r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16997
Expires: Fri, 24 Mar 2023 04:18:17 GMT
Date: Thu, 23 Mar 2023 23:35:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Fri, 24 Mar 2023 02:12:33 GMT
Date: Thu, 23 Mar 2023 23:35:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 23:15:09 GMT
content-type: application/json
age: 1191
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15081
Expires: Fri, 24 Mar 2023 03:46:21 GMT
Date: Thu, 23 Mar 2023 23:35:00 GMT
Connection: keep-alive
alanqaa-contracting.com/
108.167.158.36301 Moved Permanently 0 B IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 23:35:00 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://alanqaa-contracting.com/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6kEs9IEd75UAj4Z9mj0VEv3bl9Vt40ihtIGOG032LCPSLNUtPxJWyoB6uJC9Jzj0jb8Vt0BWg/M=
x-amz-request-id: ZB4SFVKVRSB3C4F6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 23:00:08 GMT
age: 2092
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 23:35:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 23:17:23 GMT
age: 1057
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 73a2ab6c326b2dc59dabdce6112b6e9b
a9baaa533ddecabc3d298ee986fbf732d4bf1677
5169e82b237e65532c32bbbd5d39aaf6bfbed9975957b8779d545d45151353f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5169E82B237E65532C32BBBD5D39AAF6BFBED9975957B8779D545D45151353F4"
Last-Modified: Wed, 22 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Fri, 24 Mar 2023 05:34:35 GMT
Date: Thu, 23 Mar 2023 23:35:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Fri, 24 Mar 2023 01:31:08 GMT
Date: Thu, 23 Mar 2023 23:35:01 GMT
Connection: keep-alive
push.services.mozilla.com/
52.40.49.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.49.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gZZ3MBSU8weXQOHYhBNGmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rR+ocbjWNkxOrgZlhZnf3A9C41A=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alanqaa-contracting.com/
108.167.158.36200 OK 39 kB IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Hash 817d3f808f6cfadb6dc915620948a273
676c6628eddb80fa31315cbda018970fdd40222e
d5fa32c1335892ac8343f29a2d6a9b3262bb7acd6a76c1e1ba1763069592c90d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://alanqaa-contracting.com/wp-json/>; rel="https://api.w.org/", <https://alanqaa-contracting.com/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json", <https://alanqaa-contracting.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alanqaa-contracting.com/wp-content/uploads/elementor/css/post-7.css?ver=1666508915
108.167.158.36200 OK 355 B URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/elementor/css/post-7.css?ver=1666508915
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1117), with no line terminators
Hash 5758e8ebb7d779ddc63acca91fc73ef7
dde48775a61f9738b0d24988815439e89a7d8bed
5cb063cc37da2e5279e26922a4e8710572bf826877bf5f49b732f9126f1faf06
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-7.css?ver=1666508915 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 07:08:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 355
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/elementor/css/global.css?ver=1666509101
108.167.158.36200 OK 1.2 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/elementor/css/global.css?ver=1666509101
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6697)
Hash a2c7a7f52941258341d745b1ec01e610
9c80e990189a2bc4157b208c59ca08b0eb4d0e24
85d91d8c760c45e52fefb505a847c7edd8af47d5e5eaf3610b38872d0a9aefc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1666509101 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 07:11:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1205
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
108.167.158.36200 OK 7.1 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7112
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/elementor/css/post-10.css?ver=1666864695
108.167.158.36200 OK 7.9 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/elementor/css/post-10.css?ver=1666864695
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (42215), with no line terminators
Hash fd6d845f75fa8ea5a0e12f98d951b969
1522cb4650020efcc0079fc694dc203d45293261
24b39b58486b2a49465da3906541fd8b3abe0325ecca62e1a28d7e593b5bd871
GET /wp-content/uploads/elementor/css/post-10.css?ver=1666864695 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 09:58:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7912
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/animate.css?ver=2.1.2
108.167.158.36200 OK 3.6 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/animate.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ed9811e62bf4a113371fb0d5d64d2e87
5586fb25124282d5410a3210eec8fc5170927c78
2ec2aa4924893dad7ca436dbfb01e19a0a1ac610c58c5565cc7b64b53eccdb59
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/animate.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3573
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
108.167.158.36409 Conflict 83 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
108.167.158.36200 OK 17 kB URL HTTP/2 alanqaa-contracting.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/iconfont.css?ver=2.1.2
108.167.158.36200 OK 2.8 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/iconfont.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 60d8dff236d6093df29083c70911b3cc
df136328426b53d131ac15a71ce3fcb2562bb6f7
f047d398447569fe6bef7f34ae7af38f61d071965b6687addb83c8017b93af1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/iconfont.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2830
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/isotope.css?ver=2.1.2
108.167.158.36200 OK 1.2 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/isotope.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3038af3d52c437c2c50ed09b4f82313d
f1d08490b8d6a71556da21d1fd3ee56a4021fb83
85fe6034af068036cc60dc24131f4027194dddd01dacb68eaf91af72950d35d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/isotope.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1221
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/owl.carousel.min.css?ver=2.1.2
108.167.158.36200 OK 970 B URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/owl.carousel.min.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2846)
Hash a8c30354862d988d50e72d8412bbf79f
9e92ea312df7744a472d7a7c761ebec1fb41fd9a
b5a64bd3254c26adb1d1880151dd77fe0a9711a7bfda917283949cd3e0423e28
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/owl.carousel.min.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 970
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
108.167.158.36409 Conflict 83 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
108.167.158.36409 Conflict 83 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/owl.theme.default.min.css?ver=2.1.2
108.167.158.36200 OK 478 B URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/owl.theme.default.min.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (846)
Hash eb4a76f05bf1762bd61703377005623b
ce3c8fc73412f3a7300f1b53fa5ad05266e411c8
25d46807ab012b04c8e5f7b54d00656f49077ca5297f357dc9eb4b6dd6c174a9
GET /wp-content/themes/buildbench/assets/css/owl.theme.default.min.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 478
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/magnific-popup.css?ver=2.1.2
