r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5419
Expires: Fri, 09 Dec 2022 16:05:41 GMT
Date: Fri, 09 Dec 2022 14:35:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15032
Expires: Fri, 09 Dec 2022 18:45:54 GMT
Date: Fri, 09 Dec 2022 14:35:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 14:08:18 GMT
content-type: application/json
age: 1624
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
206.2.227.7301 Moved Permanently 178 B URL HTTP/1.1 www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
IP 206.2.227.7:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET /modules/tag/view.tag.php?%DCniversitesi/ HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 14:35:22 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5263
Expires: Fri, 09 Dec 2022 16:03:05 GMT
Date: Fri, 09 Dec 2022 14:35:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ++4p1M0nVBLIqlerhoDzvcJEJLu7ii5Broizf2fTBqLidayKLG91GNSbI8shJf1L1xz4yRIcraU=
x-amz-request-id: 7WRMKPBZFF03FT75
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 13:50:16 GMT
age: 2706
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 14:33:13 GMT
age: 130
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2581
Cache-Control: max-age=155673
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:23 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:49:56 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5540c17d539ed2fbd42a7ddafebe4160
ce270d1d5ffc6ff5b39fa54fac30adaca2b5f0af
25d5573cb8ae7bddeb5c3f94456f483c708de07909e90168e3c54327ce21f739
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25D5573CB8AE7BDDEB5C3F94456F483C708DE07909E90168E3C54327CE21F739"
Last-Modified: Thu, 08 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Fri, 09 Dec 2022 20:34:56 GMT
Date: Fri, 09 Dec 2022 14:35:23 GMT
Connection: keep-alive
push.services.mozilla.com/
34.214.64.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.64.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ewgex1QqOZet1YiN1QD5ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7RoS2lk75IAf7Clus5SrNC1a+ak=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16969
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 14:35:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16969
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 14:35:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16969
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 14:35:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 01:23:35 GMT
age: 47510
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 60241
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 39419
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 35350
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 26486
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 26530
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
206.2.227.7200 OK 17 kB URL HTTP/1.1 www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
IP 206.2.227.7:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (25947), with CRLF, LF line terminators
Hash 95c49f6918b18165271d58b614b07398
ca16ce23aa269a1ffa1be197ac38370b3b7e67b8
f3d8898f4a987ec8497872a40a7d8f124665aa876a8475a65e42a770b750681b
Analyzer Verdict Alert fortinet Malware
GET /modules/tag/view.tag.php?%DCniversitesi/ HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.enallihan.com/js/jquery.3.5.2.min.m.js
206.2.227.7200 OK 8.3 kB URL HTTP/1.1 www.enallihan.com/js/jquery.3.5.2.min.m.js
IP 206.2.227.7:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type ASCII text, with very long lines (8276)
Hash 48d507309e023eec7cf3d34fdb8443e4
66f52b8ae1c9fa9a42cf7a24f59d3d3ae3ae89c2
3f8f4d988ba457fdc6e551b35a7ad81056f95ebd26befb0048245a1758225876
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.3.5.2.min.m.js HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/javascript
Content-Length: 8277
Last-Modified: Fri, 25 Nov 2022 07:21:31 GMT
Connection: keep-alive
ETag: "63806cfb-2055"
Accept-Ranges: bytes
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.enallihan.com/gg/ky/index.html
206.2.227.7200 OK 941 B URL HTTP/1.1 www.enallihan.com/gg/ky/index.html
IP 206.2.227.7:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 01910f5c479e3377ab213faa46eb28e9
8a2ab31cddde4496f2a48a865a4be462f269a82e
7400bfc31cdd2ee47ea89aff6c4256b96f587076bbc4493be5e7bab38dbf85da
Analyzer Verdict Alert fortinet Malware
GET /gg/ky/index.html HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:26 GMT
Content-Type: text/html
Content-Length: 941
Last-Modified: Fri, 25 Nov 2022 07:21:31 GMT
Connection: keep-alive
ETag: "63806cfb-3ad"
Accept-Ranges: bytes
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/master-slider/custom.css?ver=3.2&time=1666380583
192.124.249.16200 OK 140 B URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/master-slider/custom.css?ver=3.2&time=1666380583
IP 192.124.249.16:0
Hash 0f6a35283580e787a847b4e9dbc6daf9
db53b4fcdc953d08b1d36838d2f07a7a28d08a4f
0dd27e43d37fd1713d3f246f7de1b623d92a0b686c5d33123c39ed87c152fe18
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/master-slider/custom.css?ver=3.2&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 140
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Dec 2022 17:05:00 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/prettyPhoto.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 2.8 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/prettyPhoto.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
File type ASCII text, with very long lines (402)
Hash 4f21ec76906e28e1c2194ea84546ed6b
85eacc0202364a6682bd58ee3f6680efc1420c7f
86534570cd150f56233dd6fb56369c299e76d93a751dc233c66d35d512a37179
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/prettyPhoto.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 2769
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 11 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
File type Unicode text, UTF-8 text, with very long lines (8757)
Hash b48576b2fd6f5353d194b58726cb801e
fd9594080365b0b432518cef88eae6366ee54aa7
40ce84ce9448023101615f9881229a4d5d0b8ce5d240e5af1d2d62216ce6c44f
