urlscan.io logo urlscan.io
SecurityTrails logo

d4.qshop1.online Open in urlscan Pro
2a06:6440:0:2d51::1  Public Scan

Go To Rescan Add Verdict Report
URL: https://d4.qshop1.online/
Submission: On December 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 2a06:6440:0:2d51::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is d4.qshop1.online.
TLS certificate: Issued by R3 on December 18th 2023. Valid for: 3 months.
This is the only time d4.qshop1.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2a06:6440:0:2d51::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
d4.qshop1.online
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    65.21.151.41 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.41.151.21.65.clients.your-server.de
ev.mobstra.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    23.33.238.66 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-238-66.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
7 qshop1.online
d4.qshop1.online
67 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 617
146 KB
3 gstatic.com
fonts.gstatic.com
43 KB
3 mobstra.com
ev.mobstra.com
35 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
153 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
255 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 152
255 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
23 8
Domain Requested by
7 d4.qshop1.online d4.qshop1.online
5 analytics.tiktok.com d4.qshop1.online
analytics.tiktok.com
3 fonts.gstatic.com fonts.googleapis.com
3 ev.mobstra.com d4.qshop1.online
ev.mobstra.com
2 www.googletagmanager.com d4.qshop1.online
www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 fonts.googleapis.com d4.qshop1.online
23 8

This site contains no links.

Subject Issuer Validity Valid
d4.qshop1.online
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ev.mobstra.com
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://d4.qshop1.online/
Frame ID: BC875A2594D4BBDD290B58373974123D
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Descoperă misterul destinului

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

446 kB
Transfer

1283 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
d4.qshop1.online/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d51::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
b806b834f01b367d5f44bc47ef830a701703ba584773ef42cab6808fcc2c6d85

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Mon, 18 Dec 2023 15:51:43 GMT
etag
W/"f0e-60ccaaae928cc"
last-modified
Mon, 18 Dec 2023 15:47:30 GMT
server
nginx
x-ray
p987:0.008/wn20305:0.010/wa20305:D=6747
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i,900,900i|Roboto:300,400,500,700,900&display=swap&subset=cyrillic
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
711325beade84f93d74275fd480fdbffe0eb02be8cdad7781b230894290c8eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Dec 2023 15:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 15:51:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Dec 2023 15:51:44 GMT
app.6556b4f2.css
d4.qshop1.online/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d4.qshop1.online/css/app.6556b4f2.css
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d51::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
5828ad1e20f258d0a7d9ad7e5986b4d4f30cfca6bef9422ad762284b49378a62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:44 GMT
x-ray
p987:0.002/wn20305:0.000/
content-encoding
br
last-modified
Wed, 29 Nov 2023 15:32:26 GMT
server
nginx
etag
W/"6567598a-5772"
content-type
text/css
chunk-vendors.391ed6f9.css
d4.qshop1.online/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d4.qshop1.online/css/chunk-vendors.391ed6f9.css
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d51::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
d6d6c2dcdc1381ab4f02ae79b98efeba2913d00ef1f38fefa139b9095ffc82cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:44 GMT
x-ray
p987:0.002/wn20305:0.000/
last-modified
Wed, 29 Nov 2023 15:32:26 GMT
server
nginx
etag
"6567598a-78e"
content-type
text/css
accept-ranges
bytes
content-length
1934
app.22fa7479.js
d4.qshop1.online/js/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d4.qshop1.online/js/app.22fa7479.js
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d51::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
db23f4eba21489658e37b2283911a494ad08a8cbe3b7d79f1e86c466edfb23a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:44 GMT
x-ray
p987:0.010/wn20305:0.000/
content-encoding
br
last-modified
Wed, 29 Nov 2023 15:33:52 GMT
server
nginx
etag
W/"656759e0-6f01"
content-type
application/javascript
chunk-vendors.f92bd484.js
d4.qshop1.online/js/ 		139 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d4.qshop1.online/js/chunk-vendors.f92bd484.js
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d51::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
72d4ee4b9ec855f5fe27c67ccfa9c15101fefd9ae54709dd9ffb070aa791b655

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:44 GMT
x-ray
p987:0.006/wn20305:0.000/
content-encoding
br
last-modified
Wed, 29 Nov 2023 15:32:26 GMT
server
nginx
etag
W/"6567598a-22adb"
content-type
application/javascript
js
ev.mobstra.com/event/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ev.mobstra.com/event/js?v=UX-M-7LvuSJ
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.21.151.41 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.41.151.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
009fa1ccee257fbc496563e5cba84bbe10bae58f6736be748d553192db0d5708