108.167.158.36200 OK 2.5 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/magnific-popup.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 12715070fb45484056da9e708168ea4c
aed21752903c60e0508867ad94d1816f96b3aae1
cabb0b75906d11623244c23448ef7cf2dbbd821b0c0fa588b7ff52d70318149a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/magnific-popup.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2452
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
108.167.158.36200 OK 3.0 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2997
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/woocommerce.css?ver=2.1.2
108.167.158.36200 OK 4.1 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/woocommerce.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 244d4d4f7eec9ca67980e9a8841b8bbb
c0912d3216157f563206cbd530dc855ee13ee504
23c3a953aa8639c4890c7e57d5e05f4e3cf0ad4237210e9bee4c416db1fd2243
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/woocommerce.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4057
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery.countdown.min.js?ver=2.1.2
108.167.158.36200 OK 2.5 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery.countdown.min.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4166)
Hash 40e3efb18e554778f942b8b251b5a594
f6293a5271984077643981592b5789df90a36c6b
c30126c6e0e13d8b5b5998ea04223164604d1969312716b19e9b17674a7bf7ba
GET /wp-content/themes/buildbench/assets/js/jquery.countdown.min.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2538
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/gutenberg-custom.css?ver=2.1.2
108.167.158.36200 OK 6.3 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/gutenberg-custom.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (432)
Hash 497e7d844cb0bf653fac4319b1e84437
0aa742d564e4d6f12354d1a771b64521e5487a2f
f35eea4ec08b4b4ca34f9ba26e3b3649e51419ebae18514ef12fa0af4370599f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/gutenberg-custom.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6324
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/owl.carousel.min.js?ver=2.1.2
108.167.158.36200 OK 15 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/owl.carousel.min.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32000)
Hash f3be1764bc1ce2c0562ba864362b834b
5b5d080b0b33dc04bcb52e7cb766ff5e814fcdc9
72c97e2253c5617d7a9f872a8cdca78389d604739d67334aa32acfeaef396559
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/js/owl.carousel.min.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15325
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working4.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working4.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working4.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWFaDG8pQDm5p07W%2BSJjrPsPGzpVUbZe8ULMXR9VlrQ6Gk4l5cWxQohr1GTUYdhEHJXNj5Kw1YTN0Ml7l1TpsSEqv0r2q3bQN6MEKJ34dgdocWMhHml4R5qEqTwLQP64%2FF%2B4kmTkww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d0dab22b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working2.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working2.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working2.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXpya9c19LElTrk5Bv9XTFTDnhMxSANqBiEOS3PmnVc4lGYYMdrceilXUZAe5%2B3AEAYf9MFr7Qp7zqtVMU92HrCOQ66%2FoXiwXDB%2B5wyRJHbQ%2B%2BvKqYyjKX1CQggitauD3wsTegVjIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d0daf13b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working1.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working1.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working1.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4zF2W5i9SFg7vbfu3o3bLJN2nNeA5pq7gzZVZRB3bmyYMzSdGBowMqV2bRp9lEfhdFyZKlCcDTcU5UyNpHmk0qkDTcQFRRUdh%2FJhNRKmATjI4FwH2CrPTF7f9YlJTMfD6IEcFrMaA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d0dac250b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/testimonial_client.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/testimonial_client.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/testimonial_client.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeDFu6cScUxJOnc%2FaW6%2FhNIY4%2F2rgjqsH5NzgTrUUoa4iwNntcxIphpxa2%2B9J%2BWNsA98Ml5FOzzYCD1%2FZOAPCywQ1YR2F6hcZOyugj88cI7SeX1ZwOnZBWX5mMhLlFOOq6IKOW8u3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d0da965b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working3.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working3.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working3.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZvSIU6O2%2BzM5Wdu1qAVAGdMfmD2uTNzNk3kA2BKp2b90DVZh22wxrIoYt%2FAmkDnSuR4VX%2BoVZZ8kngyzFMwquBXW5Bga91atUAVYHfAM4iqzHlHOVyCn7xRBk%2FRhoQ7cEDrLEH1%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d0dad0db515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
108.167.158.36200 OK 309 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
108.167.158.36200 OK 4.6 kB URL HTTP/2 alanqaa-contracting.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
108.167.158.36200 OK 13 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12577
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-includes/js/wp-util.min.js?ver=6.0.3
108.167.158.36200 OK 709 B URL HTTP/2 alanqaa-contracting.com/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1305)
Hash e9edb7bac979409cf7dbc48d7ab8aca7
ed3f941a8fe41e3994a3ca5e620219328628f532
2a0742cad9937c742b2f51c1ea2ae48359ce8d88d8b56f6d8910c0a267d631b5
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 709
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
108.167.158.36200 OK 2.3 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash a8a064f7e05640436a939b0839c64a66
e9bbdd085a3038acd63d108accba8dfb5499f4c0
2173daddf76795f8194c34463bfc5c9be793aecc545b4672ed5a6f9afcb473c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2313
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/script.js?ver=2.1.2
108.167.158.36200 OK 990 B URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/script.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b260334de8a23b7460c8e9c717e312c7
dc1683f7201595b9b19dfcc11159cbef156ec86c
3c67711550e6c305e6a37c52abfa6d8cac0f66eaea0c23e555ab2206203a40f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/js/script.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 990
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/elementor.js?ver=2.1.2
108.167.158.36200 OK 2.0 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/elementor.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash bf00504552a6679b4ffe2baa22ff2389
379f9aa1973819dd32dde777530b07a1317c5b15
027e5a714eb804df1c241bb1bfeb5fabcc37331bd19f55dd801060a1f134c931
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/js/elementor.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1979
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-includes/js/underscore.min.js?ver=1.13.3
108.167.158.36200 OK 8.3 kB URL HTTP/2 alanqaa-contracting.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18876)
Hash 61a4a3c276f704185a925bfa0f4d8b1b
0176eb701bb114d9cb170193f6208ec4fbb35f71
f0875cbb46e9eeb5e497dd52d8c33725509228193c2dbe9ab464f62a15c2f0e2
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8313
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/blog.css?ver=2.1.2
108.167.158.36200 OK 4.8 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/blog.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash dec7e26ad1e0cd7234c89925d8b250d2
ac6cbb289124ed0d402bf25a26b3ef3003a0c5b2
