Report - www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/

Report Overview

Submitted URL
www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
IP
206.2.227.7
ASN
#139646 HONG KONG Megalayer Technology Co.,Limited
Submitted
2022-12-09 14:35:34
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	44 kB	34.120.237.76
f.vimeocdn.com	3234	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	256 kB	151.101.246.109
i.vimeocdn.com	3126	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	32 kB	151.101.246.109
zz.bdstatic.com	27702	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	459 B	58.254.150.48
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	3.8 kB	104.18.21.226
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	525 B	746 B	142.250.74.106
p1.qhimg.com	250383	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	274 B	3.5 kB	54.230.111.108
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	12 kB	192.124.249.23
secureservercdn.net	14983	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	2.0 MB	192.124.249.16
img.baidu.com	426376	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	272 B	1.1 kB	182.61.200.83
www.wlovebaidu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	491 kB	27.255.64.19
www.enallihan.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	30 kB	206.2.227.7
www.sogou.com	39670	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	3.8 kB	119.28.109.132
fresnel.vimeocdn.com	3128	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	1.3 kB	34.120.202.204
sp0.baidu.com	18423	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	473 B	114 B	104.193.88.77
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	12 kB	103.235.46.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.64.191
player.vimeo.com	1858	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	964 B	20 kB	162.159.138.60
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/	Malware
2022-12-09	medium	www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/	Malware
2022-12-09	medium	www.enallihan.com/js/jquery.3.5.2.min.m.js	Malware
2022-12-09	medium	www.enallihan.com/gg/ky/index.html	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	f.vimeocdn.com/p/4.15.3/js/vendor.module.js	482 kB	2023-03-08	2023-03-09
Pretty URL f.vimeocdn.com/p/4.15.3/js/vendor.module.js IP 151.101.246.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:31:06 Last Seen2023-03-09 04:56:16 Times Seen1 Hash aa91995becd449f4a78a059dd2228e77 971e0f754f03401a1bef1f0b0045148ea128f634 194d51ec57930cbe563120f2e517b0388da503ef2a2b34ae2afa5630f9ab62cf Loading...

	www.enallihan.com/js/jquery.3.5.2.min.m.js	8.3 kB	2023-03-08	2023-03-11
Pretty URL www.enallihan.com/js/jquery.3.5.2.min.m.js IP 206.2.227.7 ASN #139646 HONG KONG Megalayer Technology Co.,Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:41:07 Last Seen2023-03-11 22:49:07 Times Seen1 Hash 48d507309e023eec7cf3d34fdb8443e4 66f52b8ae1c9fa9a42cf7a24f59d3d3ae3ae89c2 3f8f4d988ba457fdc6e551b35a7ad81056f95ebd26befb0048245a1758225876 Loading...

	player.vimeo.com/video/364157527	15 kB	2023-03-09	2023-03-09
Pretty URL player.vimeo.com/video/364157527 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:00:31 Last Seen2023-03-09 00:00:31 Times Seen1 Hash 96cdb8c54dc27d827e66a2e01fc81623 2289717f3de43d339effa0350eb88f5054ffd88f ac05ee5b98cfdfb8cc9cec8a266573655895097fa06a1875c27391c867f7c6e2 Loading...

	player.vimeo.com/video/364157527	359 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/364157527 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:20 Times Seen1 Hash 3bebca74492661d309358758a5066f7f 35eb0d0a00a8f3df0c825a0093eacb71bc6e7d43 c5251ebe799b83572d361fe5378abcfe1c5f08fd2f9ad71d34e43b492b85b94b Loading...

	player.vimeo.com/video/340496849	1.2 kB	2023-03-08	2023-03-09
Pretty URL player.vimeo.com/video/340496849 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:41:07 Last Seen2023-03-09 00:00:31 Times Seen1 Hash 7b37e91e2167739ae5eff9ff75f60d64 fac08cb0dd4de2fdd48119a04ae5332781f8cd02 f438e4f155c6580d8a5dd8148cbd2ec8a84d8f2da39cd132649bb698b35e96e2 Loading...

	hm.baidu.com/hm.js?06ea3de3c34c59c8eb5943ee69359663	30 kB	2023-03-09	2023-03-09
Pretty URL hm.baidu.com/hm.js?06ea3de3c34c59c8eb5943ee69359663 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:00:31 Last Seen2023-03-09 00:00:31 Times Seen1 Hash bc10e9c8495cacb033bc7111df78c55a 84362fb60ab3668b9fac598319893a16531c5da5 eafcbd916065862ea933b60f012ca7fecce32ab3ebdbc74739d36561bb45456d Loading...

	zz.bdstatic.com/linksubmit/push.js	308 B	2023-03-07	2024-04-26
Pretty URL zz.bdstatic.com/linksubmit/push.js IP 58.254.150.48 ASN #136958 China Unicom Guangdong IP network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:58 Last Seen2024-04-26 13:38:13 Times Seen4046 Hash f9fc52ab67f035b8baf5d558714cc94d 37062a6fb1ef410d496137d44275738ae743c747 c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212 Loading...

	player.vimeo.com/video/364157527	200 B	2023-03-07	2023-12-19
Pretty URL player.vimeo.com/video/364157527 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-12-19 13:15:14 Times Seen10 Hash af8cc9e4334b181797ba45066b8ef4d8 c4c1b4ea678176597ae6720445f701d40bfda97d f675bde2f1e403c77205aa30dfe61dc90f15027df3679a79c4582cc804690783 Loading...

	player.vimeo.com/video/364157527	88 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/364157527 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:21 Times Seen1 Hash ad413198e105cd8f701ecfbbd330f933 10ce91413b40b42e0db106f75f9b906c53aadeae a2eae90d055f51a5223ced60b71f552e93c37d5a8c6caa224f92b90af6a2b971 Loading...

	player.vimeo.com/video/364157527	820 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/364157527 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:22 Times Seen1 Hash ef57c0109c58c2cbc1c0ef49652eb902 180b3bab67f413ffb480bd1eabfe0c66e2550b1a 5598f2690bcdf9b90ff7c652108104895b8e0f0346dd6cf425e4b36380a2a411 Loading...

	player.vimeo.com/video/340496849	13 kB	2023-03-09	2023-03-09
Pretty URL player.vimeo.com/video/340496849 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:00:31 Last Seen2023-03-09 00:00:31 Times Seen1 Hash bb9ba2f58a5c0f6c7a0a792bf8576d68 38c55f951b41c0575a4fb14d42361d8695d9dae2 6325fbd2cecab1a891fc369ae6d001bd0e0dea33cddaae982cee4579f646adbb Loading...

	f.vimeocdn.com/p/4.15.3/js/player.module.js	482 kB	2023-03-08	2023-03-09
Pretty URL f.vimeocdn.com/p/4.15.3/js/player.module.js IP 151.101.246.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:31:06 Last Seen2023-03-09 04:56:16 Times Seen1 Hash 97c97ee9b430fc8373ab2c1604866090 fb64070c43dacd14f2a87a6c6d974d4111cba7ae 62812c9aa21aca766e3fb93451cfa66d8f6a236ab38b85fa6f50207580d377c6 Loading...