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 18 Dec 2023 15:51:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
34852
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		172 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQHG6NN
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efa72a92583c999ff4250f5b9ff42d2048246ce7d9ea9d742f43684a01dbcabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63034
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Dec 2023 15:51:44 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLP3AERC77UE4VD7ABKG&lib=ttq
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a163e3f2ff0f6c4121c7ea46b72720d6583ea39bfbc98ead563f0e08b5df514c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
494a205
date
Mon, 18 Dec 2023 15:51:44 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=dyn
x-tt-trace-id
00-23121815514473FCB2C40A7C0C52E783-2A953C077A2FBFE3-00
x-cache
TCP_MISS from a23-33-238-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=13
content-length
1521
pragma
no-cache
server
nginx
x-tt-logid
2023121815514473FCB2C40A7C0C52E783
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.33.238.62
x-tt-trace-host
01f91ce7946298fc9d5c45e8362a7a5f8d101fee6ac0d8292657eaea31b48b2eb4e7cdb5e9ffe8a3f0bd2e2bbfc1851c9beaf8813ef39774a20febc5107665fe14a86800abbb3a92ddd1fe2c7c6f6c875443000ea896133f9be771aa9e5268fcc4
expires
Mon, 18 Dec 2023 15:51:44 GMT
back-arrow.96b712b7.svg
d4.qshop1.online/img/ 		254 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4.qshop1.online/img/back-arrow.96b712b7.svg
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d51::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
7377368ddb93126a71b3990bab51b83f30e3fe1bddf57007cf5f90b075ae730c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:44 GMT
x-ray
p987:0.000/wn20305:0.000/
last-modified
Wed, 29 Nov 2023 15:32:26 GMT
server
nginx
etag
"6567598a-fe"
content-type
image/svg+xml
accept-ranges
bytes
content-length
254
4.e649bb7d.jpeg
d4.qshop1.online/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4.qshop1.online/img/4.e649bb7d.jpeg
Requested by
Host: d4.qshop1.online
URL: https://d4.qshop1.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d51::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
fb6988c6711d94badd980d24938404ee2b8784a734f880c22609a4588dd4dbb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:44 GMT
x-ray
p987:0.000/wn20305:0.000/
last-modified
Wed, 29 Nov 2023 15:32:26 GMT
server
nginx
etag
"6567598a-1722"
content-type
image/jpeg
accept-ranges
bytes
content-length
5922
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i,900,900i|Roboto:300,400,500,700,900&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d4.qshop1.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:41:38 GMT
x-content-type-options
nosniff
age
504606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 19:41:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i,900,900i|Roboto:300,400,500,700,900&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d4.qshop1.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:08:19 GMT
x-content-type-options
nosniff
age
251005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:08:19 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i,900,900i|Roboto:300,400,500,700,900&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d4.qshop1.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:57:41 GMT
x-content-type-options
nosniff
age
262443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 14:57:41 GMT
main.MTdjYzNiZDU2MA.js
analytics.tiktok.com/i18n/pixel/static/ 		397 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLP3AERC77UE4VD7ABKG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
494a256
date
Mon, 18 Dec 2023 15:51:45 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231109073331F3AD16E5A23E43067788
vary
Accept-Encoding
x-cache
TCP_HIT from a23-33-238-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0130f56dd963865d3efac35b1bed69e287cc0d1a200d85e27ef0bf2c49ac9685df941ca72218e1fb46b4f5ba145d429dc485a21e0119e447f9d35b649aea9ab892efe09074bbf06bebc6ff73868656d81592e66de6218e79e1c91a6173b1146580
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
108343
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
494a332
date
Mon, 18 Dec 2023 15:51:45 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110907315078DCDA5A67F621E9AC8C
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-33-238-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b3ec572a5cf913d7ce81638c6aef356f1c0dfe3cb3668fa106f417ba42291f21f3eee5564fc22e92620869b6ec1720a7fc8e3613a11a1097c94d2697374d7432ebd037f456edad3e4a369d2f0f601b94e88112910d99c6dfc76a256013a3a12e
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
36227
pixel
analytics.tiktok.com/api/v2/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d4.qshop1.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
494a3b6
date
Mon, 18 Dec 2023 15:51:45 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=dyn
x-tt-trace-id
00-231218155145E42F0A42D6BC47DE8D68-6B77BAD76CBD442E-00
x-cache
TCP_MISS from a23-33-238-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=41, cdn-cache; desc=MISS, edge; dur=10, origin; dur=51
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231218155145E42F0A42D6BC47DE8D68
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
51,23.33.238.62
x-tt-trace-host
01f91ce7946298fc9d5c45e8362a7a5f8d101fee6ac0d8292657eaea31b48b2eb465e290bb74a68725927ec76a7cdcca8d1a34ef2d49fff03cc40cc602d83a6f197fc7b03336c0e4c196690f947257f0956ab79c65037d3a66a67e81da4b9df514
access-control-allow-headers
Authorization,*
expires
Mon, 18 Dec 2023 15:51:45 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EVNPC0GQ2Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQHG6NN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
220dfa93b75612ac6fdc7f4bc846be35abd7d9ad43009627bd39c20db3843509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:51:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93119
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 15:51:45 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
697 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d4.qshop1.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
494a4b2
date
Mon, 18 Dec 2023 15:51:45 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=dyn
x-tt-trace-id
00-231218155145E42F0A42D6BC47DE8D82-63BD6B608288D2FB-00
x-cache
TCP_MISS from a23-33-238-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=20, cdn-cache; desc=MISS, edge; dur=7, origin; dur=29
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231218155145E42F0A42D6BC47DE8D82
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
30,23.33.238.62
x-tt-trace-host
01f91ce7946298fc9d5c45e8362a7a5f8d101fee6ac0d8292657eaea31b48b2eb465e290bb74a68725927ec76a7cdcca8dc954e4a69b5c132446fda3f82f088cb8554146e38e8dc78a508220e81347255d6d94a82e95c36b123cee49ba3831916d
access-control-allow-headers
Authorization,*
expires
Mon, 18 Dec 2023 15:51:45 GMT
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EVNPC0GQ2Y&gtm=45je3bt0v9134900094z89134896930&_p=1702914704130&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1132166970.1702914706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702914705&sct=1&seg=0&dl=https%3A%2F%2Fd4.qshop1.online%2F&dt=Descoper%C4%83%20misterul%20destinului&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2729
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EVNPC0GQ2Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 15:51:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d4.qshop1.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EVNPC0GQ2Y&cid=1132166970.1702914706&gtm=45je3bt0v9134900094z89134896930&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EVNPC0GQ2Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d4.qshop1.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 15:51:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d4.qshop1.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
click
ev.mobstra.com/event/ 		41 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ev.mobstra.com/event/click?v=UX-M-7LvuSJ&u=https:%2F%2Fd4.qshop1.online%2F
Requested by
Host: ev.mobstra.com
URL: https://ev.mobstra.com/event/js?v=UX-M-7LvuSJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.21.151.41 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.41.151.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
099b89c9b55722de421f149a9ce708165d8eceffb01982768cdfae7f679e007c