2e81cef67a6c23cf6387bf42142834e41c29d065ea7977ae8ea8c5159f895e63
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/blog.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4793
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
108.167.158.36200 OK 8.2 kB URL HTTP/2 alanqaa-contracting.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8169
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery-mixtub.js?ver=2.1.2
108.167.158.36200 OK 10 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery-mixtub.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28522)
Hash b7a252c787928d05bb633729cfd06fc0
34e2fdd9dc8eb0ff80c33510fa9e0ecd5d47bfbe
511cf40099b8fde6b51d10f77da009f1dd63b27a1b3c9566cfe0e9ffddc76745
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/js/jquery-mixtub.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10544
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2
108.167.158.36200 OK 374 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:58:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 374
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
108.167.158.36200 OK 5.3 kB URL HTTP/2 alanqaa-contracting.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery.appear.min.js?ver=2.1.2
108.167.158.36200 OK 531 B URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery.appear.min.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (964), with no line terminators
Hash 9c13bb6b1b2da15b650e68ac8547e742
b957c3fd5715b13df6a075553f89dd51da1df5c1
c338ec80853f9fb75d620d6b4ede9b4010d224fbbefad4b5bba368d7fdc4f105
GET /wp-content/themes/buildbench/assets/js/jquery.appear.min.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 531
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
108.167.158.36200 OK 3.7 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/popper.min.js?ver=2.1.2
108.167.158.36200 OK 8.2 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/popper.min.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19063)
Hash 8906edb6f4cb0d79dcb6c7d4d18e9ff0
d936fbec7d82465e67c170b9c014a9d0af17beda
009eab79c4c1130465890265610822a40a0861e68cdf46e54dbde709e64fe8b0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/js/popper.min.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8207
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
108.167.158.36200 OK 13 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash a3a9966edbcf4ff24cbce6355e84c975
4c31a0c1e12987b364c178689b8283d09e4f8a63
d50d738abb2b285ac79c3552d286706f3a99e60add08edad08f20b2d4adbdb8d
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13281
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery.magnific-popup.min.js?ver=2.1.2
108.167.158.36200 OK 9.2 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/jquery.magnific-popup.min.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20087)
Hash 7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/js/jquery.magnific-popup.min.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9204
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
108.167.158.36200 OK 16 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40474)
Hash eb7e2c1cbf83cab4aa6a7fef0dd47eb2
774647abb91ffaee699a8047c9d2fd8a65daff35
bdb3c3194100984be02d52864d7ade76025aa5c3028133d27d947ffb2a75b1e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16151
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/images/icon-image/arrow.png
108.167.158.36200 OK 189 B URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/images/icon-image/arrow.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 43 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash a608d4ef2e8f0241ae528f17ec76ffac
cd72694823d0ac77d7e75949c5e56f4e15309275
1444986f93e3ed5947fbdf4b1e197f7365b77ce5c11c12dd120bf9b2b463b9d0
GET /wp-content/themes/buildbench/assets/images/icon-image/arrow.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
content-length: 189
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-13.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-13.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 2538065a704fafa815faac88dde8a66a
ae9581ae3e6bd13b0622f0858e9b2ca550f39254
949ebc740d258c6d77d35e1419cb24d371ae0b9d931c4995a1b7eace2006d933
GET /wp-content/uploads/2022/10/Alanqaa-Icon-13.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 11:01:07 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4461
Expires: Fri, 24 Mar 2023 00:49:23 GMT
Date: Thu, 23 Mar 2023 23:35:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4461
Expires: Fri, 24 Mar 2023 00:49:23 GMT
Date: Thu, 23 Mar 2023 23:35:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4461
Expires: Fri, 24 Mar 2023 00:49:23 GMT
Date: Thu, 23 Mar 2023 23:35:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4461
Expires: Fri, 24 Mar 2023 00:49:23 GMT
Date: Thu, 23 Mar 2023 23:35:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83b68a72-4db6-4e13-ab9e-7af99c1275e5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83b68a72-4db6-4e13-ab9e-7af99c1275e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5483f1e55bfb1dd7ee50d5c993ce2c43
713be5af68f68936358ad6dc6c2e292ff63fb209
723ee03be195bc93706981369e3df3cbe711f04278f20b02a4da912932896a62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83b68a72-4db6-4e13-ab9e-7af99c1275e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5593
x-amzn-requestid: 951fbc92-bdf3-4af4-ad5d-20d68add7218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQP4PEX9IAMFiTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc69a-01309cc42208ab5272768fce;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:37:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: sZ4KMGCKfdrOi6s0dlGdpxcj689G5WU3CDEC_eNJ2crz0DTsj9UMGA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:55:36 GMT
age: 5966
etag: "713be5af68f68936358ad6dc6c2e292ff63fb209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/bootstrap.min.js?ver=2.1.2
108.167.158.36200 OK 29 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/js/bootstrap.min.js?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash db41aea025284eb3798e82d7b9f965fe
c1140063a369a26e7459360556abad9d36e06ebc
f682fb540c5c8fce6d2c51cd4ed9951155fdf5ef8f1ef7226b3941c32218fd0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/js/bootstrap.min.js?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6bfe713-dd17-46d3-afa9-f5f78836b408.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6bfe713-dd17-46d3-afa9-f5f78836b408.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e1c698a6ed426668efaac9f8a907b2f
f529e2fd710f48f8b176fdaa3c3f66446b930d58
6e7e0803f34264257884908e16a1a9d1aa15b96fba2f513a8ab2c57add34dc5f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6bfe713-dd17-46d3-afa9-f5f78836b408.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8852
x-amzn-requestid: c001b294-0a71-4389-9060-b31536c4a6e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt5EQ-IAMF5Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-373a1f13254871d145a18579;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qWf29BVbQaKGaQcLN6qEcTF3mTY1jS-lNvw04Wlj1uXoPMazK0UYoA==
via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:43:19 GMT
age: 6703
etag: "f529e2fd710f48f8b176fdaa3c3f66446b930d58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d733019c5326d4617096c74ae22fdffd
72bc0b2a19ca257ac974460f81af47fcfa2fee24