	www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/	32 B	2023-03-08	2023-03-09
Pretty URL www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/ IP 206.2.227.7 ASN #139646 HONG KONG Megalayer Technology Co.,Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:41:07 Last Seen2023-03-09 00:00:31 Times Seen1 Hash 91023aa6e2d27b896f7715bdb484d200 ecddaac6dbec043a129489c8e67e5de4c546c1c1 1eae0348fa3e690033f87aa581b148480e5fb178129504388f41652ab3975dad Loading...

	player.vimeo.com/video/364157527	1.2 kB	2023-03-08	2023-03-09
Pretty URL player.vimeo.com/video/364157527 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:41:07 Last Seen2023-03-09 00:00:31 Times Seen1 Hash 9c9a05c37e57e8356e0f558edd710cec 1604c67e60587ac6a2bd693f3fbca58f3c89a9a0 15a11e424a47c8cb0af7ac2fa6c4906c839c8b63e14be0abfa05ff7f5b9f048b Loading...

	f.vimeocdn.com/js_opt/modules/utils/vuid.min.js	1.9 kB	2023-03-07	2024-04-27
Pretty URL f.vimeocdn.com/js_opt/modules/utils/vuid.min.js IP 151.101.246.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2024-04-27 01:33:03 Times Seen1415 Hash 83583a4061ddc27e8b6ee0dc269519cd 8b1c0acc28729208f640473eb5d8fb82c4ba3e15 c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Loading...

		Size	First Seen	Last Seen
	#1 Eval - 231849ae62f9e8fb9a71922663270229	13 kB	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 19:41:07 Last Seen2023-03-11 22:49:07 Times Seen1 Hash 231849ae62f9e8fb9a71922663270229 d08c390a4d13685f6c172f0403cf6302fb977114 2eeb2c932d63f853c11b91f3b7a66e778cf453c035be90fd279e99d1afa5d1c0 Loading...

		Size	First Seen	Last Seen
	#1 Write - f08e9095fb51a6969291f97b617f8a00	281 B	2023-03-08	2023-04-18
Pretty Observations First Seen2023-03-08 19:41:07 Last Seen2023-04-18 12:28:07 Times Seen2 Hash f08e9095fb51a6969291f97b617f8a00 d5b40fef8bc076651c6098ecc462721b223aef95 1e0e71a964d63fe62633c22e2cf58bb28f126dbb6eb4f8c670bed5115addff47 Loading...

HTTP Transactions (103)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5419
Expires: Fri, 09 Dec 2022 16:05:41 GMT
Date: Fri, 09 Dec 2022 14:35:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15032
Expires: Fri, 09 Dec 2022 18:45:54 GMT
Date: Fri, 09 Dec 2022 14:35:22 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 14:08:18 GMT
content-type: application/json
age: 1624
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/

206.2.227.7

301 Moved Permanently

178 B

URL HTTP/1.1
www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
IP
206.2.227.7:0
ASN
#139646 HONG KONG Megalayer Technology Co.,Limited

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /modules/tag/view.tag.php?%DCniversitesi/ HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 14:35:22 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5263
Expires: Fri, 09 Dec 2022 16:03:05 GMT
Date: Fri, 09 Dec 2022 14:35:22 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ++4p1M0nVBLIqlerhoDzvcJEJLu7ii5Broizf2fTBqLidayKLG91GNSbI8shJf1L1xz4yRIcraU=
x-amz-request-id: 7WRMKPBZFF03FT75
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 13:50:16 GMT
age: 2706
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 14:33:13 GMT
age: 130
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2581
Cache-Control: max-age=155673
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:23 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:49:56 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5540c17d539ed2fbd42a7ddafebe4160
ce270d1d5ffc6ff5b39fa54fac30adaca2b5f0af
25d5573cb8ae7bddeb5c3f94456f483c708de07909e90168e3c54327ce21f739

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25D5573CB8AE7BDDEB5C3F94456F483C708DE07909E90168E3C54327CE21F739"
Last-Modified: Thu, 08 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Fri, 09 Dec 2022 20:34:56 GMT
Date: Fri, 09 Dec 2022 14:35:23 GMT
Connection: keep-alive

push.services.mozilla.com/

34.214.64.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.64.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ewgex1QqOZet1YiN1QD5ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7RoS2lk75IAf7Clus5SrNC1a+ak=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16969
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 14:35:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16969
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 14:35:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16969
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 14:35:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5245 bytes)
Hash
43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 01:23:35 GMT
age: 47510
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5188 bytes)
Hash
fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 60241
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7897 bytes)
Hash
8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 39419
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5169 bytes)
Hash
06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 35350
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6578 bytes)
Hash
8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 26486
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 26530
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/

206.2.227.7

200 OK

17 kB

URL HTTP/1.1
www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
IP
206.2.227.7:0
ASN
#139646 HONG KONG Megalayer Technology Co.,Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (25947), with CRLF, LF line terminators
Size
17 kB (17446 bytes)
Hash
95c49f6918b18165271d58b614b07398
ca16ce23aa269a1ffa1be197ac38370b3b7e67b8
f3d8898f4a987ec8497872a40a7d8f124665aa876a8475a65e42a770b750681b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /modules/tag/view.tag.php?%DCniversitesi/ HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.enallihan.com/js/jquery.3.5.2.min.m.js

206.2.227.7

200 OK

8.3 kB

URL HTTP/1.1
www.enallihan.com/js/jquery.3.5.2.min.m.js
IP
206.2.227.7:0
ASN
#139646 HONG KONG Megalayer Technology Co.,Limited

File type
ASCII text, with very long lines (8276)
Size
8.3 kB (8277 bytes)
Hash
48d507309e023eec7cf3d34fdb8443e4
66f52b8ae1c9fa9a42cf7a24f59d3d3ae3ae89c2
3f8f4d988ba457fdc6e551b35a7ad81056f95ebd26befb0048245a1758225876

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/jquery.3.5.2.min.m.js HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/javascript
Content-Length: 8277
Last-Modified: Fri, 25 Nov 2022 07:21:31 GMT
Connection: keep-alive
ETag: "63806cfb-2055"
Accept-Ranges: bytes

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.enallihan.com/gg/ky/index.html

206.2.227.7

200 OK

941 B

URL HTTP/1.1
www.enallihan.com/gg/ky/index.html
IP
206.2.227.7:0
ASN
#139646 HONG KONG Megalayer Technology Co.,Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
941 B (941 bytes)
Hash
01910f5c479e3377ab213faa46eb28e9
8a2ab31cddde4496f2a48a865a4be462f269a82e
7400bfc31cdd2ee47ea89aff6c4256b96f587076bbc4493be5e7bab38dbf85da

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /gg/ky/index.html HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: text/html
Content-Length: 941
Last-Modified: Fri, 25 Nov 2022 07:21:31 GMT
Connection: keep-alive
ETag: "63806cfb-3ad"
Accept-Ranges: bytes

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/master-slider/custom.css?ver=3.2&time=1666380583

