f690f86bc35695bcd9daf9a63baeca
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/index_20190723161948.min.css HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/css
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-41496"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/js.js.download | 185.114.247.232 | 200 OK | 255 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/js.js.download IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Size255 kB (254901 bytes) Hash7dff90188682936f4835a031f24c6391 6e5c6acc23038e48714f38f9f97b5de5c4185247 ffc5ce052dc3c7d5fac2fe151107ccf4649be76722d2c326f3969477b8abfb05
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/js.js.download HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: W/"134bc0-610ada6e9f100"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-semibold.woff | 185.114.247.232 | 200 OK | 64 kB |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-semibold.woff IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeWeb Open Font Format, TrueType, length 63896, version 1.50 Hash66d6f332d0d93578c726f68d3a9ada3b 10ebe50154b114f97ff25d99034ce724116ee47e ecc485cb5434c03a5990728a87f66f6b46635d3bd97fd9fd175df05e37bbb6f9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-semibold.woff HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/font-woff
content-length: 63896
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "65c19ea4-f998"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.yam.com/favicon.ico | 104.27.206.92 | | 4.4 kB |
IP104.27.206.92:0
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel Hash3462052ceaf1ca808f485b312389a9e1 0205ba34df60ad51f4d11a36dbbf3c98cc2ba567 4850257a2c4f08dead3246f744557f1738056664fd17cf427ef1574df44d22d5
GET /favicon.ico HTTP/1.1
Host: www.yam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Cookie: cfz_google-analytics_v4=%7B%22HXmK_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_ga4sid%22%3A%7B%22v%22%3A%221888461634%22%2C%22e%22%3A1714148592578%7D%2C%22HXmK_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_ga4%22%3A%7B%22v%22%3A%221fd7144e-6a33-424f-8b7c-9c51ddf4473a%22%2C%22e%22%3A1745682792578%7D%2C%22HXmK_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_ga4sid%22%3A%7B%22v%22%3A%221444559350%22%2C%22e%22%3A1714148592578%7D%2C%22fhIF_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_ga4%22%3A%7B%22v%22%3A%220b3b66e8-4ad5-4ad2-a6bb-26c2be54869a%22%2C%22e%22%3A1745682792578%7D%2C%22fhIF_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_ga4sid%22%3A%7B%22v%22%3A%22789073938%22%2C%22e%22%3A1714148592578%7D%2C%22nmDu_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_ga4%22%3A%7B%22v%22%3A%2297ec5251-21b7-4455-aa9d-f2878fb16e12%22%2C%22e%22%3A1745682792578%7D%2C%22nmDu_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_ga4sid%22%3A%7B%22v%22%3A%222024086786%22%2C%22e%22%3A1714148592578%7D%2C%22qlqb_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_ga4%22%3A%7B%22v%22%3A%22edbee4e9-9742-4d88-8e45-c918200291c6%22%2C%22e%22%3A1745682792578%7D%2C%22qlqb_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_engagementStart%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_ga4sid%22%3A%7B%22v%22%3A%221019036373%22%2C%22e%22%3A1714148592578%7D%2C%22xcVR_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_ga4%22%3A%7B%22v%22%3A%22a045ec2c-8a78-4e0b-9735-d1c9a9ade8c5%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR__z_ga_audiences%22%3A%7B%22v%22%3A%22a045ec2c-8a78-4e0b-9735-d1c9a9ade8c5%22%2C%22e%22%3A1745682792578%7D%2C%22xcVR_let%22%3A%7B%22v%22%3A%221714146792578%22%2C%22e%22%3A1745682792578%7D%7D; _ga_RE4LTMGVEF=GS1.1.1714146792.1.0.1714146792.60.0.0; _ga=GA1.1.1817582744.1714146793
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:53:13 GMT
content-type: image/x-icon
etag: W/"358873766b10d91:0"
last-modified: Thu, 15 Dec 2022 09:56:11 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94uIQo75LTOcMDqZGr3I5wrEpoH%2F3BrbtshKq1oFDCD%2FKl7hyRSPhBtS7tGkuOv3IOll0KN4W3dEUBqbx58AOYjMGjpi8uJkypjPNyer%2Btn5mwuFsqWSjJSr1yKs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a7be904811712a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-bold.woff | 185.114.247.232 | 200 OK | 30 kB |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-bold.woff IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeWeb Open Font Format, TrueType, length 29688, version 1.0 Hash8ddef052d66452862e8aef5f63fe6109 7432d98ccfc52ff401e3c37439ee2e61722c279b 10d5ee3a453be2ea83297c419182d5c32de6f46a530594fa5ec2aea8cd31c626
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-bold.woff HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/font-woff
content-length: 29688