6746fcedbf4aad5c94582162e343d160fdc7d127bae807d1a97a9d7a231c9a70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: bf32e1c8-cac1-4f04-abe6-fba2e9e824f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89vHbyoAMFc7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa857-5d84ed861375c4ba04a2ae30;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:51 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 60VbucTVJnuo0rLzrTvbdbQOIMQmhDMQT8st-Y49_plnM_akqw_V4w==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:09:35 GMT
age: 59127
etag: "72bc0b2a19ca257ac974460f81af47fcfa2fee24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 05:35:55 GMT
age: 64747
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd357d16d-d40f-4b91-81cc-69aeb80f25fe.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd357d16d-d40f-4b91-81cc-69aeb80f25fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68798f0963b37143bcbec5c6e08f2efe
00bb4ca04f3e52c8d9eacec7449a9cf49f6c312a
7c54bbd23a76d8b4c15e352b92e33c7164916899a5af71ba34a7af884b8a0944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd357d16d-d40f-4b91-81cc-69aeb80f25fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6403
x-amzn-requestid: aab6628c-f612-4b57-9ae1-0017714e19c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHyEIkIAMF4JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-2110e0d35561ab794e44e966;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: V4F_j_MuQgkRSKgCVI8OaJH2ZUbo6FcSk6Qv-BB4uAfm84jsQ2qklg==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:43:19 GMT
age: 6703
etag: "00bb4ca04f3e52c8d9eacec7449a9cf49f6c312a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/shape2.png
188.114.96.1200 OK 1.9 kB URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/shape2.png
IP 188.114.96.1:0
File type PNG image data, 82 x 290, 8-bit/color RGBA, non-interlaced\012- data
Hash 9651ea695aa10f5da3b2939e0c434349
d515e9b47e31f3f4fd1f8c953a897bd34a307bdf
f2ec34cc4349f649c38bed41d008329f4d0c25153c35fdadc699fe900d3f0da2
GET /wp/buildbench/wp-content/uploads/2019/03/shape2.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: image/png
Content-Length: 1902
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 19:23:17 GMT
last-modified: Sun, 18 Dec 2022 11:29:29 GMT
etag: "76e-639ef999-fd93d77314d46814;;;"
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 15105
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkXCByzw9cO8SyqT%2F%2FjQJj0r%2F16Pz6fdNahSG3P9ZmNfCYIec6VANJ%2BlnuK7Tr2UCsfSgTN25b5j%2FGp42EJVorkpMzO4wzxJv7p%2F7laVWY4HU3M%2Fyv2IeFbHWse7eJHnzWxkqQShpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d123a0afac0-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working1.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working1.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working1.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9752tN%2FWAO3kFnnMFOzkIY4EbGVFWZqParBFKp2afmZsxK1qr0sMamBRT7lQhzcjMJsfzsFqBJkkzSY03NbRXv0EmPVhLW6HkOucLTA9LIYa5MhDfZtNoNQ67gpYDVKv4B6R4mTUYA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d11ce72b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working2.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working2.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working2.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRhyV84ZPqxdj0CtayUlDrEuXoKHlkOiKE0yhKscTWbMkxilO8olZti1SKXUeO2e9LUiP%2FAQV4opm8%2Fk%2B1aSF4gPl8jtwDKutHYcPtngSW0lScAq3t7QqqXfi53%2B6SsGbATdxsKovQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d11ca81b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working3.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working3.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working3.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4f6ZmsFzbshG4mFvyb18auUpm6ztTlmQZlCKamY5sHE4mSlE7G8UWQlH%2Fv0Vc%2FjLRp2dHW8XJZbFCl4KSRZbvym7uZLM98%2Br2LEqbnfXr%2FtMC8vjmo7%2FZhHoOMbl7%2BpGEJCthTOZg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d11ce740b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-05.jpg
108.167.158.36200 OK 79 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-05.jpg
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:10:22 15:54:37], baseline, precision 8, 273x294, components 3\012- data
Hash 67d99004e1abf24912b921d17e2d3ab7
cabcc0f54b824f804fbcb1f84991b3fca9442523
ac24c2b2fc9728527928c2abc2cb4b9135f337bbe5d414291631291d9e4d9557
GET /wp-content/uploads/2019/03/Anqaa-05.jpg HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 11:57:13 GMT
accept-ranges: bytes
content-length: 79413
content-type: image/jpeg
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alanqaa-contracting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 22:29:05 GMT
expires: Thu, 21 Mar 2024 22:29:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 90357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-10.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-10.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c9a5fc20322fb564e8566c4d67d2d18
21c69e30f9a51bb932d5d5506eb9c2689bc7843e
243ebb49ba423b9a0e87343ddf8e106cd97ab69b105c088c81393461651b8585
GET /wp-content/uploads/2022/10/Alanqaa-Icon-10.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:34:39 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alanqaa-contracting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 292962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-06.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-06.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash a58c87c46d599bb974e94aa94d8f358f
a0532c5c79d8d07e126a8a2ae0ac4bc7e9cfbbcd
c5f0fb007528bfd302781adc3ba37120f30a31826edbfbc3ddb286a90d6c5d7e
GET /wp-content/uploads/2019/03/Alanqaa-Icon-06.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:18:18 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Hash eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alanqaa-contracting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 106191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-07.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-07.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a4744df9b7c7a1b655955622c87fa8d
78dc0fd1e3e262b0d6437d848881da998cec7d9f
b3256b187636b610df50b0c7bb4df7b714fbf86737e302a040f7899aa0a4cc45
GET /wp-content/uploads/2019/03/Alanqaa-Icon-07.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:24:21 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alanqaa-contracting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 106191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-11.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-11.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 5377498106f7ab6657e64e34f1648c74
d7e1e6b7382898d887e306ad418b237ac710b3b9
4259bcdb5824e1212c53e897e0c531d54fed2743de20a6e6ee427b8ca99c85d3
GET /wp-content/uploads/2022/10/Alanqaa-Icon-11.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:37:29 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/testimonial_client.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/testimonial_client.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/testimonial_client.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFpTfR26nn8lC6J636CwEvrVvdU6ZY6Hgv4bU09uZFE5MM3CY2%2BAL9DD%2BxyJM3Bd6xokkW2wg1c%2BUmdyROhSE%2BE2Eualg14hfMy9mii39bAUJ4hWGNRwF8a0UIk8rgUzqyTmYqV0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d11d83cb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working4.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/working4.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/working4.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATAw8nbQ4qSkbdh2Rz8uY8iV9pdnlZLZ3FGDULKXYIB32984x9r537PITMaGF3T6PWj01j9HTyjNRAhFpy6sXx4zPgXraMZE567aH%2F%2BCXlBmTtQCipg1c%2FLeFZeILrOzziB74nSMpA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d11de67b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alanqaa-contracting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 106191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://alanqaa-contracting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 106191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-04.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-04.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash c03819e4822c75c3b27f3d81e41ace53