192.124.249.16

200 OK

140 B

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/master-slider/custom.css?ver=3.2&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
140 B (140 bytes)
Hash
0f6a35283580e787a847b4e9dbc6daf9
db53b4fcdc953d08b1d36838d2f07a7a28d08a4f
0dd27e43d37fd1713d3f246f7de1b623d92a0b686c5d33123c39ed87c152fe18

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/master-slider/custom.css?ver=3.2&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 140
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Dec 2022 17:05:00 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/prettyPhoto.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

2.8 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/prettyPhoto.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (402)
Size
2.8 kB (2769 bytes)
Hash
4f21ec76906e28e1c2194ea84546ed6b
85eacc0202364a6682bd58ee3f6680efc1420c7f
86534570cd150f56233dd6fb56369c299e76d93a751dc233c66d35d512a37179

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/prettyPhoto.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 2769
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

11 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
Unicode text, UTF-8 text, with very long lines (8757)
Size
11 kB (10663 bytes)
Hash
b48576b2fd6f5353d194b58726cb801e
fd9594080365b0b432518cef88eae6366ee54aa7
40ce84ce9448023101615f9881229a4d5d0b8ce5d240e5af1d2d62216ce6c44f

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 10663
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/flexslider.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

1.1 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/flexslider.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
1.1 kB (1097 bytes)
Hash
73a695b0018d8d155d3129efa309c1b7
2c1cfb154ea964a6912f4a79ca59143ccb5a875c
501bf5b91725f178c2524760038a9425cc242e0868110823bb08e8ed46c79735

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/flexslider.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 1097
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1&time=1666380583

192.124.249.16

200 OK

8.0 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
Unicode text, UTF-8 text
Size
8.0 kB (8017 bytes)
Hash
46bbad2b797beedc8b19c1cc2c3b146a
ca16a1f07fe67f95137814e766aaf9e8f521f8cc
8988c29e8b423754613ecd0228429491f7b7ce1a978daf4a714b38c77a7fc91c

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 8017
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Dec 2022 17:03:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/v4-shims.min.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

4.2 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/v4-shims.min.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (26516)
Size
4.2 kB (4229 bytes)
Hash
a23f408351ab37e6fe118d4605c09020
637f8b42309bcb2827aca454305d22664cda46c2
2fd81408c95881e1dd32f388894223dd4528bfa6ca57103b9c70ef847f19deba

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/v4-shims.min.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 4229
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/multi-columns-row.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

410 B

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/multi-columns-row.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
410 B (410 bytes)
Hash
ebe74e7aed5f9096abc2a8b7cd2fcbb3
e7b42eeadb89890dfcf50ab81f574b8c62451efd
efad0abb8385bb832537c26d73a24dcbd3e1a512fcff899394de198bf14f1d55

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/multi-columns-row.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 410
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/jiffy-lube-24084.png

192.124.249.16

200 OK

11 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/jiffy-lube-24084.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (11041 bytes)
Hash
9908d6b195c34bfb9e312e1b7338dedf
6c1755097724f34a1ecfa22c2ab77207eebb7650
79250e2bdb5e6142583709d7985fa6bf3b8cd350d78596393586cb24e62df561

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/jiffy-lube-24084.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 11041
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "2b21-5af6e6f4af500"
last-modified: Wed, 16 Sep 2020 13:42:12 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Palmetto-Bluff-1.jpg

192.124.249.16

200 OK

5.2 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Palmetto-Bluff-1.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x84, components 3\012- data
Size
5.2 kB (5168 bytes)
Hash
149df2706fcd9f2ca14452f75398ee7e
f34022dd9e3e2629280bc64251c3aa0abf35280c
59ca4e84188c5cd2c1f757e8dc9713f6de599ff2b98dd183ef9d7a48a387a61d

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Palmetto-Bluff-1.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 5168
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1430-5af6ea03a6c40"
last-modified: Wed, 16 Sep 2020 13:55:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Opsgenie-2.png

192.124.249.16

200 OK

9.7 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Opsgenie-2.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
9.7 kB (9679 bytes)
Hash
a35d91336c4997f9bbf0503a159c30ad
225aa2e5159891c4545da801ae7cb24791fcebb8
4ae179c026484515593db5bb660c8226ef974b8221243106da7ea3ea6c950f5b

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Opsgenie-2.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 9679
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "25cf-5af6e63222a00"
last-modified: Wed, 16 Sep 2020 13:38:48 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Craig-Builders.png

192.124.249.16

200 OK

5.7 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Craig-Builders.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
5.7 kB (5744 bytes)
Hash
19ab782568e55ba89e2e13884db91586
892ffb738c29c29b760cfe26716b6c1cc8e24032
354ec80645761fd3aba4e49808e88228990ae099b376f1827a52e4845487c02e

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Craig-Builders.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 5744
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1670-5af6e39e31500"
last-modified: Wed, 16 Sep 2020 13:27:16 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

2.8 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (402)
Size
2.8 kB (2808 bytes)
Hash
3a1ff9de48099cfd3a536038539f3471
8b0c39c5002ae1ef271ff3852d08ff8e0ae0aa78
49b0cc1bafc014351334de23ce439af74635db3c2ea0cce4be2d62f5223c9bb1

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 2808
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 20 Jul 2022 20:20:59 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/11/EURE-CONSULTING_NO-TAG_IDS-e1543524574550.jpg

192.124.249.16

200 OK

8.1 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/11/EURE-CONSULTING_NO-TAG_IDS-e1543524574550.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left], baseline, precision 8, 200x61, components 3\012- data
Size
8.1 kB (8085 bytes)
Hash
a2550b5b4ef9131e66872a43811ab71d
2fb3b7a794e16cb73e166c04c7e56d25d6860e8c
048ea40001c6aa5a5746721024c78d6c892f11a344b2fe12d786847f8c167f0b

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/11/EURE-CONSULTING_NO-TAG_IDS-e1543524574550.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 8085
x-sucuri-id: 19016
accept-ranges: bytes
age: 154845
content-security-policy: upgrade-insecure-requests
etag: "1f95-57bd3d1ef7380"
last-modified: Thu, 29 Nov 2018 20:49:34 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/kerecis-1.png

192.124.249.16

200 OK

6.5 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/kerecis-1.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6541 bytes)
Hash
9f100b4ae66788170d23b57928c2be3f
43a850bb9bb801798b53c2f290fd263a72a00b56
037741c5cb9d4d9fa2396a46327fdda2134c60f29e94933892a315bba2a01ef1

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/kerecis-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 6541
x-sucuri-id: 19016
accept-ranges: bytes
age: 103831
content-security-policy: upgrade-insecure-requests
etag: "198d-5af6f486eb9c0"
last-modified: Wed, 16 Sep 2020 14:42:55 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/unlocked-icon.png

192.124.249.16

200 OK

3.5 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/unlocked-icon.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3508 bytes)
Hash
1f181af8699008fca9339148f872bb17
201ad77d856dfd6164eab43723a9c0ec629e19b0
9df3698cf5b67077fafef43b7cdabcd13e252c5f1f055c6dbff5eaea93a805d9

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/unlocked-icon.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 3508
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "db4-5464fc6ba1d80"
last-modified: Tue, 17 Jan 2017 20:02:14 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/sam-hill-entertainment-1.jpg