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 10663
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/flexslider.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 1.1 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/flexslider.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
Hash 73a695b0018d8d155d3129efa309c1b7
2c1cfb154ea964a6912f4a79ca59143ccb5a875c
501bf5b91725f178c2524760038a9425cc242e0868110823bb08e8ed46c79735
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/flexslider.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 1097
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1&time=1666380583
192.124.249.16200 OK 8.0 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1&time=1666380583
IP 192.124.249.16:0
Hash 46bbad2b797beedc8b19c1cc2c3b146a
ca16a1f07fe67f95137814e766aaf9e8f521f8cc
8988c29e8b423754613ecd0228429491f7b7ce1a978daf4a714b38c77a7fc91c
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 8017
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Dec 2022 17:03:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/v4-shims.min.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 4.2 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/v4-shims.min.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
File type ASCII text, with very long lines (26516)
Hash a23f408351ab37e6fe118d4605c09020
637f8b42309bcb2827aca454305d22664cda46c2
2fd81408c95881e1dd32f388894223dd4528bfa6ca57103b9c70ef847f19deba
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/v4-shims.min.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 4229
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/multi-columns-row.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 410 B URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/multi-columns-row.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
Hash ebe74e7aed5f9096abc2a8b7cd2fcbb3
e7b42eeadb89890dfcf50ab81f574b8c62451efd
efad0abb8385bb832537c26d73a24dcbd3e1a512fcff899394de198bf14f1d55
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/multi-columns-row.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 410
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/jiffy-lube-24084.png
192.124.249.16200 OK 11 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/jiffy-lube-24084.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash 9908d6b195c34bfb9e312e1b7338dedf
6c1755097724f34a1ecfa22c2ab77207eebb7650
79250e2bdb5e6142583709d7985fa6bf3b8cd350d78596393586cb24e62df561
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/jiffy-lube-24084.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 11041
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "2b21-5af6e6f4af500"
last-modified: Wed, 16 Sep 2020 13:42:12 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Palmetto-Bluff-1.jpg
192.124.249.16200 OK 5.2 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Palmetto-Bluff-1.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x84, components 3\012- data
Hash 149df2706fcd9f2ca14452f75398ee7e
f34022dd9e3e2629280bc64251c3aa0abf35280c
59ca4e84188c5cd2c1f757e8dc9713f6de599ff2b98dd183ef9d7a48a387a61d
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Palmetto-Bluff-1.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 5168
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1430-5af6ea03a6c40"
last-modified: Wed, 16 Sep 2020 13:55:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Opsgenie-2.png
192.124.249.16200 OK 9.7 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Opsgenie-2.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash a35d91336c4997f9bbf0503a159c30ad
225aa2e5159891c4545da801ae7cb24791fcebb8
4ae179c026484515593db5bb660c8226ef974b8221243106da7ea3ea6c950f5b
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Opsgenie-2.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 9679
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "25cf-5af6e63222a00"
last-modified: Wed, 16 Sep 2020 13:38:48 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Craig-Builders.png
192.124.249.16200 OK 5.7 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Craig-Builders.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash 19ab782568e55ba89e2e13884db91586
892ffb738c29c29b760cfe26716b6c1cc8e24032
354ec80645761fd3aba4e49808e88228990ae099b376f1827a52e4845487c02e
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Craig-Builders.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 5744
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1670-5af6e39e31500"
last-modified: Wed, 16 Sep 2020 13:27:16 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 2.8 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
File type ASCII text, with very long lines (402)
Hash 3a1ff9de48099cfd3a536038539f3471
8b0c39c5002ae1ef271ff3852d08ff8e0ae0aa78
49b0cc1bafc014351334de23ce439af74635db3c2ea0cce4be2d62f5223c9bb1
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 2808
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 20 Jul 2022 20:20:59 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/11/EURE-CONSULTING_NO-TAG_IDS-e1543524574550.jpg
192.124.249.16200 OK 8.1 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/11/EURE-CONSULTING_NO-TAG_IDS-e1543524574550.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left], baseline, precision 8, 200x61, components 3\012- data
Hash a2550b5b4ef9131e66872a43811ab71d
2fb3b7a794e16cb73e166c04c7e56d25d6860e8c
048ea40001c6aa5a5746721024c78d6c892f11a344b2fe12d786847f8c167f0b
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/11/EURE-CONSULTING_NO-TAG_IDS-e1543524574550.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 8085
x-sucuri-id: 19016
accept-ranges: bytes
age: 154845
content-security-policy: upgrade-insecure-requests
etag: "1f95-57bd3d1ef7380"
last-modified: Thu, 29 Nov 2018 20:49:34 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/kerecis-1.png
192.124.249.16200 OK 6.5 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/kerecis-1.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f100b4ae66788170d23b57928c2be3f
43a850bb9bb801798b53c2f290fd263a72a00b56