d1156ca4f593dcebf5e306740349fd31b380a279
44f9e2b18738a295d8be135a9fb16cdb3893286c6b39efb9fa5c249ff0f51065
GET /wp-content/uploads/2019/03/Alanqaa-Icon-04.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:12:55 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-03.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-03.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash d4c83d3d7714b21d86a8605d7eeae55a
c7006eb4df8f07cec6ed017465081bb40f5b699a
f3f211ab717cdad9bff81e79cf4c58de92a76d29230c3d5b09f9676e8d918101
GET /wp-content/uploads/2019/03/Alanqaa-Icon-03.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:09:24 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-09.jpg
108.167.158.36200 OK 94 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-09.jpg
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:10:22 15:56:04], baseline, precision 8, 273x294, components 3\012- data
Hash 8cb5cb3d6c7e5f81e0bf1393b00467b4
55a188ba993c3af803e7a0de55b84801c038bd64
e2329fe1e0b87d099746b2ec9efee2ceb388614c82d1a41b0625457120deffac
GET /wp-content/uploads/2019/03/Anqaa-09.jpg HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 11:57:17 GMT
accept-ranges: bytes
content-length: 93942
content-type: image/jpeg
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-05.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-05.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 18d94b7a22ed2ca581cabf7c535f7b0b
dd61a6950c4306ee06f0d79519e538078644b19c
6ad4497cda984db66a9d508df68f1948f3cf82fab2e2e01f624efa9adbfabd0a
GET /wp-content/uploads/2019/03/Alanqaa-Icon-05.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:15:30 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-03.jpg
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-03.jpg
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:10:22 15:53:39], baseline, precision 8, 273x294, components 3\012- data
Hash 00155789b9c51836b77185e9a3a61ed7
1987af4fe984fce3df4e326ffd4d44a461e6222a
8f22afbf8350bda1a4330783433874bb2afd1f11e0e8a23c38320130ae9bbc38
GET /wp-content/uploads/2019/03/Anqaa-03.jpg HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 11:57:10 GMT
accept-ranges: bytes
content-length: 92754
content-type: image/jpeg
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-02.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Alanqaa-Icon-02.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 134afb5e1f46314bddd46db00061a6f3
757d74091796df49be67b08bb3159145968f5b5d
f0383df139a0264dee158f66f6a7d078c81bd9d1293b182a276817c56e9d62dc
GET /wp-content/uploads/2019/03/Alanqaa-Icon-02.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:03:33 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-12.png
108.167.158.36200 OK 93 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-12.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 5890c464a6f3aee98305ce55df3f12c3
cb969856a7390c2d7e53f4938a3e6b8ef74c8c98
7a4139a69b8fbd2f03868cc7ded0fbc36d1a9a2eece8c4bb3d3d053062587a70
GET /wp-content/uploads/2022/10/Alanqaa-Icon-12.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:49:12 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-04.jpg
108.167.158.36200 OK 114 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-04.jpg
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:10:22 15:54:10], baseline, precision 8, 273x294, components 3\012- data
Size 114 kB (113612 bytes)
Hash 4588ea27ff08708a7728df14c792be98
b13b52b14a0f4515b968e0a711469f45759810cd
12c576567c868c5116bd8e31ddfeb5ad74b18b84f6cc69265c325aef9eafc237
GET /wp-content/uploads/2019/03/Anqaa-04.jpg HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 11:57:12 GMT
accept-ranges: bytes
content-length: 113612
content-type: image/jpeg
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-11.jpg
108.167.158.36200 OK 127 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-11.jpg
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=294, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=273], baseline, precision 8, 273x294, components 3\012- data
Size 127 kB (127135 bytes)
Hash 90f6846126282de0135081cc23eb6d4b
095888da49fac1bdbb1e942d6e9a8cfab4e05104
2134f08e4d141ffffcd361504aed1f1640cc19ba54ce2f93a8fa8bc09a136d0a
GET /wp-content/uploads/2019/03/Anqaa-11.jpg HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 08:53:37 GMT
accept-ranges: bytes
content-length: 127135
content-type: image/jpeg
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-10.jpg
108.167.158.36200 OK 138 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2019/03/Anqaa-10.jpg
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:10:22 15:56:23], baseline, precision 8, 273x294, components 3\012- data
Size 138 kB (137858 bytes)
Hash 6da635b39723932abbf1f1ab95986080
3ba1dfbdd5c4708e6f8d7c1b5a95eccfd6153aae
e8defb57b95a387551072a1453b30d25714b862530bfe2ba48d9bcbe17a65ec0
GET /wp-content/uploads/2019/03/Anqaa-10.jpg HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 11:57:18 GMT
accept-ranges: bytes
content-length: 137858
content-type: image/jpeg
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk-01.png
108.167.158.36200 OK 173 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk-01.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 380 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size 173 kB (173161 bytes)
Hash b18cd66bfce86c80f7dc2831a07b1f1b
580b46ab56b2a192073ec66d1ff7c9b99f931208
1e3b46ff1c98d19b6769b36357c40277e9d95d0193d4416b0eef9a471774f4b6
GET /wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk-01.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 08:08:14 GMT
accept-ranges: bytes
content-length: 173161
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alanqaa-contracting.com/wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk.png
108.167.158.36200 OK 273 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 476 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size 273 kB (273334 bytes)
Hash 7716208061b12ca077152cfa9c283f55
359fc0bdbdaf25b0432cd24d33f73270c2f62cad
c1721414d68f454d0dae038be12739899ae0e3d1e73fa8b889d0c2df8c9fa515
GET /wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 08:05:25 GMT
accept-ranges: bytes
content-length: 273334
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
108.167.158.36409 Conflict 83 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/images/footer_img.jpg
108.167.158.36200 OK 42 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/images/footer_img.jpg
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1350x517, components 3\012- data
Hash 65503672aef3a1071e36472f86dcd446
5119e09e7524095fb2820c3d57bc1bf32080955d
a73d30e52bfe168b0e761dbdd348075cdf246c536afc48227c5533086346067a
GET /wp-content/themes/buildbench/assets/images/footer_img.jpg HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
content-length: 41796