192.124.249.16

200 OK

4.1 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/sam-hill-entertainment-1.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x84, components 3\012- data
Size
4.1 kB (4135 bytes)
Hash
f9a24c05686a21b40c2a5133b788a9b9
3bab5db13e6aaec6b5ab1072b0fd736175effd6f
bc5c66b6d42c990c585479cd05bb4780dc0f0bf3a8fddaef0552508b93cb02a0

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/sam-hill-entertainment-1.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 4135
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1027-5af6ea03a6c40"
last-modified: Wed, 16 Sep 2020 13:55:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3&time=1666380583

192.124.249.16

200 OK

972 B

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
972 B (972 bytes)
Hash
8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 972
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 12 Nov 2022 10:54:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/check-icon.png

192.124.249.16

200 OK

3.5 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/check-icon.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3480 bytes)
Hash
2bb58540cfb4b9822d5241ac24f69e48
0465cdff23fea28532cd21b193cd757a7b81b097
fc0a3578a9d55ec89948286ede7a62056450edddab3cb25013f81ceb18945d1e

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/check-icon.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 3480
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "d98-5464fc809cf00"
last-modified: Tue, 17 Jan 2017 20:02:36 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/CavalierProduce_Logo-14184.png

192.124.249.16

200 OK

9.0 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/CavalierProduce_Logo-14184.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 141 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
9.0 kB (8970 bytes)
Hash
610029778db4cc88b94bceedea95468b
00f49838c20285d87f7244cfe4a153534eec0b88
8f75726a9c42404e4d6f015f1414a82dbe9ff8bd7bffcd01f9597d3d9ddcd37c

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/CavalierProduce_Logo-14184.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 8970
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "230a-5af6f8d92ebc0"
last-modified: Wed, 16 Sep 2020 15:02:15 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Eagle-Logo_Flat-1.png

192.124.249.16

200 OK

9.6 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Eagle-Logo_Flat-1.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
9.6 kB (9565 bytes)
Hash
24531108702f81924ccfbe0002e57942
7b08e4ed2984c73ef9756380b833ccf3b46b9c71
09967248bdc66783ac691c2411f6c0a34bd5604e340543a9bdae65d85ba145e2

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Eagle-Logo_Flat-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 9565
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "255d-5af6ea01be7c0"
last-modified: Wed, 16 Sep 2020 13:55:51 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/vsp-logo.png

192.124.249.16

200 OK

10 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/vsp-logo.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10435 bytes)
Hash
994dd56245b8fb2552f93a2ede6e7e4b
20f09608189b163ea1c8e32fad002934e0571f80
698ff1e5d1a5b204d6f1c0fd184cf01b2d1a1cca4395d18f34c5533d6f763324

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/vsp-logo.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 10435
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "28c3-5af6f3734ef80"
last-modified: Wed, 16 Sep 2020 14:38:06 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/magnifying-glass-icon1.png

192.124.249.16

200 OK

4.1 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/magnifying-glass-icon1.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4135 bytes)
Hash
14958745f80bf9e8c40a2e8e452faf7a
9cfe669eb6d4ea1b20b2c63041fc7af9ef3228d4
4a829e9a8ab5c2b55f12155ff8b063b09848bffa31b8778bce3390f7e85d6e95

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/magnifying-glass-icon1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 4135
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1027-5464fc4d1d580"
last-modified: Tue, 17 Jan 2017 20:01:42 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-includes/css/dist/block-library/style.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

15 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-includes/css/dist/block-library/style.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
15 kB (15104 bytes)
Hash
af4b789233ba2525d722c8a12f97860f
b4db9e64e3d1439330cb90c829e177ea35bb268d
35d0eb5dfe90698c8ef6d17c285721df608b68db6cdba7ae023f04fefbdcd2c0

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-includes/css/dist/block-library/style.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 15104
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 21 Nov 2022 12:52:21 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/all.min.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

12 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/all.min.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (57005)
Size
12 kB (12417 bytes)
Hash
c0b46b44ed9828fa0a0d6be7a2eb1ddf
3fd2f26c03d91a47bd9d2e852686ca57c7c99d7c
839a1cbc542e5c359b2868d4925c4de7918e6bf8f172fd7f2ed4d8b4a519b9c6

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/all.min.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 12417
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Terrific-Deal-1.png

192.124.249.16

200 OK

14 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Terrific-Deal-1.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
14 kB (14501 bytes)
Hash
641f2d0ec402f3ea730291bea3e1d1a3
4b5810d32089e101bb8f60f2a412e1180053b496
69a7118ab32ef9b4b97f819026756336bf5609a39e249a5a44e4e4abc39a2d5d

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Terrific-Deal-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 14501
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "38a5-5af6f76ec94c0"
last-modified: Wed, 16 Sep 2020 14:55:55 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Paramount-84p.png

192.124.249.16

200 OK

14 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Paramount-84p.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
14 kB (14218 bytes)
Hash
188d671725d083786c2ffa2f1a329f15
25c5e32cd19b8fb758d66de44833a3f0a50b60f6
ecef255cc8a1af54ba2c8344c9174d8b748eb3655edd1f7a7b4fbd82cde6827f

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Paramount-84p.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 14218
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "378a-5af6e55d77440"
last-modified: Wed, 16 Sep 2020 13:35:05 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Urgo-1.png

192.124.249.16

200 OK

14 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Urgo-1.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Size
14 kB (14432 bytes)
Hash
9448c532038937af43f2866ab4d59b5c
a5191188834dbd26212f446df3b50e5884c68805
83ef2b6af9752b9df413b009386ba97264da41c6e4a349af44e9cefcb768850b

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Urgo-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 14432
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "3860-5af6ea049ae80"
last-modified: Wed, 16 Sep 2020 13:55:54 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
797e30e84991e23610f2066178362216
db2f0cac3c3d74dda57a0f1c0d6caf25544aa6fc
8f25ffd1c8c7ca279a68da7e3e45e324322dc9956fd84ee704c3fb6d9b2c0855

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F25FFD1C8C7CA279A68DA7E3E45E324322DC9956FD84EE704C3FB6D9B2C0855"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3699
Expires: Fri, 09 Dec 2022 15:37:06 GMT
Date: Fri, 09 Dec 2022 14:35:27 GMT
Connection: keep-alive

p1.qhimg.com/d/_onebox/search.png

54.230.111.108

200 OK

2.9 kB

URL HTTP/1.1
p1.qhimg.com/d/_onebox/search.png
IP
54.230.111.108:0
ASN
#16509 AMAZON-02

File type
PNG image data, 260 x 43, 8-bit colormap, non-interlaced\012- data
Size
2.9 kB (2941 bytes)
Hash
996729035d9ea7dbd1dcf49bf99e78d9
aba797d529929ca0c864eaf7d3261aee61f3ad78
f7b46e16e323b71d7e8308e8aa62ab36453dd3b57935424f4b4166947f0e5863