037741c5cb9d4d9fa2396a46327fdda2134c60f29e94933892a315bba2a01ef1
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/kerecis-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 6541
x-sucuri-id: 19016
accept-ranges: bytes
age: 103831
content-security-policy: upgrade-insecure-requests
etag: "198d-5af6f486eb9c0"
last-modified: Wed, 16 Sep 2020 14:42:55 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/unlocked-icon.png
192.124.249.16200 OK 3.5 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/unlocked-icon.png
IP 192.124.249.16:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f181af8699008fca9339148f872bb17
201ad77d856dfd6164eab43723a9c0ec629e19b0
9df3698cf5b67077fafef43b7cdabcd13e252c5f1f055c6dbff5eaea93a805d9
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/unlocked-icon.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 3508
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "db4-5464fc6ba1d80"
last-modified: Tue, 17 Jan 2017 20:02:14 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/sam-hill-entertainment-1.jpg
192.124.249.16200 OK 4.1 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/sam-hill-entertainment-1.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x84, components 3\012- data
Hash f9a24c05686a21b40c2a5133b788a9b9
3bab5db13e6aaec6b5ab1072b0fd736175effd6f
bc5c66b6d42c990c585479cd05bb4780dc0f0bf3a8fddaef0552508b93cb02a0
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/sam-hill-entertainment-1.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 4135
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1027-5af6ea03a6c40"
last-modified: Wed, 16 Sep 2020 13:55:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3&time=1666380583
192.124.249.16200 OK 972 B URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3&time=1666380583
IP 192.124.249.16:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 972
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 12 Nov 2022 10:54:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/check-icon.png
192.124.249.16200 OK 3.5 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/check-icon.png
IP 192.124.249.16:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 2bb58540cfb4b9822d5241ac24f69e48
0465cdff23fea28532cd21b193cd757a7b81b097
fc0a3578a9d55ec89948286ede7a62056450edddab3cb25013f81ceb18945d1e
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/check-icon.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 3480
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "d98-5464fc809cf00"
last-modified: Tue, 17 Jan 2017 20:02:36 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/CavalierProduce_Logo-14184.png
192.124.249.16200 OK 9.0 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/CavalierProduce_Logo-14184.png
IP 192.124.249.16:0
File type PNG image data, 141 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash 610029778db4cc88b94bceedea95468b
00f49838c20285d87f7244cfe4a153534eec0b88
8f75726a9c42404e4d6f015f1414a82dbe9ff8bd7bffcd01f9597d3d9ddcd37c
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/CavalierProduce_Logo-14184.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 8970
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "230a-5af6f8d92ebc0"
last-modified: Wed, 16 Sep 2020 15:02:15 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Eagle-Logo_Flat-1.png
192.124.249.16200 OK 9.6 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Eagle-Logo_Flat-1.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash 24531108702f81924ccfbe0002e57942
7b08e4ed2984c73ef9756380b833ccf3b46b9c71
09967248bdc66783ac691c2411f6c0a34bd5604e340543a9bdae65d85ba145e2
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Eagle-Logo_Flat-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 9565
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "255d-5af6ea01be7c0"
last-modified: Wed, 16 Sep 2020 13:55:51 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/vsp-logo.png
192.124.249.16200 OK 10 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/vsp-logo.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 994dd56245b8fb2552f93a2ede6e7e4b
20f09608189b163ea1c8e32fad002934e0571f80
698ff1e5d1a5b204d6f1c0fd184cf01b2d1a1cca4395d18f34c5533d6f763324
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/vsp-logo.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 10435
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "28c3-5af6f3734ef80"
last-modified: Wed, 16 Sep 2020 14:38:06 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/magnifying-glass-icon1.png
192.124.249.16200 OK 4.1 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/magnifying-glass-icon1.png
IP 192.124.249.16:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 14958745f80bf9e8c40a2e8e452faf7a
9cfe669eb6d4ea1b20b2c63041fc7af9ef3228d4
4a829e9a8ab5c2b55f12155ff8b063b09848bffa31b8778bce3390f7e85d6e95
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/01/magnifying-glass-icon1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 4135
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "1027-5464fc4d1d580"
last-modified: Tue, 17 Jan 2017 20:01:42 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-includes/css/dist/block-library/style.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 15 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-includes/css/dist/block-library/style.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
Hash af4b789233ba2525d722c8a12f97860f
b4db9e64e3d1439330cb90c829e177ea35bb268d
35d0eb5dfe90698c8ef6d17c285721df608b68db6cdba7ae023f04fefbdcd2c0
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-includes/css/dist/block-library/style.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 15104
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 21 Nov 2022 12:52:21 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/all.min.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 12 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/all.min.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
File type ASCII text, with very long lines (57005)
Hash c0b46b44ed9828fa0a0d6be7a2eb1ddf
3fd2f26c03d91a47bd9d2e852686ca57c7c99d7c