content-type: image/jpeg
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
108.167.158.36200 OK 78 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
content-length: 78196
content-type: font/woff2
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
108.167.158.36200 OK 77 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/trophy.png
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/trophy.png
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/trophy.png HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDqHNgE539ABXfMuxGQ1bHnYdlPwyAobJXASdYCVFvg4BlsZXYT4oCKDI%2BdoEcymvLceoRZv5qPwcSud%2B%2FWk1l9PnOMrztXXN6i56i1dWVquxhvMLH3ugtaNCuK3TGrFEy1XfWhRJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d126a1afac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Open%20Sans:400300%7CMontserrat:700700&display=swap
172.217.21.170200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:400300%7CMontserrat:700700&display=swap
IP 172.217.21.170:0
File type ASCII text, with CRLF, LF line terminators
Hash 5cfd053bfcc999fdc4eae7dc47cacc40
dca3af0da6c402f128a967c2110923d5034af0b8
da4b9b3fe175356a63e9af56cde573fd91b196dabba72490adcadf3b578dd910
GET /css?family=Open%20Sans:400300%7CMontserrat:700700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 23:35:02 GMT
date: Thu, 23 Mar 2023 23:35:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/cta_img2.jpg
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/cta_img2.jpg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/cta_img2.jpg HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSn0ey2RD%2Fc6Eilqd9ufrPLiulcCNpG%2BILJutDcI5Lf1%2B55QjN0Iif%2B5ADCjc6DB5FYo7bBqit3rFjcnT8wwu8DWm1hBvYLdliRRSFQa74vuh1xGO8YQh%2FLsFgkFrE20bpse43WIog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d12af3fb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/feature-block-bg1.jpg
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/feature-block-bg1.jpg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/feature-block-bg1.jpg HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E5Ar1u6j6W4tDaGP5qr6VMmqZeasuOcdSLPR9NA0Vn9iZPrcoNIGpyuLezxz61cVyis5sKWQcpVi93Hxre4ccaEOdvjCXA43TG8Xv9Dl9THSTzQiHJEnHw0VnHYUQFPA8M24pJk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d12ab43b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
108.167.158.36409 Conflict 83 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/cta_bg-min.jpg
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/cta_bg-min.jpg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/cta_bg-min.jpg HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5kxHnTrLpd8D%2BBtxXMjNIvTbnx8I0FustPfacEk6uPbEZdC5eX7NTAxnxbPypn4HnK1Sdaa%2BLjMbm4EtgW23F6NSlt3fzEjtphXISYrM9wDpyKKrzyx3rPPSuAqJdm8g1SBV5d1Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d12f916b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
alanqaa-contracting.com/wp-content/uploads/2022/10/cropped-favicon-32x32.png
108.167.158.36200 OK 1.3 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/cropped-favicon-32x32.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 85e48e0dc3a4ace7f6b74faeb964f641
86ec8f035312b6d64803081fc416bb3405f85a86
b63994160526aa3687a4bd326c79ab785244bee1c6e2b62c16e771051db130f3
GET /wp-content/uploads/2022/10/cropped-favicon-32x32.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 08:26:07 GMT
accept-ranges: bytes
content-length: 1313
content-type: image/png
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/cropped-favicon-192x192.png
108.167.158.36200 OK 12 kB URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/cropped-favicon-192x192.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c502a1f92bd1306169451d5117f46925
31fc8e2aa9342da9f49cae610d15d91661114df3
32d4c0c8b31f41471182716c6358a390bdf2a477610e2d82c7b34254e64f8da6
GET /wp-content/uploads/2022/10/cropped-favicon-192x192.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 08:26:06 GMT
accept-ranges: bytes
content-length: 12045
content-type: image/png
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/slider_image01-min.jpg
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/slider_image01-min.jpg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/slider_image01-min.jpg HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7cSXbfe1R%2F24XKMzei9YDk8NdsHnNJx0FzQFRSi4fUMFvrf%2F12eW5bbPYQA9BF%2BmT48c%2BkwHvpWSCNdqHuLhonCThtBZmU7fHcTz4R6Iw5M5tr5AhlYdOmxxHlPe96BSdULepAGhA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d150b01fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
alanqaa-contracting.com/wp-content/themes/buildbench/assets/fonts/iconfont.ttf
108.167.158.36200 OK 153 kB URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/fonts/iconfont.ttf
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 22 names, Macintosh\012- data
Size 153 kB (152760 bytes)
Hash 0c01f68a7011edb544dfd8871d9b675a
72451aee8305c7c420e98b0d16f4c600c15a45e6
1286dc3fe2a95888cdd24090c68743834d25f99450748209030d71587c3996c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/fonts/iconfont.ttf HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/iconfont.css?ver=2.1.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
content-length: 152760
content-type: font/ttf
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
108.167.158.36200 OK 671 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1320)
Hash 5ccb71a38d381c56ef048a0608f55dcc
c19eef8a9e0a40b3d1b01d0bf6868762316db311
b0f9cf59a8daca1c19fb220bdaba817c5745c2565bfcbcadf8f5d2b8e2962022
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 671
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
108.167.158.36200 OK 1.5 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3469)
Hash 734088dce41291748727f06269d6ebf2
2ab82b417ce7f9905021d59d2eda9825c5d727f3
7c10b6a04f04ea03f9de9285b48e8b49cd7ef2c948f8a4c317ac1a13551653ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1515
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
108.167.158.36200 OK 1.3 kB URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2738)
Hash ccac23ee321b604f44a5f280bde7cb85
8def3216e6cbb9d911fd47451de2ea374da86ff8
2c6f3015735cfe29bf48acf9cfa1586d7bb3462a7bcc84741662c30b1bee0f58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1272
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C700&ver=2.1.2
172.217.21.170200 OK 1.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C700&ver=2.1.2
IP 172.217.21.170:0
File type ASCII text, with CRLF, LF line terminators
Hash f268834c1d97ad3d363124144f696cba
dc117928f8285e3ea6388ab8b26992e5ea3b5349
13cde482b83147000b439033f156a1ab0d49f09c3ac386201d061558e1b03c80
GET /css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C700&ver=2.1.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 23:35:02 GMT
date: Thu, 23 Mar 2023 23:35:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/slider6-2.jpg
188.114.96.1404 Not Found 713 B URL HTTP/1.1 demo.themewinter.com/wp/buildbench/wp-content/uploads/2019/03/slider6-2.jpg
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a
GET /wp/buildbench/wp-content/uploads/2019/03/slider6-2.jpg HTTP/1.1
Host: demo.themewinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 23 Mar 2023 23:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bjk79Jfe%2FESaoEsfqz4jy9aNnlqBWqvY%2FRVUcF5wLOP4BoBOSfSJH2TNaVHNJITNKr4T15y70eTCwnlZbQPcXs4vM5Ac1PFvM1Sd37m3bEHxPao7HZfM3t%2FPC27JJI5wjvqvmnGddw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aca7d150949b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js
142.250.74.46200 OK 63 kB URL HTTP/2 www.youtube.com/s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (591)
Hash 11d1b2c0f58efde16b1e8b536038d2f1
316955db875fa89d0896b7794ec63ffb7e928459
5ceb6dcf079ab772724441e3543f9dd8a4d439bc5be8421fe6c7c03cdb94486a
GET /s/player/ace4d669/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 63091
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 23:17:12 GMT
expires: Fri, 22 Mar 2024 23:17:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 1071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9729c913e387cc5cc54e05625f5cbea6
4ace3c47b9999658bc7018e940df5c72b3942f17
19946517f8ed1a0931cca69ad96b334031d2aabd31425c16a2bcac0b1e346239
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 23:20:11 GMT
expires: Thu, 23 Mar 2023 23:35:11 GMT
cache-control: public, max-age=900
age: 893
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.211.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 23 Mar 2023 23:35:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 23 Mar 2023 23:35:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a37ccb2b0d2b6bd75ea76a9535478b74
282cdfc85b1bc6e7b8741fb82ea37844ba831a53
6f9eded96973ad739947a784fddd57298bd3bc8abb3d71eff5c5492826cf254a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
216.58.211.2200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 216.58.211.2:0
Hash df436e4ea5afbc2a00bbf239d6655909
bd359f89a886dea6bcd3a4f5adc14b69cd184479
3cd8076d3ed80e101cdf70d10d7f27fc8d84747088cfabe4e07a9a716e6efa16
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Thu, 23 Mar 2023 23:35:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d4bfebbc64fdc660a908caa5380300ed
60bb50f5e7138c19b4c2e393e9975903c0f8f818
249aabdc3e60dd9ffd2de1998b7b18dd2c638979ba6b1dadf49d54305014cfc6
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 23 Mar 2023 23:35:04 GMT
server: ESF
cache-control: private
content-length: 31050
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9729c913e387cc5cc54e05625f5cbea6
4ace3c47b9999658bc7018e940df5c72b3942f17
19946517f8ed1a0931cca69ad96b334031d2aabd31425c16a2bcac0b1e346239
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/ebdlydw2Yd_Y6uR7srxBjXpjyOJR1-EGTQhTHkWwPWw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/ebdlydw2Yd_Y6uR7srxBjXpjyOJR1-EGTQhTHkWwPWw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36234)
Hash 2f48892c44631371f768940591ea6b5f
e70e65d55fe0f931f89123d8da80fae781465db0
f86bc5688a62e0a7a69c46502c3fcac8a842abea3d02ecb1b76d0dfe39a9e060
GET /js/th/ebdlydw2Yd_Y6uR7srxBjXpjyOJR1-EGTQhTHkWwPWw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14379
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 05:04:35 GMT
expires: Thu, 21 Mar 2024 05:04:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 09:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 153029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 84b45209d94ad7301f9dc2224bb2f5da
90fbb479fe4faefda4e6b2eba4004da6328d81c7
b8be78412999d773ace79581e7160d879c1b165f47a80dfcc4ebd90dac95d799
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJXKqmA9k7V8-cl5ZJmv-N1jnc4-5xoa3RVe4s0Lfg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJXKqmA9k7V8-cl5ZJmv-N1jnc4-5xoa3RVe4s0Lfg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash a5fd75f6535b0dc9e8be40a4e9b7f33d
3f544cf63fbcc94d763bb5497e3de8721b73b1e1
a9650ddcb94330298af9c0479af50cf895074c19e69a47e422f3b056db77bf74
GET /ytc/AL5GRJXKqmA9k7V8-cl5ZJmv-N1jnc4-5xoa3RVe4s0Lfg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "ve5"
expires: Fri, 24 Mar 2023 23:35:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 23:35:04 GMT
server: fife
content-length: 3091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 84b45209d94ad7301f9dc2224bb2f5da
90fbb479fe4faefda4e6b2eba4004da6328d81c7
b8be78412999d773ace79581e7160d879c1b165f47a80dfcc4ebd90dac95d799
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 23 Mar 2023 23:35:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 254c8193fdf6aea37e417e90d8b01860
582145007ddb65018a7482e9be67a23b3e3b26af
533b7bed1f14c840a3ed87d5085eed400311979a894f6c8d98683e7053303e80
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1324
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 23 Mar 2023 23:35:04 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b056e1d62dab8443b507f6a56bd3e09
cf686b5437e629fc65f200d243718ff9b35f5555
1c8fe8dab9487ecc36f3f9e01bf51ed28b54d8ec5f51a18572808ade191475f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b056e1d62dab8443b507f6a56bd3e09
cf686b5437e629fc65f200d243718ff9b35f5555
1c8fe8dab9487ecc36f3f9e01bf51ed28b54d8ec5f51a18572808ade191475f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679636104&ei=KOIcZOX3JInIyAWPk7eQCQ&ip=91.90.42.154&id=o-AHEYgWUkWsfFY0Yjyvfj5LqnFpRWK2M8eqD4ctPyIR7p&itag=251&source=youtube&requiressl=yes&mh=QV&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=yes&initcwndbps=1912500&spc=99c5CeZYgBl0pT8H1wt5CaI3wrfHNACRaf4hgiRdXnewIJat_w&vprv=1&mime=audio%2Fwebm&ns=r7hGbDi_4cykrnVFTSqSvv8M&gir=yes&clen=10093&otfp=1&dur=21.661&lmt=1666561671043536&mt=1679614136&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=QXJOICu2Kpe4uA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSIKRfvpBAmUlSIEICZCkTspHKKUfRmZJNNUL_Lmm7hgCIEi0OfzBoAAhpBCe-LYkHKmW_DbFxaFlkGYTSnQXtG99&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVjKfjwD8EXGf9fVRolihUAWT0y3yhTvQc64ThkKPzfcCIQCnXFlhGsBVIo0XP6ZErQszfAhwyFsStqrJjw8NukF1og%3D%3D&alr=yes&cpn=0dNzFbKK3otrSVCw&cver=1.20230321.00.00&range=0-10092&rn=2&rbuf=0&pot=Iih44njkHP6a0zuFDNQ2jy7SGqcbmCGIItEqsRGMALI3hTqFXdE8x0um
91.90.45.172200 OK 10 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679636104&ei=KOIcZOX3JInIyAWPk7eQCQ&ip=91.90.42.154&id=o-AHEYgWUkWsfFY0Yjyvfj5LqnFpRWK2M8eqD4ctPyIR7p&itag=251&source=youtube&requiressl=yes&mh=QV&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=yes&initcwndbps=1912500&spc=99c5CeZYgBl0pT8H1wt5CaI3wrfHNACRaf4hgiRdXnewIJat_w&vprv=1&mime=audio%2Fwebm&ns=r7hGbDi_4cykrnVFTSqSvv8M&gir=yes&clen=10093&otfp=1&dur=21.661&lmt=1666561671043536&mt=1679614136&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=QXJOICu2Kpe4uA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSIKRfvpBAmUlSIEICZCkTspHKKUfRmZJNNUL_Lmm7hgCIEi0OfzBoAAhpBCe-LYkHKmW_DbFxaFlkGYTSnQXtG99&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVjKfjwD8EXGf9fVRolihUAWT0y3yhTvQc64ThkKPzfcCIQCnXFlhGsBVIo0XP6ZErQszfAhwyFsStqrJjw8NukF1og%3D%3D&alr=yes&cpn=0dNzFbKK3otrSVCw&cver=1.20230321.00.00&range=0-10092&rn=2&rbuf=0&pot=Iih44njkHP6a0zuFDNQ2jy7SGqcbmCGIItEqsRGMALI3hTqFXdE8x0um
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 4af11c129609b183f2e58f0fb178645e
b67b55f20b9f77aed3aace151619abe4e09098b3
a58474d737f084dfd1866ffa0255e505514beca5e6d3addb0677aa7dba3f5072
POST /videoplayback?expire=1679636104&ei=KOIcZOX3JInIyAWPk7eQCQ&ip=91.90.42.154&id=o-AHEYgWUkWsfFY0Yjyvfj5LqnFpRWK2M8eqD4ctPyIR7p&itag=251&source=youtube&requiressl=yes&mh=QV&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=yes&initcwndbps=1912500&spc=99c5CeZYgBl0pT8H1wt5CaI3wrfHNACRaf4hgiRdXnewIJat_w&vprv=1&mime=audio%2Fwebm&ns=r7hGbDi_4cykrnVFTSqSvv8M&gir=yes&clen=10093&otfp=1&dur=21.661&lmt=1666561671043536&mt=1679614136&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=QXJOICu2Kpe4uA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSIKRfvpBAmUlSIEICZCkTspHKKUfRmZJNNUL_Lmm7hgCIEi0OfzBoAAhpBCe-LYkHKmW_DbFxaFlkGYTSnQXtG99&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVjKfjwD8EXGf9fVRolihUAWT0y3yhTvQc64ThkKPzfcCIQCnXFlhGsBVIo0XP6ZErQszfAhwyFsStqrJjw8NukF1og%3D%3D&alr=yes&cpn=0dNzFbKK3otrSVCw&cver=1.20230321.00.00&range=0-10092&rn=2&rbuf=0&pot=Iih44njkHP6a0zuFDNQ2jy7SGqcbmCGIItEqsRGMALI3hTqFXdE8x0um HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 23 Oct 2022 21:47:51 GMT
Content-Type: audio/webm
Date: Thu, 23 Mar 2023 23:35:05 GMT
Expires: Thu, 23 Mar 2023 23:35:05 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 10093
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b056e1d62dab8443b507f6a56bd3e09
cf686b5437e629fc65f200d243718ff9b35f5555
1c8fe8dab9487ecc36f3f9e01bf51ed28b54d8ec5f51a18572808ade191475f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7adaa17124279e861d7c5904f6deab7a
0380ee373d8a419562eab23ed185d2861323f9bc
6647b14d20019a29839dfeba32f76f57fe1821fcee3581bd9d10782504f83a44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/RaETTdIGWQo/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGFYgZShiMA8=&rs=AOn4CLDg1eYJdv4rU20XosDzGJU8rYgv_g
142.250.74.182200 OK 21 kB URL HTTP/2 i.ytimg.com/vi/RaETTdIGWQo/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGFYgZShiMA8=&rs=AOn4CLDg1eYJdv4rU20XosDzGJU8rYgv_g
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 7018774ef3f508f2226a4f2b70320c30
0d96248605bb375bf68942dd5f335282c3acf79a
72618dfd300b914813278a443ba60dafe6976640f5ea436907c8e2f7448dc4eb
GET /vi/RaETTdIGWQo/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGFYgZShiMA8=&rs=AOn4CLDg1eYJdv4rU20XosDzGJU8rYgv_g HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 20831
date: Thu, 23 Mar 2023 23:35:05 GMT
expires: Fri, 24 Mar 2023 01:35:05 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7adaa17124279e861d7c5904f6deab7a
0380ee373d8a419562eab23ed185d2861323f9bc
6647b14d20019a29839dfeba32f76f57fe1821fcee3581bd9d10782504f83a44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 23:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679636104&ei=KOIcZOX3JInIyAWPk7eQCQ&ip=91.90.42.154&id=o-AHEYgWUkWsfFY0Yjyvfj5LqnFpRWK2M8eqD4ctPyIR7p&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=QV&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=yes&initcwndbps=1912500&spc=99c5CeZYgBl0pT8H1wt5CaI3wrfHNACRaf4hgiRdXnewIJat_w&vprv=1&mime=video%2Fwebm&ns=r7hGbDi_4cykrnVFTSqSvv8M&otf=1&otfp=1&dur=0.000&lmt=1666561668578360&mt=1679614136&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=QXJOICu2Kpe4uA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVb534j-q7T_neelKKygq2rj_kStsDjEmTZSnXH1pfXUCIQCetm42OI6KXSsR9vBcVvWitPrFYeVyClr0Iz31TWlkZQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVjKfjwD8EXGf9fVRolihUAWT0y3yhTvQc64ThkKPzfcCIQCnXFlhGsBVIo0XP6ZErQszfAhwyFsStqrJjw8NukF1og%3D%3D&alr=yes&cpn=0dNzFbKK3otrSVCw&cver=1.20230321.00.00&sq=0&rn=1&rbuf=0&pot=Iii9Fb0T2QlfJP5yySPzeOsl31Deb-R_5ybvRtR7xUXycv9ymCb5MI5R
91.90.45.172200 OK 281 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679636104&ei=KOIcZOX3JInIyAWPk7eQCQ&ip=91.90.42.154&id=o-AHEYgWUkWsfFY0Yjyvfj5LqnFpRWK2M8eqD4ctPyIR7p&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=QV&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=yes&initcwndbps=1912500&spc=99c5CeZYgBl0pT8H1wt5CaI3wrfHNACRaf4hgiRdXnewIJat_w&vprv=1&mime=video%2Fwebm&ns=r7hGbDi_4cykrnVFTSqSvv8M&otf=1&otfp=1&dur=0.000&lmt=1666561668578360&mt=1679614136&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=QXJOICu2Kpe4uA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVb534j-q7T_neelKKygq2rj_kStsDjEmTZSnXH1pfXUCIQCetm42OI6KXSsR9vBcVvWitPrFYeVyClr0Iz31TWlkZQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVjKfjwD8EXGf9fVRolihUAWT0y3yhTvQc64ThkKPzfcCIQCnXFlhGsBVIo0XP6ZErQszfAhwyFsStqrJjw8NukF1og%3D%3D&alr=yes&cpn=0dNzFbKK3otrSVCw&cver=1.20230321.00.00&sq=0&rn=1&rbuf=0&pot=Iii9Fb0T2QlfJP5yySPzeOsl31Deb-R_5ybvRtR7xUXycv9ymCb5MI5R
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 60c66ce54f3765b7779fd24ca73f43c0
e48c4a47625919697db70b1edb376f2398f06aca
7457c2c7b6d93eab267307d6cbd33b322b74ef52b8d784c0dbecb6ac53ef261c
POST /videoplayback?expire=1679636104&ei=KOIcZOX3JInIyAWPk7eQCQ&ip=91.90.42.154&id=o-AHEYgWUkWsfFY0Yjyvfj5LqnFpRWK2M8eqD4ctPyIR7p&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=QV&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&pcm2=yes&initcwndbps=1912500&spc=99c5CeZYgBl0pT8H1wt5CaI3wrfHNACRaf4hgiRdXnewIJat_w&vprv=1&mime=video%2Fwebm&ns=r7hGbDi_4cykrnVFTSqSvv8M&otf=1&otfp=1&dur=0.000&lmt=1666561668578360&mt=1679614136&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=QXJOICu2Kpe4uA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVb534j-q7T_neelKKygq2rj_kStsDjEmTZSnXH1pfXUCIQCetm42OI6KXSsR9vBcVvWitPrFYeVyClr0Iz31TWlkZQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVjKfjwD8EXGf9fVRolihUAWT0y3yhTvQc64ThkKPzfcCIQCnXFlhGsBVIo0XP6ZErQszfAhwyFsStqrJjw8NukF1og%3D%3D&alr=yes&cpn=0dNzFbKK3otrSVCw&cver=1.20230321.00.00&sq=0&rn=1&rbuf=0&pot=Iii9Fb0T2QlfJP5yySPzeOsl31Deb-R_5ybvRtR7xUXycv9ymCb5MI5R HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 23 Feb 2023 03:13:41 GMT
Content-Type: video/webm
Date: Thu, 23 Mar 2023 23:35:05 GMT
Expires: Thu, 23 Mar 2023 23:35:05 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
alanqaa-contracting.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 172.217.21.170:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 23:35:02 GMT
date: Thu, 23 Mar 2023 23:35:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk-250x42-1.png
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk-250x42-1.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/10/New-Alanqaa-Logo-Blk-250x42-1.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 08:10:14 GMT
accept-ranges: bytes
content-length: 94060
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-08.png
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-08.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/10/Alanqaa-Icon-08.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:29:56 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/master.css?ver=2.1.2
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/master.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/buildbench/assets/css/master.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/bootstrap.min.css?ver=2.1.2
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-content/themes/buildbench/assets/css/bootstrap.min.css?ver=2.1.2
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/buildbench/assets/css/bootstrap.min.css?ver=2.1.2 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:56:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-09.png
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-content/uploads/2022/10/Alanqaa-Icon-09.png
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/10/Alanqaa-Icon-09.png HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 10:32:21 GMT
accept-ranges: bytes
content-length: 92944
content-type: image/png
date: Thu, 23 Mar 2023 23:35:02 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 23 Mar 2023 23:35:01 GMT
server: Apache
X-Firefox-Spdy: h2
alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
108.167.158.36200 OK 0 B URL HTTP/2 alanqaa-contracting.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 108.167.158.36:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: alanqaa-contracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alanqaa-contracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 22 Oct 2022 07:57:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 23 Mar 2023 23:35:03 GMT
server: Apache
X-Firefox-Spdy: h2