HTTP Headers

GET /d/_onebox/search.png HTTP/1.1
Host: p1.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2941
Connection: keep-alive
Date: Mon, 21 Nov 2022 18:05:46 GMT
Last-Modified: Tue, 05 Jan 2021 11:28:00 GMT
xzp: zhkbrquvsxaf
Expires: Sun, 19 Feb 2023 18:05:46 GMT
Cache-Control: max-age=7776000
Access-Control-Allow-Origin: *
XCS: HIT
KCS-Via: MISS from w-fc03.lato;MISS from w-sc02.bjyt
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Heh6NHw7B0W_lWnMlnkF7ZhoiznFmrDokoSPiwTEffcO2YYpGZvHlw==
Age: 1542581

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
34027c21c20ca74e4d42f869564f076a
67f00189530da86e23a986bd928592ecb7a81633
768dfec8c5996d79d7801cf19f3227054af2649929b1f7c104f631f9f3aca38a

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Dec 2022 11:50:58 GMT
ETag: "67f00189530da86e23a986bd928592ecb7a81633"
Last-Modified: Fri, 09 Dec 2022 11:50:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2946
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776e77a98fe71bfe-OSL

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00172020Headshots-scaled.jpg

192.124.249.16

200 OK

675 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00172020Headshots-scaled.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=SONY, model=ILCE-9, xresolution=148, yresolution=156, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 9.1 (Windows), datetime=2020:02:28 12:15:28], baseline, precision 8, 1707x2560, components 3\012- data
Size
675 kB (674993 bytes)
Hash
5bf99572f5494f0f2a0b816e9ea7d16e
7e0dd05920474d5b317aa4f429646de46cd5c762
0913631a1662f60a2b4ff4e95d2bf5ba8886e28f213116aac5cb2ade8c8ae6a3

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00172020Headshots-scaled.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 674993
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "a4cb1-5a253c4e6d240"
last-modified: Thu, 02 Apr 2020 19:25:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00122020Headshots-scaled.jpg

192.124.249.16

200 OK

528 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00122020Headshots-scaled.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=SONY, model=ILCE-9, xresolution=148, yresolution=156, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 9.1 (Windows), datetime=2020:02:28 12:15:18], baseline, precision 8, 1707x2560, components 3\012- data
Size
528 kB (528000 bytes)
Hash
1829f8d8cf601f7a4dd0e81fb413f788
1dc32a79f3abff64d183a3c4fc50fe5d0a5b994f
a9dc9add4aa9b01aa499e433b4b554ddcb5846f39919b421c2470bd96688af64

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00122020Headshots-scaled.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 528000
x-sucuri-id: 19016
accept-ranges: bytes
age: 103829
content-security-policy: upgrade-insecure-requests
etag: "80e80-5a253ccc4fb40"
last-modified: Thu, 02 Apr 2020 19:28:05 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

484 B

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
484 B (484 bytes)
Hash
65752dcc0c6a10c19a1d45d6375bc370
0153d6b0b845ec1ee4cb31f546f30199204be24c
6ec2356de03f75da2e069031b31d47da896df9bbeed05b1f5030480d4b70960f

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 484
x-sucuri-id: 19016
accept-ranges: bytes
age: 572162
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 20 Jul 2022 20:20:59 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/bootstrap.min.css?ver=6.0.3&time=1666380583

192.124.249.16

200 OK

19 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/bootstrap.min.css?ver=6.0.3&time=1666380583
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (65371)
Size
19 kB (19249 bytes)
Hash
31df72a0a0d16a8c7fa320af64739ec3
f097c07f3745481e47f19637e0308cd9db7b39fc
afbb22ddb6c038b2547719d14bfabd8596f21da93e31eb520734fb679cb72aad

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/bootstrap.min.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: text/css
content-length: 19249
x-sucuri-id: 19016
accept-ranges: bytes
age: 572162
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

img.baidu.com/img/logo-80px.gif

182.61.200.83

200 OK

866 B

URL HTTP/1.1
img.baidu.com/img/logo-80px.gif
IP
182.61.200.83:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 80 x 29\012- data
Size
866 B (866 bytes)
Hash
6f5433724f999a096e8a76e6d5918803
6ed88cb4676d384b6b3c7d8ceee5f48aa1bbb524
c3523c84b03a264ff85e541415f945c4c44705c454234274c78d63afd1c278b9

HTTP Headers

GET /img/logo-80px.gif HTTP/1.1
Host: img.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=311040000
Content-Length: 866
Content-Type: image/gif
Date: Fri, 09 Dec 2022 14:35:28 GMT
Etag: "1211028879"
Expires: Sun, 17 Oct 2032 14:35:28 GMT
Last-Modified: Sun, 15 Aug 2010 16:00:00 GMT
Server: BWS/1.0

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
0be8f0125007d934ae099ba862ab0118
612ca6d340caeda9e9b30b61dd197651599caa4f
218f69eab81dda01b25133719498a41d505cd14c4201444fe2d620d7dea41422

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Dec 2022 13:24:16 GMT
ETag: "612ca6d340caeda9e9b30b61dd197651599caa4f"
Last-Modified: Fri, 09 Dec 2022 13:24:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776e77adccc31bfe-OSL

player.vimeo.com/video/364157527

162.159.138.60

200 OK

6.2 kB

URL HTTP/1.1
player.vimeo.com/video/364157527
IP
162.159.138.60:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20539), with no line terminators
Size
6.2 kB (6207 bytes)
Hash
dc01911e6c61087b98e31ead93a1f241
9f5ac22507ea338ac2c70843971bfc5386bab018
da707a0c32ab08c5793b914f5a7e393d6e190f7ee89b2d869bc3510e513f74b0

HTTP Headers

GET /video/364157527 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 09 Dec 2022 14:45:28 GMT
x-host: player-959c5df45-bprgx
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-7
x-backend-proxy: playproxy8
x-bapp-server: player-959c5df45-bprgx
Age: 0
X-Served-By: cache-bma1643-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670596528.267122,VS0,VE242
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=f76p4sj.0R.BKkOfQhNU7bgIAnKLDhQk9fTtAfuX_0w-1670596528-0-Adwq4rDQpCX1Mc4Z/XPBodlVHQcaViaumozeD3ylNKm8i/KuhoMPDA/JFG0Plgls7NvxZEZ+yr3hgYP+eR0vxTI=; path=/; expires=Fri, 09-Dec-22 15:05:28 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 776e77ad9cd7b4f4-OSL
Content-Encoding: gzip

player.vimeo.com/video/340496849

162.159.138.60

200 OK

5.9 kB

URL HTTP/1.1
player.vimeo.com/video/340496849
IP
162.159.138.60:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18669), with no line terminators
Size
5.9 kB (5861 bytes)
Hash
c44cdd2d09869a90331a4c21b1bb33a9
9ba8cfcf06b4a2e50c9c0bc1ac02eaec6e84521e
7f271ab679270ef700c545180bb1cc63fd93a777416400892ce6b10c965fcbf4