839a1cbc542e5c359b2868d4925c4de7918e6bf8f172fd7f2ed4d8b4a519b9c6
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/all.min.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 12417
x-sucuri-id: 19016
accept-ranges: bytes
age: 572161
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Terrific-Deal-1.png
192.124.249.16200 OK 14 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Terrific-Deal-1.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash 641f2d0ec402f3ea730291bea3e1d1a3
4b5810d32089e101bb8f60f2a412e1180053b496
69a7118ab32ef9b4b97f819026756336bf5609a39e249a5a44e4e4abc39a2d5d
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Terrific-Deal-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 14501
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "38a5-5af6f76ec94c0"
last-modified: Wed, 16 Sep 2020 14:55:55 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Paramount-84p.png
192.124.249.16200 OK 14 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Paramount-84p.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash 188d671725d083786c2ffa2f1a329f15
25c5e32cd19b8fb758d66de44833a3f0a50b60f6
ecef255cc8a1af54ba2c8344c9174d8b748eb3655edd1f7a7b4fbd82cde6827f
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Paramount-84p.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 14218
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "378a-5af6e55d77440"
last-modified: Wed, 16 Sep 2020 13:35:05 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Urgo-1.png
192.124.249.16200 OK 14 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Urgo-1.png
IP 192.124.249.16:0
File type PNG image data, 240 x 84, 8-bit/color RGB, non-interlaced\012- data
Hash 9448c532038937af43f2866ab4d59b5c
a5191188834dbd26212f446df3b50e5884c68805
83ef2b6af9752b9df413b009386ba97264da41c6e4a349af44e9cefcb768850b
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/09/Urgo-1.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/png
content-length: 14432
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "3860-5af6ea049ae80"
last-modified: Wed, 16 Sep 2020 13:55:54 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 797e30e84991e23610f2066178362216
db2f0cac3c3d74dda57a0f1c0d6caf25544aa6fc
8f25ffd1c8c7ca279a68da7e3e45e324322dc9956fd84ee704c3fb6d9b2c0855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F25FFD1C8C7CA279A68DA7E3E45E324322DC9956FD84EE704C3FB6D9B2C0855"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3699
Expires: Fri, 09 Dec 2022 15:37:06 GMT
Date: Fri, 09 Dec 2022 14:35:27 GMT
Connection: keep-alive
p1.qhimg.com/d/_onebox/search.png
54.230.111.108200 OK 2.9 kB URL HTTP/1.1 p1.qhimg.com/d/_onebox/search.png
IP 54.230.111.108:0
File type PNG image data, 260 x 43, 8-bit colormap, non-interlaced\012- data
Hash 996729035d9ea7dbd1dcf49bf99e78d9
aba797d529929ca0c864eaf7d3261aee61f3ad78
f7b46e16e323b71d7e8308e8aa62ab36453dd3b57935424f4b4166947f0e5863
GET /d/_onebox/search.png HTTP/1.1
Host: p1.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2941
Connection: keep-alive
Date: Mon, 21 Nov 2022 18:05:46 GMT
Last-Modified: Tue, 05 Jan 2021 11:28:00 GMT
xzp: zhkbrquvsxaf
Expires: Sun, 19 Feb 2023 18:05:46 GMT
Cache-Control: max-age=7776000
Access-Control-Allow-Origin: *
XCS: HIT
KCS-Via: MISS from w-fc03.lato;MISS from w-sc02.bjyt
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Heh6NHw7B0W_lWnMlnkF7ZhoiznFmrDokoSPiwTEffcO2YYpGZvHlw==
Age: 1542581
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 34027c21c20ca74e4d42f869564f076a
67f00189530da86e23a986bd928592ecb7a81633
768dfec8c5996d79d7801cf19f3227054af2649929b1f7c104f631f9f3aca38a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Dec 2022 11:50:58 GMT
ETag: "67f00189530da86e23a986bd928592ecb7a81633"
Last-Modified: Fri, 09 Dec 2022 11:50:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2946
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776e77a98fe71bfe-OSL
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00172020Headshots-scaled.jpg
192.124.249.16200 OK 675 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00172020Headshots-scaled.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=SONY, model=ILCE-9, xresolution=148, yresolution=156, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 9.1 (Windows), datetime=2020:02:28 12:15:28], baseline, precision 8, 1707x2560, components 3\012- data
Size 675 kB (674993 bytes)
Hash 5bf99572f5494f0f2a0b816e9ea7d16e
7e0dd05920474d5b317aa4f429646de46cd5c762
0913631a1662f60a2b4ff4e95d2bf5ba8886e28f213116aac5cb2ade8c8ae6a3
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00172020Headshots-scaled.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 674993
x-sucuri-id: 19016
accept-ranges: bytes
age: 100842
content-security-policy: upgrade-insecure-requests
etag: "a4cb1-5a253c4e6d240"
last-modified: Thu, 02 Apr 2020 19:25:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00122020Headshots-scaled.jpg
192.124.249.16200 OK 528 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00122020Headshots-scaled.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=SONY, model=ILCE-9, xresolution=148, yresolution=156, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 9.1 (Windows), datetime=2020:02:28 12:15:18], baseline, precision 8, 1707x2560, components 3\012- data
Size 528 kB (528000 bytes)
Hash 1829f8d8cf601f7a4dd0e81fb413f788
1dc32a79f3abff64d183a3c4fc50fe5d0a5b994f
a9dc9add4aa9b01aa499e433b4b554ddcb5846f39919b421c2470bd96688af64
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/00122020Headshots-scaled.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: image/jpeg
content-length: 528000
x-sucuri-id: 19016
accept-ranges: bytes
age: 103829
content-security-policy: upgrade-insecure-requests
etag: "80e80-5a253ccc4fb40"
last-modified: Thu, 02 Apr 2020 19:28:05 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 484 B URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
File type ASCII text, with CRLF line terminators
Hash 65752dcc0c6a10c19a1d45d6375bc370
0153d6b0b845ec1ee4cb31f546f30199204be24c
6ec2356de03f75da2e069031b31d47da896df9bbeed05b1f5030480d4b70960f