Request headers

Accept
application/json, text/plain, */*
Referer
https://d4.qshop1.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 18 Dec 2023 15:51:46 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
41
Content-Type
text/plain; charset=utf-8
footer
ev.mobstra.com/event/ 		2 KB
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ev.mobstra.com/event/footer?f=01HHYT0JMS1HAD3EBSNYTJP470
Requested by
Host: ev.mobstra.com
URL: https://ev.mobstra.com/event/js?v=UX-M-7LvuSJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.21.151.41 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.41.151.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c413e2d6b37568ee5aa74ca2dc28cd15d5988d7db26a9e319b87df7ee18bf44

Request headers

Accept
application/json, text/plain, */*
Referer
https://d4.qshop1.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 18 Dec 2023 15:51:46 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
751
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| mbp object| dataLayer string| TiktokAnalyticsObject object| ttq object| webpackJsonp object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2ZipMJwvIlN9RqnTmnMrgfVnwYs
.qshop1.online/ Name: _tt_enable_cookie
Value: 1
.qshop1.online/ Name: _ttp
Value: Fceg7C0EKutDH7a3a8Xd5ThXtAP
.qshop1.online/ Name: _ga
Value: GA1.1.1132166970.1702914706
.qshop1.online/ Name: _ga_EVNPC0GQ2Y
Value: GS1.1.1702914705.1.0.1702914705.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
d4.qshop1.online
ev.mobstra.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.googletagmanager.com
2001:4860:4802:36::181
23.33.238.66
2607:f8b0:4004:c08::9b
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2a06:6440:0:2d51::1
65.21.151.41
009fa1ccee257fbc496563e5cba84bbe10bae58f6736be748d553192db0d5708
099b89c9b55722de421f149a9ce708165d8eceffb01982768cdfae7f679e007c
220dfa93b75612ac6fdc7f4bc846be35abd7d9ad43009627bd39c20db3843509
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c413e2d6b37568ee5aa74ca2dc28cd15d5988d7db26a9e319b87df7ee18bf44
5828ad1e20f258d0a7d9ad7e5986b4d4f30cfca6bef9422ad762284b49378a62
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
711325beade84f93d74275fd480fdbffe0eb02be8cdad7781b230894290c8eec
72d4ee4b9ec855f5fe27c67ccfa9c15101fefd9ae54709dd9ffb070aa791b655
7377368ddb93126a71b3990bab51b83f30e3fe1bddf57007cf5f90b075ae730c
a163e3f2ff0f6c4121c7ea46b72720d6583ea39bfbc98ead563f0e08b5df514c
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
b806b834f01b367d5f44bc47ef830a701703ba584773ef42cab6808fcc2c6d85
d6d6c2dcdc1381ab4f02ae79b98efeba2913d00ef1f38fefa139b9095ffc82cc
db23f4eba21489658e37b2283911a494ad08a8cbe3b7d79f1e86c466edfb23a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efa72a92583c999ff4250f5b9ff42d2048246ce7d9ea9d742f43684a01dbcabc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb6988c6711d94badd980d24938404ee2b8784a734f880c22609a4588dd4dbb8