HTTP Headers

GET /video/340496849 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 09 Dec 2022 14:45:28 GMT
x-host: player-959c5df45-4rd7m
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-1
x-backend-proxy: playproxy2
x-bapp-server: player-959c5df45-4rd7m
Age: 0
X-Served-By: cache-bma1660-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670596528.264527,VS0,VE299
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=m8fegRHeSKAEn80WUtvDsCl2KPtF90DDNQVX8dbiDfM-1670596528-0-ATYG8w+7aCBhsBohPynAlcqsDvdq8zioj3ajU2QAWD7Yuv2H4LYUmkawkXQZx6DrLoJLdiFxZ/5FW3hDD0UUeEw=; path=/; expires=Fri, 09-Dec-22 15:05:28 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 776e77ad9dd4b506-OSL
Content-Encoding: gzip

www.wlovebaidu.com/ky/images/1.jpg

27.255.64.19

200 OK

46 kB

URL HTTP/1.1
www.wlovebaidu.com/ky/images/1.jpg
IP
27.255.64.19:0
ASN
#4766 Korea Telecom

File type
GIF image data, version 89a, 1920 x 112\012- data
Size
46 kB (45522 bytes)
Hash
e4aa0f3e6abcc455b5e2ded9a2a12d6c
78df9660e92ef89f26d4d62dd2f34f350e33f74d
73b9190692334df9e3bfb897893f19f83aeecb4359378d5657cebdb72a04f447

HTTP Headers

GET /ky/images/1.jpg HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/jpeg
Content-Length: 45522
Last-Modified: Tue, 15 Nov 2022 05:04:18 GMT
Connection: keep-alive
ETag: "63731dd2-b1d2"
Accept-Ranges: bytes

f.vimeocdn.com/p/4.15.3/css/player.css

151.101.246.109

200 OK

21 kB

URL HTTP/2
f.vimeocdn.com/p/4.15.3/css/player.css
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65495)
Size
21 kB (20725 bytes)
Hash
968f2cdf88d9a0473ba7a9f06df273da
2816f582988f9de542ca6f12ac98ef5a22bf0572
8126ad5a87c033902741b40e92e955d4cbb5552040a597a261befcce705793af

HTTP Headers

GET /p/4.15.3/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 75909
x-served-by: cache-iad-kiad7000126-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 37, 52102
x-timer: S1670596529.623271,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20725
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

f.vimeocdn.com/p/4.15.3/js/player.module.js

151.101.246.109

200 OK

116 kB

URL HTTP/2
f.vimeocdn.com/p/4.15.3/js/player.module.js
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65445)
Size
116 kB (116326 bytes)
Hash
8c9202bf6ee286b9ed355dedd5cf03ff
98af722e03b42e83e7f3a718a17fcd9fd583083d
d4cfc1c907835aeb287585e70a9f4ee773d91fc1ddfabf1e8881162bd5ea10f2

HTTP Headers

GET /p/4.15.3/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 75910
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 49, 38456
x-timer: S1670596529.665903,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116326
X-Firefox-Spdy: h2

i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d.jpg?mw=80&q=85

151.101.246.109

200 OK

1.6 kB

URL HTTP/2
i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d.jpg?mw=80&q=85
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Size
1.6 kB (1617 bytes)
Hash
b04046a3b033e363acc582a1fdd584fa
323e24a3d442054e73d1a0d0ddde46ec53b7ea4a
87d2d9a8bb4971eea7fcfcce71017de00579aeb50132dd0a66613b346bbe7e4a

HTTP Headers

GET /video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: b04046a3b033e363acc582a1fdd584fa
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-7pkh
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 2409705
x-served-by: cache-dfw-kdfw8210137-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 80, 0
x-timer: S1670596529.643978,VS0,VE125
content-length: 1617
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?06ea3de3c34c59c8eb5943ee69359663

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?06ea3de3c34c59c8eb5943ee69359663
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
17be29e2c319c8c59507c4dace17859d
d734706bc9eb643095a23e50394aa3b5451def1b
4171fc0b29470b797a312ed96ab7631ca7ea231147399d38c4b95dc3579289a3

HTTP Headers

GET /hm.js?06ea3de3c34c59c8eb5943ee69359663 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 09 Dec 2022 14:35:28 GMT
Etag: ae27f56512e0bd9b9c5312daf5ed7425
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=36640974EF69FF6A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d.jpg?mw=80&q=85

151.101.246.109

200 OK

985 B

URL HTTP/2
i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d.jpg?mw=80&q=85
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Size
985 B (985 bytes)
Hash
cc7fe988cbcfd032a216bbba1833c950
ac6c6f2e52f1183e6f216919075d751526f37fa0
979110aceed21baace45f06bd73d4ababfe3ef73b3c57791eee8e663402ed9cb

HTTP Headers

GET /video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/jpeg
etag: cc7fe988cbcfd032a216bbba1833c950
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-hdwp
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 273000
x-served-by: cache-dfw-kdfw8210068-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 5, 0
x-timer: S1670596529.669763,VS0,VE126
content-length: 985
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/images/bg-strip.png

192.124.249.16

200 OK

925 B

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/images/bg-strip.png
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 5 x 5, 8-bit/color RGBA, non-interlaced\012- data
Size
925 B (925 bytes)
Hash
6298d49ec2d082f2924af6c49442fe22
4d93e8297c60d01079aa6b2000b71b77941a4229
051ae45d17aec42a9343aa9cd58ee0d098f3233c5a4e9440d058bcc8cfda9ba4

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/images/bg-strip.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/png
content-length: 925
x-sucuri-id: 19016
accept-ranges: bytes
age: 100844
content-security-policy: upgrade-insecure-requests
etag: "39d-5cb19a4c5084b"
last-modified: Fri, 03 Sep 2021 16:18:02 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.15.3/js/vendor.module.js

151.101.246.109

200 OK

116 kB

URL HTTP/2
f.vimeocdn.com/p/4.15.3/js/vendor.module.js
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65457)
Size
116 kB (115831 bytes)
Hash
b1d4e45be3bf63b76cd5365d3bbfec4c
4cbe3e6bd6f09e823d5c994c4304e4c5aed6fec1
84a4f9602b964b8d5f5e11a1081aa7f28edba888d24a138e17bc5f5cc0892b34

HTTP Headers

GET /p/4.15.3/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 75910
x-served-by: cache-iad-kjyo7100143-IAD, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 33, 49141
x-timer: S1670596529.813116,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 115831
X-Firefox-Spdy: h2

f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

151.101.246.109

200 OK

997 B

URL HTTP/2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1839)
Size
997 B (997 bytes)
Hash
b81408535edef4b73951fa7683a0ecb4
2be1041a686c8d5130ce96600bc7ec68538b4cd9
7b68a0f94a2376708329d7fabc0000c92eb45755267bde5dc8983184b77f3ec7

HTTP Headers

GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 1804690
x-served-by: cache-iad-kiad7000106-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 33, 137075
x-timer: S1670596529.965245,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2

www.sogou.com/web/index/images/logo_440x140.v.4.png

119.28.109.132

200 OK

3.0 kB

URL HTTP/1.1
www.sogou.com/web/index/images/logo_440x140.v.4.png
IP
119.28.109.132:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 440 x 140, 8-bit colormap, non-interlaced\012- data
Size
3.0 kB (2950 bytes)
Hash
31de1d2fa7d918fab2f59984391db1c8
4f4b78796b3fbf19971f182175bcd92b01ee470f
29f87d6615f36a54e3edc8c7f05eb9b480d1f2989dec8da68e82747d060aea85