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "65c19ea4-73f8"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-italic.otf | 185.114.247.232 | 404 Not Found | 196 B |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-italic.otf IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-italic.otf HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/index_pri_20201013141424.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-italic.woff | 185.114.247.232 | 404 Not Found | 196 B |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-italic.woff IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-italic.woff HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/index_pri_20201013141424.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|
| log.klook.com/v3/frontlogsrv/log/web?platform=desktop | 34.111.170.216 | | 62 B |
URL log.klook.com/v3/frontlogsrv/log/web?platform=desktop IP34.111.170.216:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash056ae30ebaafcd0ca1a148d15c0bdf54 813d12625202843516e789c2a859587919707fe3 168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2
POST /v3/frontlogsrv/log/web?platform=desktop HTTP/1.1
Host: log.klook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1252
Origin: https://affiliate.klook.com
DNT: 1
Connection: keep-alive
Referer: https://affiliate.klook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/json; charset=UTF-8
content-length: 62
accept-language: en_US
access-control-allow-origin: https://affiliate.klook.com
currency: HKD
x-klook-lang: en_US
x-klook-request-id: c393a6b
x-klook-service-id: 01
x-klook-version: 1
vary: Origin
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token,Date
x-kong-upstream-latency: 1
x-kong-proxy-latency: 0
via: 1.1 google
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| | 185.114.247.232 | 200 OK | 27 kB |
URL User Request GET HTTP/2IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Hash9f12120306cf98a41bcd5b6f017c106d 54202c8dffa4079e1ceedd2064a8548a8ae67f9d a8dccb851cf481f3488b27940d858157c894bb418536f8bd501637732ef20c81
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.yam.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/img/pictos-fonctionnels_20200629183129.svg | 185.114.247.232 | 200 OK | 329 kB |
URL GET HTTP/2ce17574.tw1.ru/img/pictos-fonctionnels_20200629183129.svg IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
Size329 kB (328937 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /img/pictos-fonctionnels_20200629183129.svg HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: image/svg+xml
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-504e9"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/logo-sg-seul.svg | 185.114.247.232 | 200 OK | 3.0 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/logo-sg-seul.svg IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeSVG Scalable Vector Graphics image Hashefa052c81f59f9de3e8cdea6874b51f2 be26da061dbda7223edf3565a96f4d549800f9c6 3558bec093d472325dd11d084d5009ba13d4925def969aa29c53fce416cddca2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/logo-sg-seul.svg HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: image/svg+xml
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-be2"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/img/favicon.ico | 185.114.247.232 | 200 OK | 318 B |
URL GET HTTP/2ce17574.tw1.ru/img/favicon.ico IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors Hashca10c09aeaf43460d3760f50c608eb51 f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /img/favicon.ico HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: image/x-icon
content-length: 318
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "13e-610ada6e9f100"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/style.css | 185.114.247.232 | 200 OK | 180 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/style.css IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with very long lines (1330), with CRLF line terminators Size180 kB (180495 bytes) Hash77603dc1f154ebf1ce331920d4a899fa 07e054367cdbee879d51feea346de422cd1bb4d9 2d44928b93b88ed19c681cc9c4a16f00428a70831d3d1933a1c5db9afb33eab5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/style.css HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/css
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-2c10f"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-regular.woff | 185.114.247.232 | 200 OK | 30 kB |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-regular.woff IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeWeb Open Font Format, TrueType, length 29936, version 1.0 Hashee8fb2f1d98caedf1822bd94ac49592a 78342ab4847d4794808b9f1ef361c8845139cd5b b2bd7e62939ac983fd01971920b44c1313a0d00b6f81ef80ae7a4b8ba5f20311
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-regular.woff HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: application/font-woff
content-length: 29936
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "65c19ea4-74f0"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-it.otf | 185.114.247.232 | 404 Not Found | 196 B |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-it.otf IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeHTML document, ASCII text, with no line terminators Hash4c2721a6662ce6d1ac5be54d16d51d12 a1541245769dedbff563e4ff40a83cb8d675e6e8 d3887c1020b92158055e9155e606f4cb8bed040d5a67e7550e74e8efbe649f8b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-it.otf HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/awt-front-BDDF.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/img/41de603c123a04387e8b57c2f2c9897e.svg | 185.114.247.232 | 200 OK | 71 kB |
URL GET HTTP/2ce17574.tw1.ru/img/41de603c123a04387e8b57c2f2c9897e.svg IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /img/41de603c123a04387e8b57c2f2c9897e.svg HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: image/svg+xml
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-114e5"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/img/spriteV4.png | 185.114.247.232 | 200 OK | 56 kB |
URL GET HTTP/2ce17574.tw1.ru/img/spriteV4.png IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 880 x 650, 8-bit/color RGBA, non-interlaced Hash2489b1de4b742de1d025c2751296143e ca790ae20b4603ce6595ab1a0384dd217105306c fdffcd1a92a88cf374901faf2ec466c6d16c0baa8b1f92426a24424743b65ab4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /img/spriteV4.png HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: image/png
content-length: 56012
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
etag: "65c19ea4-dacc"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/index_pri_20201013141424.min.css | 185.114.247.232 | 200 OK | 223 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/index_pri_20201013141424.min.css IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size223 kB (222558 bytes) Hash23ca09657029cb02397aa2af5b812bb8 2dbf5d4fd91d979b3d26e65e064f155b17cb4ff5 ffb0158cdc267512932acd22b13aa4f0df1652290faa987148d69f923b6cb797
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/index_pri_20201013141424.min.css HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/css
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-3655e"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-it.woff | 185.114.247.232 | 404 Not Found | 196 B |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-it.woff IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeHTML document, ASCII text, with no line terminators Hash4c2721a6662ce6d1ac5be54d16d51d12 a1541245769dedbff563e4ff40a83cb8d675e6e8 d3887c1020b92158055e9155e606f4cb8bed040d5a67e7550e74e8efbe649f8b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-it.woff HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/awt-front-BDDF.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-bold.eot | 185.114.247.232 | 404 Not Found | 196 B |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-bold.eot IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeHTML document, ASCII text, with no line terminators Hash4c2721a6662ce6d1ac5be54d16d51d12 a1541245769dedbff563e4ff40a83cb8d675e6e8 d3887c1020b92158055e9155e606f4cb8bed040d5a67e7550e74e8efbe649f8b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-bold.eot HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/index_files/awt-front-BDDF.css | 185.114.247.232 | 200 OK | 101 kB |
URL GET HTTP/2ce17574.tw1.ru/index_files/awt-front-BDDF.css IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size101 kB (100638 bytes) Hashd8d07b2eee0de2299f9472f923cd736c c305b5152ac4720e22a161529e9fc7c519fda6b0 064cdaef709bff99e6ad7775891f4e2a0979ede5cbc1e8e60a7ccea5d1885879
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /index_files/awt-front-BDDF.css HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/css
last-modified: Tue, 06 Feb 2024 02:51:16 GMT
vary: Accept-Encoding
etag: W/"65c19ea4-1891e"
expires: Sat, 26 Apr 2025 15:53:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ce17574.tw1.ru/fonts/sourcesanspro-regular.eot | 185.114.247.232 | 404 Not Found | 196 B |
URL GET HTTP/2ce17574.tw1.ru/fonts/sourcesanspro-regular.eot IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeHTML document, ASCII text, with no line terminators Hash4c2721a6662ce6d1ac5be54d16d51d12 a1541245769dedbff563e4ff40a83cb8d675e6e8 d3887c1020b92158055e9155e606f4cb8bed040d5a67e7550e74e8efbe649f8b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale | OpenPhish | phishing | Societe Generale | PhishTank | phishing | Other |
GET /fonts/sourcesanspro-regular.eot HTTP/1.1
Host: ce17574.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ce17574.tw1.ru/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 26 Apr 2024 15:53:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|