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: text/css
content-length: 484
x-sucuri-id: 19016
accept-ranges: bytes
age: 572162
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 20 Jul 2022 20:20:59 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/bootstrap.min.css?ver=6.0.3&time=1666380583
192.124.249.16200 OK 19 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/bootstrap.min.css?ver=6.0.3&time=1666380583
IP 192.124.249.16:0
File type ASCII text, with very long lines (65371)
Hash 31df72a0a0d16a8c7fa320af64739ec3
f097c07f3745481e47f19637e0308cd9db7b39fc
afbb22ddb6c038b2547719d14bfabd8596f21da93e31eb520734fb679cb72aad
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/css/bootstrap.min.css?ver=6.0.3&time=1666380583 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: text/css
content-length: 19249
x-sucuri-id: 19016
accept-ranges: bytes
age: 572162
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
img.baidu.com/img/logo-80px.gif
182.61.200.83200 OK 866 B URL HTTP/1.1 img.baidu.com/img/logo-80px.gif
IP 182.61.200.83:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 80 x 29\012- data
Hash 6f5433724f999a096e8a76e6d5918803
6ed88cb4676d384b6b3c7d8ceee5f48aa1bbb524
c3523c84b03a264ff85e541415f945c4c44705c454234274c78d63afd1c278b9
GET /img/logo-80px.gif HTTP/1.1
Host: img.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=311040000
Content-Length: 866
Content-Type: image/gif
Date: Fri, 09 Dec 2022 14:35:28 GMT
Etag: "1211028879"
Expires: Sun, 17 Oct 2032 14:35:28 GMT
Last-Modified: Sun, 15 Aug 2010 16:00:00 GMT
Server: BWS/1.0
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 0be8f0125007d934ae099ba862ab0118
612ca6d340caeda9e9b30b61dd197651599caa4f
218f69eab81dda01b25133719498a41d505cd14c4201444fe2d620d7dea41422
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 13 Dec 2022 13:24:16 GMT
ETag: "612ca6d340caeda9e9b30b61dd197651599caa4f"
Last-Modified: Fri, 09 Dec 2022 13:24:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776e77adccc31bfe-OSL
player.vimeo.com/video/364157527
162.159.138.60200 OK 6.2 kB URL HTTP/1.1 player.vimeo.com/video/364157527
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20539), with no line terminators
Hash dc01911e6c61087b98e31ead93a1f241
9f5ac22507ea338ac2c70843971bfc5386bab018
da707a0c32ab08c5793b914f5a7e393d6e190f7ee89b2d869bc3510e513f74b0
GET /video/364157527 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 09 Dec 2022 14:45:28 GMT
x-host: player-959c5df45-bprgx
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-7
x-backend-proxy: playproxy8
x-bapp-server: player-959c5df45-bprgx
Age: 0
X-Served-By: cache-bma1643-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670596528.267122,VS0,VE242
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=f76p4sj.0R.BKkOfQhNU7bgIAnKLDhQk9fTtAfuX_0w-1670596528-0-Adwq4rDQpCX1Mc4Z/XPBodlVHQcaViaumozeD3ylNKm8i/KuhoMPDA/JFG0Plgls7NvxZEZ+yr3hgYP+eR0vxTI=; path=/; expires=Fri, 09-Dec-22 15:05:28 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 776e77ad9cd7b4f4-OSL
Content-Encoding: gzip
player.vimeo.com/video/340496849
162.159.138.60200 OK 5.9 kB URL HTTP/1.1 player.vimeo.com/video/340496849
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18669), with no line terminators
Hash c44cdd2d09869a90331a4c21b1bb33a9
9ba8cfcf06b4a2e50c9c0bc1ac02eaec6e84521e
7f271ab679270ef700c545180bb1cc63fd93a777416400892ce6b10c965fcbf4
GET /video/340496849 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 09 Dec 2022 14:45:28 GMT
x-host: player-959c5df45-4rd7m
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-1
x-backend-proxy: playproxy2
x-bapp-server: player-959c5df45-4rd7m
Age: 0
X-Served-By: cache-bma1660-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670596528.264527,VS0,VE299
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=m8fegRHeSKAEn80WUtvDsCl2KPtF90DDNQVX8dbiDfM-1670596528-0-ATYG8w+7aCBhsBohPynAlcqsDvdq8zioj3ajU2QAWD7Yuv2H4LYUmkawkXQZx6DrLoJLdiFxZ/5FW3hDD0UUeEw=; path=/; expires=Fri, 09-Dec-22 15:05:28 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 776e77ad9dd4b506-OSL
Content-Encoding: gzip
www.wlovebaidu.com/ky/images/1.jpg
27.255.64.19200 OK 46 kB URL HTTP/1.1 www.wlovebaidu.com/ky/images/1.jpg
IP 27.255.64.19:0
File type GIF image data, version 89a, 1920 x 112\012- data
Hash e4aa0f3e6abcc455b5e2ded9a2a12d6c
78df9660e92ef89f26d4d62dd2f34f350e33f74d
73b9190692334df9e3bfb897893f19f83aeecb4359378d5657cebdb72a04f447
GET /ky/images/1.jpg HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/jpeg
Content-Length: 45522
Last-Modified: Tue, 15 Nov 2022 05:04:18 GMT
Connection: keep-alive
ETag: "63731dd2-b1d2"
Accept-Ranges: bytes
f.vimeocdn.com/p/4.15.3/css/player.css
151.101.246.109200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.15.3/css/player.css
IP 151.101.246.109:0
File type ASCII text, with very long lines (65495)
Hash 968f2cdf88d9a0473ba7a9f06df273da
2816f582988f9de542ca6f12ac98ef5a22bf0572
8126ad5a87c033902741b40e92e955d4cbb5552040a597a261befcce705793af
GET /p/4.15.3/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 75909
x-served-by: cache-iad-kiad7000126-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 37, 52102
x-timer: S1670596529.623271,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20725
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e9eca6a3b7b3eca01dbece95bbef8b99
b048918b5814f3383150cd779c97c7351ff04ae1
402f51360f48babbedb05c8a7803cf3102afdf19cccec1cd966569dc055bfa02
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 11:55:17 GMT
Expires: Sat, 10 Dec 2022 11:55:17 GMT
ETag: "b048918b5814f3383150cd779c97c7351ff04ae1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
f.vimeocdn.com/p/4.15.3/js/player.module.js
151.101.246.109200 OK 116 kB URL HTTP/2 f.vimeocdn.com/p/4.15.3/js/player.module.js
IP 151.101.246.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 116 kB (116326 bytes)
Hash 8c9202bf6ee286b9ed355dedd5cf03ff
98af722e03b42e83e7f3a718a17fcd9fd583083d
d4cfc1c907835aeb287585e70a9f4ee773d91fc1ddfabf1e8881162bd5ea10f2
GET /p/4.15.3/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 75910
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 49, 38456
x-timer: S1670596529.665903,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116326
X-Firefox-Spdy: h2
i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d.jpg?mw=80&q=85
151.101.246.109200 OK 1.6 kB URL HTTP/2 i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d.jpg?mw=80&q=85
IP 151.101.246.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash b04046a3b033e363acc582a1fdd584fa
323e24a3d442054e73d1a0d0ddde46ec53b7ea4a
87d2d9a8bb4971eea7fcfcce71017de00579aeb50132dd0a66613b346bbe7e4a
GET /video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: b04046a3b033e363acc582a1fdd584fa
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-7pkh
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 2409705
x-served-by: cache-dfw-kdfw8210137-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 80, 0
x-timer: S1670596529.643978,VS0,VE125
content-length: 1617
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?06ea3de3c34c59c8eb5943ee69359663
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?06ea3de3c34c59c8eb5943ee69359663
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 17be29e2c319c8c59507c4dace17859d
d734706bc9eb643095a23e50394aa3b5451def1b
4171fc0b29470b797a312ed96ab7631ca7ea231147399d38c4b95dc3579289a3
GET /hm.js?06ea3de3c34c59c8eb5943ee69359663 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 09 Dec 2022 14:35:28 GMT
Etag: ae27f56512e0bd9b9c5312daf5ed7425
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=36640974EF69FF6A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d.jpg?mw=80&q=85
151.101.246.109200 OK 985 B URL HTTP/2 i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d.jpg?mw=80&q=85
IP 151.101.246.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash cc7fe988cbcfd032a216bbba1833c950
ac6c6f2e52f1183e6f216919075d751526f37fa0
979110aceed21baace45f06bd73d4ababfe3ef73b3c57791eee8e663402ed9cb
GET /video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: cc7fe988cbcfd032a216bbba1833c950
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-hdwp
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 273000
x-served-by: cache-dfw-kdfw8210068-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 5, 0
x-timer: S1670596529.669763,VS0,VE126
content-length: 985
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/images/bg-strip.png
192.124.249.16200 OK 925 B URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/images/bg-strip.png
IP 192.124.249.16:0
File type PNG image data, 5 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 6298d49ec2d082f2924af6c49442fe22
4d93e8297c60d01079aa6b2000b71b77941a4229
051ae45d17aec42a9343aa9cd58ee0d098f3233c5a4e9440d058bcc8cfda9ba4
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/images/bg-strip.png HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/style.css?ver=6.0.3&time=1666380583
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/png
content-length: 925
x-sucuri-id: 19016
accept-ranges: bytes
age: 100844
content-security-policy: upgrade-insecure-requests
etag: "39d-5cb19a4c5084b"
last-modified: Fri, 03 Sep 2021 16:18:02 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.3/js/vendor.module.js
151.101.246.109200 OK 116 kB URL HTTP/2 f.vimeocdn.com/p/4.15.3/js/vendor.module.js
IP 151.101.246.109:0
File type ASCII text, with very long lines (65457)
Size 116 kB (115831 bytes)
Hash b1d4e45be3bf63b76cd5365d3bbfec4c
4cbe3e6bd6f09e823d5c994c4304e4c5aed6fec1
84a4f9602b964b8d5f5e11a1081aa7f28edba888d24a138e17bc5f5cc0892b34
GET /p/4.15.3/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 75910
x-served-by: cache-iad-kjyo7100143-IAD, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 33, 49141
x-timer: S1670596529.813116,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 115831
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.246.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.246.109:0
File type ASCII text, with very long lines (1839)
Hash b81408535edef4b73951fa7683a0ecb4
2be1041a686c8d5130ce96600bc7ec68538b4cd9
7b68a0f94a2376708329d7fabc0000c92eb45755267bde5dc8983184b77f3ec7
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:28 GMT
age: 1804690
x-served-by: cache-iad-kiad7000106-IAD, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 33, 137075
x-timer: S1670596529.965245,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
www.sogou.com/web/index/images/logo_440x140.v.4.png
119.28.109.132200 OK 3.0 kB URL HTTP/1.1 www.sogou.com/web/index/images/logo_440x140.v.4.png
IP 119.28.109.132:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 440 x 140, 8-bit colormap, non-interlaced\012- data
Hash 31de1d2fa7d918fab2f59984391db1c8
4f4b78796b3fbf19971f182175bcd92b01ee470f
29f87d6615f36a54e3edc8c7f05eb9b480d1f2989dec8da68e82747d060aea85
GET /web/index/images/logo_440x140.v.4.png HTTP/1.1
Host: www.sogou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:28 GMT
Content-Type: image/png
Content-Length: 2950
Connection: keep-alive
Last-Modified: Mon, 10 Feb 2020 03:11:55 GMT
Set-Cookie: ABTEST=7|1670596528|v17; expires=Sun, 08-Jan-23 14:35:28 GMT; path=/
IPLOC=NO; expires=Sat, 09-Dec-23 14:35:28 GMT; domain=.sogou.com; path=/
SUID=9A2A5A5B7E1A910A00000000639347B0; expires=Thu, 04-Dec-2042 14:35:28 GMT; domain=.sogou.com; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ETag: "5e40c9fb-b86"
Expires: Wed, 07 Jun 2023 14:35:28 GMT
Cache-Control: max-age=15552000
UUID: 2999b14f-0211-419b-90d6-2ec73f12c6b6
Accept-Ranges: bytes
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/startup-593327_640.jpg
192.124.249.16200 OK 43 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/startup-593327_640.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x426, components 3\012- data
Hash d21eee733b9d4fc1e035eb5c4b15d270
37cdd7ce99d5017a7def933029323936a3b1eeb1
65f46d735b419c8b3b192fdb0a64e07955bc5c1a956fe9d6332af023f7a873c6
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2020/04/startup-593327_640.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/jpeg
content-length: 43050
x-sucuri-id: 19016
accept-ranges: bytes
age: 100843
content-security-policy: upgrade-insecure-requests
etag: "a82a-5a46f9d5d0f00"
last-modified: Wed, 29 Apr 2020 15:29:32 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-solid-900.woff2
192.124.249.16200 OK 76 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-solid-900.woff2
IP 192.124.249.16:0
File type Web Open Font Format (Version 2), TrueType, length 76084, version 330.-16253\012- data
Hash f6121be597a72928f54e7ab5b95512a1
b2c74520c3f506efbfefca867918e5ae28bd5222
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.enallihan.com
Connection: keep-alive
Referer: https://secureservercdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: font/woff2
content-length: 76084
x-sucuri-id: 19016
accept-ranges: bytes
access-control-allow-origin: *
age: 147811
content-security-policy: upgrade-insecure-requests
etag: "12934-5cb19a4b80d48"
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d?mw=640&mh=360
151.101.246.109200 OK 8.0 kB URL HTTP/2 i.vimeocdn.com/video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d?mw=640&mh=360
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Hash 22d1b7ea020e2090d00eda7ca3cd3366
0fef558e54901991ec860cb8eeb2446e8e77be77
c7e7a541a454bdea51cfba85b5fa598deab714f860c1af413eeb3cb2a8cb1036
GET /video/819507416-00d16208d3f7e65cf8a241c5b1f2845c1eee79067feccbc969e3da89c721a636-d?mw=640&mh=360 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 22d1b7ea020e2090d00eda7ca3cd3366
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-wv07
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:29 GMT
age: 2053483
x-served-by: cache-dfw-kdfw8210107-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 34, 0
x-timer: S1670596529.983960,VS0,VE141
vary: Accept
content-length: 8002
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-brands-400.woff2
192.124.249.16200 OK 76 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-brands-400.woff2
IP 192.124.249.16:0
File type Web Open Font Format (Version 2), TrueType, length 75936, version 330.-16253\012- data
Hash 822d94f19fe57477865209e1242a3c63
f356aa2e4d9b7245985d312d3bfba180f774e3b7
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/themes/integral-pro/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.enallihan.com
Connection: keep-alive
Referer: https://secureservercdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: font/woff2
content-length: 75936
x-sucuri-id: 19016
accept-ranges: bytes
access-control-allow-origin: *
age: 146741
content-security-policy: upgrade-insecure-requests
etag: "128a0-5cb19a4b89274"
last-modified: Fri, 03 Sep 2021 16:18:01 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1178843199&si=06ea3de3c34c59c8eb5943ee69359663&v=1.3.0&lv=1&sn=43843&r=0&ww=1280&u=https%3A%2F%2Fwww.enallihan.com%2Fmodules%2Ftag%2Fview.tag.php%3F%25DCniversitesi%2F&tt=%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%BB%9A%E7%90%83app%E5%AE%98%E7%BD%91%7C%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%8F%90%E7%8E%B0%E5%A4%9A%E4%B9%85%E5%88%B0%E8%B4%A6%E6%88%B7%E4%B8%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1178843199&si=06ea3de3c34c59c8eb5943ee69359663&v=1.3.0&lv=1&sn=43843&r=0&ww=1280&u=https%3A%2F%2Fwww.enallihan.com%2Fmodules%2Ftag%2Fview.tag.php%3F%25DCniversitesi%2F&tt=%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%BB%9A%E7%90%83app%E5%AE%98%E7%BD%91%7C%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%8F%90%E7%8E%B0%E5%A4%9A%E4%B9%85%E5%88%B0%E8%B4%A6%E6%88%B7%E4%B8%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1178843199&si=06ea3de3c34c59c8eb5943ee69359663&v=1.3.0&lv=1&sn=43843&r=0&ww=1280&u=https%3A%2F%2Fwww.enallihan.com%2Fmodules%2Ftag%2Fview.tag.php%3F%25DCniversitesi%2F&tt=%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%BB%9A%E7%90%83app%E5%AE%98%E7%BD%91%7C%E4%B9%90%E5%8A%A8%E4%BD%93%E8%82%B2%E6%8F%90%E7%8E%B0%E5%A4%9A%E4%B9%85%E5%88%B0%E8%B4%A6%E6%88%B7%E4%B8%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 09 Dec 2022 14:35:28 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=74A200E31D9CCAD1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/03/48013779_ml.jpg
192.124.249.16200 OK 169 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/03/48013779_ml.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1678x1119, components 3\012- data
Size 169 kB (169223 bytes)
Hash 1eed52727831da7c7ad64dfb93f88604
68907c6bcfac6092a3bd4bd4060960336d31aa14
34c410a1ae0ea5a32bcf63569b6556a86692dd28d2089b69f8119779622e9b71
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2017/03/48013779_ml.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/jpeg
content-length: 169223
x-sucuri-id: 19016
accept-ranges: bytes
age: 100843
content-security-policy: upgrade-insecure-requests
etag: "29507-54ab5f48d7300"
last-modified: Tue, 14 Mar 2017 19:37:16 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/12/AdobeStock_104691994.1.jpg
192.124.249.16200 OK 186 kB URL HTTP/2 secureservercdn.net/45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/12/AdobeStock_104691994.1.jpg
IP 192.124.249.16:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1600x757, components 3\012- data
Size 186 kB (186137 bytes)
Hash f153a3040d3eb55e1832723f9e79dc35
b8e76483cddd539ce8eecaf50f5ffae4752289c3
f03d3749988337fbbc55cf68869e42d824b0f84255d42aa6b26dfe2db8e59297
GET /45.40.145.201/ajd.1af.myftpupload.com/wp-content/uploads/2018/12/AdobeStock_104691994.1.jpg HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:35:28 GMT
content-type: image/jpeg
content-length: 186137
x-sucuri-id: 19016
accept-ranges: bytes
age: 100844
content-security-policy: upgrade-insecure-requests
etag: "2d719-57e1b9d126b00"
last-modified: Fri, 28 Dec 2018 21:19:08 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d?mw=640&mh=360
151.101.246.109200 OK 17 kB URL HTTP/2 i.vimeocdn.com/video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d?mw=640&mh=360
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Hash 2566353f5d3327a0be5994da2c17841f
bdc8d29c175affce2621c89c6fc2b256fa959815
6da45462ed6c50b54133273decb911c35758b91ab3cd5a3377562a42b01bbd6c
GET /video/819505142-1b7c780c5d82a587652f1374e66847970e2fb76087f877ac061e1cdb6b646f3c-d?mw=640&mh=360 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 2566353f5d3327a0be5994da2c17841f
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-f064
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:29 GMT
age: 230586
x-served-by: cache-dfw-kdfw8210068-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 3, 0
x-timer: S1670596529.143984,VS0,VE129
vary: Accept
content-length: 17398
X-Firefox-Spdy: h2
i.vimeocdn.com/portrait/32246200_60x60
151.101.246.109200 OK 758 B URL HTTP/2 i.vimeocdn.com/portrait/32246200_60x60
IP 151.101.246.109:0
File type ISO Media, AVIF Image\012- data
Hash 9df60dc2db6e8df48f0d782ef0650d2f
7f5392e244f71fb52a5a04d5002507fea5b90bbd
b3521ecddb32fef651de2069f728d1ae5ce62bf2ea18b5cd20035c6284701c4e
GET /portrait/32246200_60x60 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 9df60dc2db6e8df48f0d782ef0650d2f
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-482t
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:35:29 GMT
age: 1766114
x-served-by: cache-dfw-kdfw8210037-DFW, cache-hel1410020-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 37, 0
x-timer: S1670596529.248657,VS0,VE125
vary: Accept
content-length: 758
X-Firefox-Spdy: h2
www.enallihan.com/favicon.ico
206.2.227.7200 OK 1.6 kB URL HTTP/1.1 www.enallihan.com/favicon.ico
IP 206.2.227.7:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
Hash 898c92f4f422538431a8daf77961d2ff
bb1172ed7e7cb7d5a5f80d9e549e67903c0a9b6a
bafdf94f204dfb4b8e9fb0164cf1ce14152e374535bec89b6b3b5c3d0a167f25
GET /favicon.ico HTTP/1.1
Host: www.enallihan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
Cookie: Hm_lvt_06ea3de3c34c59c8eb5943ee69359663=1670596528; Hm_lpvt_06ea3de3c34c59c8eb5943ee69359663=1670596528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:29 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP 142.250.74.131:0
Hash 4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP 142.250.74.131:0
Hash 4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP 142.250.74.131:0
Hash 4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 113
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ba044f05f2821ae465fef8dbd4a098045a6892c11670596528
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ba044f05f2821ae465fef8dbd4a098045a6892c11670596528
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=ba044f05f2821ae465fef8dbd4a098045a6892c11670596528 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1472
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP 142.250.74.131:0
Hash 4307fc8dda768496c208a9b9c99f12ba
33f0e27ca25609c1c12044ceb67670ffa18adca1
6e22157e202b96dc72144eb14ebfb8c5968b9ef242aeacb6506f2cd5c7545d8b
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:35:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=9e148b49be95806396b212ca4de4fe67f0dce8b11670596528
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=9e148b49be95806396b212ca4de4fe67f0dce8b11670596528
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=9e148b49be95806396b212ca4de4fe67f0dce8b11670596528 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1427
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 09 Dec 2022 14:35:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.wlovebaidu.com/ky/images/3.jpg
27.255.64.19200 OK 444 kB URL HTTP/1.1 www.wlovebaidu.com/ky/images/3.jpg
IP 27.255.64.19:0
File type GIF image data, version 89a, 1920 x 1420\012- data
Size 444 kB (444227 bytes)
Hash caef8f4d50de71d7c4c852c3a890b8fb
a725505ced7e052412e035fc9e253bcc3febee68
407bd23bf6809122b579cb61ff259e1466f9ad3385ad59d6c3e177c76461aea5
GET /ky/images/3.jpg HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/jpeg
Content-Length: 444227
Last-Modified: Tue, 15 Nov 2022 05:04:50 GMT
Connection: keep-alive
ETag: "63731df2-6c743"
Accept-Ranges: bytes
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
104.193.88.77200 OK 0 B URL HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/
IP 104.193.88.77:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.enallihan.com/modules/tag/view.tag.php?%DCniversitesi/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 09 Dec 2022 14:35:30 GMT
fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C600%2C700%2C700italic%2C600italic%2C400italic%7CCabin%3A400%2C500%2C600%2C700%7CMontserrat%3A400%2C700&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C600%2C700%2C700italic%2C600italic%2C400italic%7CCabin%3A400%2C500%2C600%2C700%7CMontserrat%3A400%2C700&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A100%2C300%2C400%2C600%2C700%2C700italic%2C600italic%2C400italic%7CCabin%3A400%2C500%2C600%2C700%7CMontserrat%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 14:35:26 GMT
date: Fri, 09 Dec 2022 14:35:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
58.254.150.48200 OK 0 B URL HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP 58.254.150.48:0
ASN #136958 China Unicom Guangdong IP network
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 09 Dec 2022 14:35:27 GMT
content-type: application/x-javascript
last-modified: Sun, 31 Jul 2022 09:23:08 GMT
etag: "62e649fc-134"
cache-control: max-age=86400
content-encoding: br
age: 25857
accept-ranges: bytes
tracecode: 17954958720310087434120911
ohc-global-saved-time: Fri, 09 Dec 2022 03:29:55 GMT
ohc-cache-hit: gz3un50 [2], zhuzuncache57 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
www.wlovebaidu.com/ky/images/2.gif
27.255.64.19200 OK 0 B URL HTTP/1.1 www.wlovebaidu.com/ky/images/2.gif
IP 27.255.64.19:0
GET /ky/images/2.gif HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/gif
Content-Length: 9392241
Last-Modified: Tue, 15 Nov 2022 05:04:37 GMT
Connection: keep-alive
ETag: "63731de5-8f5071"
Accept-Ranges: bytes
www.wlovebaidu.com/ky/images/4.jpg
27.255.64.19200 OK 0 B URL HTTP/1.1 www.wlovebaidu.com/ky/images/4.jpg
IP 27.255.64.19:0
GET /ky/images/4.jpg HTTP/1.1
Host: www.wlovebaidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.enallihan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 14:35:27 GMT
Content-Type: image/jpeg
Content-Length: 1386755
Last-Modified: Tue, 15 Nov 2022 05:05:03 GMT
Connection: keep-alive
ETag: "63731dff-152903"
Accept-Ranges: bytes