HTTP Headers

GET /web/index/images/logo_440x140.v.4.png HTTP/1.1
Host: www.sogou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: image/png
Content-Length: 2950
Connection: keep-alive
Last-Modified: Mon, 10 Feb 2020 03:11:55 GMT
Set-Cookie: ABTEST=7|1670596528|v17; expires=Sun, 08-Jan-23 14:35:28 GMT; path=/
IPLOC=NO; expires=Sat, 09-Dec-23 14:35:28 GMT; domain=.sogou.com; path=/
SUID=9A2A5A5B7E1A910A00000000639347B0; expires=Thu, 04-Dec-2042 14:35:28 GMT; domain=.sogou.com; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ETag: "5e40c9fb-b86"
Expires: Wed, 07 Jun 2023 14:35:28 GMT
Cache-Control: max-age=15552000
UUID: 2999b14f-0211-419b-90d6-2ec73f12c6b6
Accept-Ranges: bytes

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/startup-593327_640.jpg

192.124.249.16

200 OK

43 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/startup-593327_640.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x426, components 3\012- data
Size
43 kB (43050 bytes)
Hash
d21eee733b9d4fc1e035eb5c4b15d270
37cdd7ce99d5017a7def933029323936a3b1eeb1
65f46d735b419c8b3b192fdb0a64e07955bc5c1a956fe9d6332af023f7a873c6

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/startup-593327_640.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/jpeg
content-length: 43050
x-sucuri-id: 19016
accept-ranges: bytes
age: 100843
content-security-policy: upgrade-insecure-requests
etag: "a82a-5a46f9d5d0f00"
last-modified: Wed, 29 Apr 2020 15:29:32 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-solid-900.woff2

192.124.249.16

200 OK

76 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-solid-900.woff2
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format (Version 2), TrueType, length 76084, version 330.-16253\012- data
Size
76 kB (76084 bytes)
Hash
f6121be597a72928f54e7ab5b95512a1
b2c74520c3f506efbfefca867918e5ae28bd5222
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.enallihan.com
Connection: keep-alive
Referer: https://secureservercdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: font/woff2
content-length: 76084
x-sucuri-id: 19016
accept-ranges: bytes
access-control-allow-origin: *
age: 147811
content-security-policy: upgrade-insecure-requests
etag: "12934-5cb19a4b80d48"
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d?mw=640&mh=360

151.101.246.109

200 OK

8.0 kB

URL HTTP/2
i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d?mw=640&mh=360
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
ISO Media, AVIF Image\012- data
Size
8.0 kB (8002 bytes)
Hash
22d1b7ea020e2090d00eda7ca3cd3366
0fef558e54901991ec860cb8eeb2446e8e77be77
c7e7a541a454bdea51cfba85b5fa598deab714f860c1af413eeb3cb2a8cb1036

HTTP Headers

GET /video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d?mw=640&mh=360 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/avif
etag: 22d1b7ea020e2090d00eda7ca3cd3366
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-wv07
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:29 GMT
age: 2053483
x-served-by: cache-dfw-kdfw8210107-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 34, 0
x-timer: S1670596529.983960,VS0,VE141
vary: Accept
content-length: 8002
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-brands-400.woff2

192.124.249.16

200 OK

76 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-brands-400.woff2
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format (Version 2), TrueType, length 75936, version 330.-16253\012- data
Size
76 kB (75936 bytes)
Hash
822d94f19fe57477865209e1242a3c63
f356aa2e4d9b7245985d312d3bfba180f774e3b7
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.enallihan.com
Connection: keep-alive
Referer: https://secureservercdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: font/woff2
content-length: 75936
x-sucuri-id: 19016
accept-ranges: bytes
access-control-allow-origin: *
age: 146741
content-security-policy: upgrade-insecure-requests
etag: "128a0-5cb19a4b89274"
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1178843199&si=06ea3de3c34c59c8eb5943ee69359663&v=1.3.0&lv=1&sn=43843&r=0&ww=1280&u=https%3A%2F%2Fwww.enallihan.com%2Fmodules%2Ftag%2Fview.tag.php%3F%25DCniversitesi%2F&tt=%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%BB%9A%E7%90%83app%E5%AE%98%E7%BD%91%7C%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%8F%90%E7%8E%B0%E5%A4%9A%E4%B9%85%E5%88%B0%E8%B4%A6%E6%88%B7%E4%B8%8A

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1178843199&si=06ea3de3c34c59c8eb5943ee69359663&v=1.3.0&lv=1&sn=43843&r=0&ww=1280&u=https%3A%2F%2Fwww.enallihan.com%2Fmodules%2Ftag%2Fview.tag.php%3F%25DCniversitesi%2F&tt=%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%BB%9A%E7%90%83app%E5%AE%98%E7%BD%91%7C%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%8F%90%E7%8E%B0%E5%A4%9A%E4%B9%85%E5%88%B0%E8%B4%A6%E6%88%B7%E4%B8%8A
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1178843199&si=06ea3de3c34c59c8eb5943ee69359663&v=1.3.0&lv=1&sn=43843&r=0&ww=1280&u=https%3A%2F%2Fwww.enallihan.com%2Fmodules%2Ftag%2Fview.tag.php%3F%25DCniversitesi%2F&tt=%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%BB%9A%E7%90%83app%E5%AE%98%E7%BD%91%7C%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%8F%90%E7%8E%B0%E5%A4%9A%E4%B9%85%E5%88%B0%E8%B4%A6%E6%88%B7%E4%B8%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 09 Dec 2022 14:35:28 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=74A200E31D9CCAD1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/03/48013779_ml.jpg

192.124.249.16

200 OK

169 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/03/48013779_ml.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1678x1119, components 3\012- data
Size
169 kB (169223 bytes)
Hash
1eed52727831da7c7ad64dfb93f88604
68907c6bcfac6092a3bd4bd4060960336d31aa14
34c410a1ae0ea5a32bcf63569b6556a86692dd28d2089b69f8119779622e9b71

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/03/48013779_ml.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/jpeg
content-length: 169223
x-sucuri-id: 19016
accept-ranges: bytes
age: 100843
content-security-policy: upgrade-insecure-requests
etag: "29507-54ab5f48d7300"
last-modified: Tue, 14 Mar 2017 19:37:16 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/12/AdobeStock_104691994.1.jpg

192.124.249.16

200 OK

186 kB

URL HTTP/2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/12/AdobeStock_104691994.1.jpg
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1600x757, components 3\012- data
Size
186 kB (186137 bytes)
Hash
f153a3040d3eb55e1832723f9e79dc35
b8e76483cddd539ce8eecaf50f5ffae4752289c3
f03d3749988337fbbc55cf68869e42d824b0f84255d42aa6b26dfe2db8e59297

HTTP Headers

GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/12/AdobeStock_104691994.1.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/jpeg
content-length: 186137
x-sucuri-id: 19016
accept-ranges: bytes
age: 100844
content-security-policy: upgrade-insecure-requests
etag: "2d719-57e1b9d126b00"
last-modified: Fri, 28 Dec 2018 21:19:08 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d?mw=640&mh=360

151.101.246.109

200 OK

17 kB

URL HTTP/2
i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d?mw=640&mh=360
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
ISO Media, AVIF Image\012- data
Size
17 kB (17398 bytes)
Hash
2566353f5d3327a0be5994da2c17841f
bdc8d29c175affce2621c89c6fc2b256fa959815
6da45462ed6c50b54133273decb911c35758b91ab3cd5a3377562a42b01bbd6c

HTTP Headers

GET /video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d?mw=640&mh=360 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/avif
etag: 2566353f5d3327a0be5994da2c17841f
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-f064
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:29 GMT
age: 230586
x-served-by: cache-dfw-kdfw8210068-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 3, 0
x-timer: S1670596529.143984,VS0,VE129
vary: Accept
content-length: 17398
X-Firefox-Spdy: h2

i.vimeocdn.com/portrait/32246200_60x60

151.101.246.109

200 OK

758 B

URL HTTP/2
i.vimeocdn.com/portrait/32246200_60x60
IP
151.101.246.109:0
ASN
#54113 FASTLY

File type
ISO Media, AVIF Image\012- data
Size
758 B (758 bytes)
Hash
9df60dc2db6e8df48f0d782ef0650d2f
7f5392e244f71fb52a5a04d5002507fea5b90bbd
b3521ecddb32fef651de2069f728d1ae5ce62bf2ea18b5cd20035c6284701c4e

HTTP Headers

GET /portrait/32246200_60x60 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/avif
etag: 9df60dc2db6e8df48f0d782ef0650d2f
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-482t
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:29 GMT
age: 1766114
x-served-by: cache-dfw-kdfw8210037-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 37, 0
x-timer: S1670596529.248657,VS0,VE125
vary: Accept
content-length: 758
X-Firefox-Spdy: h2

www.enallihan.com/favicon.ico

206.2.227.7

200 OK

1.6 kB

URL HTTP/1.1
www.enallihan.com/favicon.ico
IP
206.2.227.7:0
ASN
#139646 HONG KONG Megalayer Technology Co.,Limited

File type
data
Size
1.6 kB (1600 bytes)
Hash
898c92f4f422538431a8daf77961d2ff
bb1172ed7e7cb7d5a5f80d9e549e67903c0a9b6a
bafdf94f204dfb4b8e9fb0164cf1ce14152e374535bec89b6b3b5c3d0a167f25

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
Cookie: Hm_lvt_06ea3de3c34c59c8eb5943ee69359663=1670596528; Hm_lpvt_06ea3de3c34c59c8eb5943ee69359663=1670596528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:29 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/s/gts1d4/E4colUoO91Q

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b

HTTP Headers

POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/E4colUoO91Q

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b

HTTP Headers

POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/E4colUoO91Q

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b

HTTP Headers

POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fresnel.vimeocdn.com/add/player-test-impression?beacon=1

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 113
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fresnel.vimeocdn.com/add/player-test-impression?beacon=1

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ba044f05f2821ae465fef8dbd4a098045a6892c11670596528

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ba044f05f2821ae465fef8dbd4a098045a6892c11670596528
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-stats?beacon=1&session-id=ba044f05f2821ae465fef8dbd4a098045a6892c11670596528 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1472
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/E4colUoO91Q

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b

HTTP Headers

POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fresnel.vimeocdn.com/add/player-test-impression?beacon=1

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=9e148b49be95806396b212ca4de4fe67f0dce8b11670596528

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=9e148b49be95806396b212ca4de4fe67f0dce8b11670596528
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-stats?beacon=1&session-id=9e148b49be95806396b212ca4de4fe67f0dce8b11670596528 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1427
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.wlovebaidu.com/ky/images/3.jpg

27.255.64.19

200 OK

444 kB

URL HTTP/1.1
www.wlovebaidu.com/ky/images/3.jpg
IP
27.255.64.19:0
ASN
#4766 Korea Telecom

File type
GIF image data, version 89a, 1920 x 1420\012- data
Size
444 kB (444227 bytes)
Hash
caef8f4d50de71d7c4c852c3a890b8fb
a725505ced7e052412e035fc9e253bcc3febee68
407bd23bf6809122b579cb61ff259e1466f9ad3385ad59d6c3e177c76461aea5

HTTP Headers

GET /ky/images/3.jpg HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/jpeg
Content-Length: 444227
Last-Modified: Tue, 15 Nov 2022 05:04:50 GMT
Connection: keep-alive
ETag: "63731df2-6c743"
Accept-Ranges: bytes

sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/

104.193.88.77

200 OK

0 B

URL HTTP/1.1
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
IP
104.193.88.77:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 09 Dec 2022 14:35:30 GMT

fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C600%2C700%2C700italic%2C600italic%2C400italic%7CCabin%3A400%2C500%2C600%2C700%7CMontserrat%3A400%2C700&ver=6.0.3

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C600%2C700%2C700italic%2C600italic%2C400italic%7CCabin%3A400%2C500%2C600%2C700%7CMontserrat%3A400%2C700&ver=6.0.3
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A100%2C300%2C400%2C600%2C700%2C700italic%2C600italic%2C400italic%7CCabin%3A400%2C500%2C600%2C700%7CMontserrat%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 14:35:26 GMT
date: Fri, 09 Dec 2022 14:35:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

zz.bdstatic.com/linksubmit/push.js

58.254.150.48

200 OK

0 B

URL HTTP/2
zz.bdstatic.com/linksubmit/push.js
IP
58.254.150.48:0
ASN
#136958 China Unicom Guangdong IP network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: application/x-javascript
last-modified: Sun, 31 Jul 2022 09:23:08 GMT
etag: "62e649fc-134"
cache-control: max-age=86400
content-encoding: br
age: 25857
accept-ranges: bytes
tracecode: 17954958720310087434120911
ohc-global-saved-time: Fri, 09 Dec 2022 03:29:55 GMT
ohc-cache-hit: gz3un50 [2], zhuzuncache57 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2

www.wlovebaidu.com/ky/images/2.gif

27.255.64.19

200 OK

0 B

URL HTTP/1.1
www.wlovebaidu.com/ky/images/2.gif
IP
27.255.64.19:0
ASN
#4766 Korea Telecom

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ky/images/2.gif HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/gif
Content-Length: 9392241
Last-Modified: Tue, 15 Nov 2022 05:04:37 GMT
Connection: keep-alive
ETag: "63731de5-8f5071"
Accept-Ranges: bytes

www.wlovebaidu.com/ky/images/4.jpg

27.255.64.19

200 OK

0 B

URL HTTP/1.1
www.wlovebaidu.com/ky/images/4.jpg
IP
27.255.64.19:0
ASN
#4766 Korea Telecom

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ky/images/4.jpg HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/jpeg
Content-Length: 1386755
Last-Modified: Tue, 15 Nov 2022 05:05:03 GMT
Connection: keep-alive
ETag: "63731dff-152903"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations