Report - safar-tours.com/

Report Overview

URL

safar-tours.com/
IP

192.254.190.171

ASN

#46606 UNIFIEDLAYER-AS-1
Submitted

2023-04-15T02:25:00Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
use.typekit.net (5)	494	2012-07-05 03:42:39	2023-04-14 05:46:12	2737	118824	23.36.76.186
fonts.gstatic.com (5)	unknown	2014-09-09 02:40:21	2023-04-14 21:20:40	2248	162226	216.58.207.227
www.weebly.com (1)	21455	2012-05-21 14:40:56	2023-04-12 18:43:19	363	1913	74.115.50.109
fonts.googleapis.com (5)	8877	2013-06-10 22:14:26	2023-04-14 23:08:06	1934	5277	142.250.74.106
ocsp.pki.goog (2)	175	2018-07-01 08:43:07	2023-04-14 18:12:04	666	1400	142.250.74.131
ajax.googleapis.com (1)	12905	2013-08-16 11:51:31	2023-04-15 01:23:55	423	34577	142.250.74.106
p.typekit.net (1)	620	2012-05-23 16:28:57	2023-04-14 05:46:14	538	390	23.36.76.186
safar-tours.com (38)	unknown	No data	No data	14741	3712616	192.254.190.171
cdn2.editmysite.com (12)	11564	2012-10-02 20:27:39	2023-04-14 04:29:13	4363	695135	151.101.129.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-15	medium	cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1597947175

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (70)

URL IP Response Size

safar-tours.com/

192.254.190.171

301 Moved Permanently

241

URL User Request GET HTTP/1.1

safar-tours.com/
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

241
Hash

cb12e3df71e206000c15e2de97eba318

15ff301dcaf2e96ecb52158a4fac571d2868dfad

bff338ade9dc5854b9399b873c18e95be300bc8ae89661cf1379451f9d719a6f

HTTP Headers

                                        GET / HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 301 Moved Permanently
Date: Sat, 15 Apr 2023 02:24:43 GMT
Server: Apache
Location: http://safar-tours.com/index.html
Content-Length: 241
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

safar-tours.com/index.html

192.254.190.171

200 OK

16273

URL User Request GET HTTP/1.1

safar-tours.com/index.html
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5522), with CRLF, LF line terminators

Size

16273
Hash

ace5affd9973be5c421fc76e1e718bdf

5408433015d4695f1dc657b8d26bcbd488b23b5e

10323ce07e8bf3536a671d1714b42991c89674ff159e93b37fdff20975eeb232

HTTP Headers

                                        GET /index.html HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:43 GMT
Server: Apache
Last-Modified: Thu, 20 Aug 2020 21:55:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16273
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html

fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.106

200 OK

554

URL GET HTTP/1.1

fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
IP

142.250.74.106:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

554
Hash

9f4d944de00f8e4e79b0f98462fb5a57

d03f5f2a4ba0571e872ab1949c132c7d961f8bfa

646821b76e294c56d6b7c8c3ecb52733bdacea8a4a943cd813687109af737d5f

HTTP Headers

                                        GET /css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 15 Apr 2023 02:24:43 GMT
Date: Sat, 15 Apr 2023 02:24:43 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

fonts.googleapis.com/css?family=Crimson+Text:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.106

200 OK

539

URL GET HTTP/1.1

fonts.googleapis.com/css?family=Crimson+Text:400,700,400italic,700italic&subset=latin,latin-ext
IP

142.250.74.106:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

539
Hash

ccdd5cea8a6e4ee6efcd5574888d5e72

057bff80baf1d98f86a80877eb018b522561847b

96ab92f19c7f023f2fd1d70ab01cac1716bf5fda85b8bc5af2506ffd27f7fa71

HTTP Headers

                                        GET /css?family=Crimson+Text:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 15 Apr 2023 02:24:43 GMT
Date: Sat, 15 Apr 2023 02:24:43 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.106

200 OK

600

URL GET HTTP/1.1

fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext
IP

142.250.74.106:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

600
Hash

e67107a1045342e5e98f98733af13438

b07761212fb20ff50d6344704fdbbe0793955b11

c709ea602e43ee35a0eb1f7cd24d5261f8c30f932e83750477f1dcc7bb271b12

HTTP Headers

                                        GET /css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 15 Apr 2023 02:24:43 GMT
Date: Sat, 15 Apr 2023 02:24:43 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext

142.250.74.106

200 OK

517

URL GET HTTP/1.1

fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
IP

142.250.74.106:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

517
Hash

f4ac8b766736ebf6bb9c83d48b20f0df

4ca24785758c437c10534bf010af050d3d9c2907

0013ab4116739a4a1920db767d878ab6b27c92b1b780f0a2a24b0e70738fd063

HTTP Headers

                                        GET /css?family=Montserrat:400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 15 Apr 2023 02:24:43 GMT
Date: Sat, 15 Apr 2023 02:24:43 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

fonts.googleapis.com/css?family=Quattrocento:400,700&subset=latin,latin-ext

142.250.74.106

200 OK

382

URL GET HTTP/1.1

fonts.googleapis.com/css?family=Quattrocento:400,700&subset=latin,latin-ext
IP

142.250.74.106:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

382
Hash

869f471be17467a494cd71213207e807

464be04a7c11b8f1859f74e5d96a1661f496ae7d

7b1432fdee4704cafec1c6fb3f4a2343ebe360dc2ea0027ba94deff8b88c233a

HTTP Headers

                                        GET /css?family=Quattrocento:400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 15 Apr 2023 02:24:43 GMT
Date: Sat, 15 Apr 2023 02:24:43 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

cdn2.editmysite.com/css/sites.css?buildTime=1597947175

151.101.129.46

200 OK

29746

URL GET HTTP/1.1

cdn2.editmysite.com/css/sites.css?buildTime=1597947175
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

29746
Hash

d10158b22b553f723d99dc78eaee6390

80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6

939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e

HTTP Headers

                                        GET /css/sites.css?buildTime=1597947175 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29746
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 07 Apr 2023 18:04:11 GMT
ETag: W/"64305b1b-347ac"
Expires: Tue, 25 Apr 2023 13:12:58 GMT
Cache-Control: max-age=1209600
X-Host: blu116.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 306704
X-Served-By: cache-sjc10033-SJC, cache-bma1660-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 9, 1
X-Timer: S1681525484.619672,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/css/social-icons.css?buildtime=1574104684

151.101.129.46

200 OK

1639

URL GET HTTP/1.1

cdn2.editmysite.com/css/social-icons.css?buildtime=1574104684
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (13080)

Size

1639
Hash

37fd1b6b63693aa391c5bcc22e28289f

be92c06b1c9fef2a0b9db18a54882e123cd4c967

2d40a1b8dedb0caefd18f3c19f9f04d221dac32a259932af8cccd0fba49846be

HTTP Headers

                                        GET /css/social-icons.css?buildtime=1574104684 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1639
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 06 Apr 2023 18:35:06 GMT
ETag: W/"642f10da-3319"
Expires: Thu, 20 Apr 2023 19:54:26 GMT
Cache-Control: max-age=1209600
X-Host: grn68.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 714617
X-Served-By: cache-sjc10040-SJC, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 65, 1
X-Timer: S1681525484.621925,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/css/old/fancybox.css?1574104684

151.101.129.46

200 OK

1218

URL GET HTTP/1.1

cdn2.editmysite.com/css/old/fancybox.css?1574104684
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (3910)

Size

1218
Hash

b644e92258f4c7c0b4270047652d1e60

93734d52ee9e86a768159e514076051813c39cd9

29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907

HTTP Headers

                                        GET /css/old/fancybox.css?1574104684 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1218
Server: nginx
Content-Type: text/css
Last-Modified: Wed, 05 Apr 2023 22:11:06 GMT
ETag: "642df1fa-f47"
Expires: Thu, 20 Apr 2023 02:16:21 GMT
Cache-Control: max-age=1209600
X-Host: blu64.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 778101
X-Served-By: cache-sjc10078-SJC, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 108, 1
X-Timer: S1681525484.621770,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1574104684&

151.101.129.46

200 OK

33051

URL GET HTTP/1.1

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1574104684&
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (65024)

Size

33051
Hash

fe34d667cfbbaedc2bc7495790b9c019

aab106da1c0cdbe3fce29584f5440f427b534c63

155d81f76a7deb128141d509b883d9cf1397c8bc502d92e83c2c0fe6782c3eda

HTTP Headers

                                        GET /js/lang/en/stl.js?buildTime=1574104684& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 33051
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 03 Apr 2023 12:55:54 GMT
ETag: "642accda-2c7eb"
Expires: Tue, 18 Apr 2023 13:05:46 GMT
Cache-Control: max-age=1209600
X-Host: grn99.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 911937
X-Served-By: cache-sjc10068-SJC, cache-bma1647-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 57, 1
X-Timer: S1681525484.622069,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1597947175

151.101.129.46

200 OK

13265

URL GET HTTP/1.1

cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1597947175
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (32013)

Size

13265
Hash

da04d4da36c827437eb064334cf40561

b54b259c2dce4a00e265deddf2ee0941dda6ed40

0064ed54b2f6244cda5252037026ceb744b58067811265aa1a10c3f7cd937b3a

HTTP Headers

                                        GET /js/old/slideshow-jq.js?buildTime=1597947175 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 13265
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 31 Mar 2023 22:57:48 GMT
ETag: "6427656c-9e0b"
Expires: Sat, 15 Apr 2023 22:43:14 GMT
Cache-Control: max-age=1209600
X-Host: grn26.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 1136489
X-Served-By: cache-sjc10026-SJC, cache-bma1660-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 60, 1
X-Timer: S1681525484.630811,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1597947175&

151.101.129.46

200 OK

33051

URL GET HTTP/1.1

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1597947175&
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (65024)

Size

33051
Hash

fe34d667cfbbaedc2bc7495790b9c019

aab106da1c0cdbe3fce29584f5440f427b534c63

155d81f76a7deb128141d509b883d9cf1397c8bc502d92e83c2c0fe6782c3eda

HTTP Headers

                                        GET /js/lang/en/stl.js?buildTime=1597947175& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 33051
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 31 Mar 2023 22:56:09 GMT
ETag: "64276509-2c7eb"
Expires: Mon, 17 Apr 2023 05:09:45 GMT
Cache-Control: max-age=1209600
X-Host: grn26.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 1026897
X-Served-By: cache-sjc10064-SJC, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 51, 1
X-Timer: S1681525484.631518,VS0,VE2
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/js/site/main.js?buildTime=1597947175

151.101.129.46

200 OK

146400

URL GET HTTP/1.1

cdn2.editmysite.com/js/site/main.js?buildTime=1597947175
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (32147)

Size

146400
Hash

81b8673c5d3aa3ab8c0574f2a8f0e3b4

2e0661bc7907d9e2703b3347c3fec579f0aef5d6

0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40

HTTP Headers

                                        GET /js/site/main.js?buildTime=1597947175 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 146400
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 07 Apr 2023 18:04:34 GMT
ETag: "64305b32-74804"
Expires: Fri, 21 Apr 2023 20:10:54 GMT
Cache-Control: max-age=1209600
X-Host: grn38.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 627229
X-Served-By: cache-sjc10052-SJC, cache-bma1680-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1681525484.622031,VS0,VE2
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

7062a8d720b87289e5263ea926e1f1a7

7f723c899e0a61cebeccd03f2d17814125571526

a1ef0dcf8e474b3ca128451d2a85d6f99d5c900a5443785a542f0fef6a663fdf

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 02:24:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1597947175

151.101.129.46

200 OK

159030

URL GET HTTP/1.1

cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1597947175
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (32007)

Size

159030
Hash

40bd6b3520e6770db22d841b9009be3f

5d863c1e1b29700dc2f3546228e0e195ec235587

4157f51e5e61cce428bcbcbea0ec28c41bdc836531ca17333855b7c2a24919a8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /js/site/main-customer-accounts-site.js?buildTime=1597947175 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 159030
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 07 Apr 2023 18:04:34 GMT
ETag: "64305b32-825b0"
Expires: Tue, 25 Apr 2023 12:21:50 GMT
Cache-Control: max-age=1209600
X-Host: grn123.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 309773
X-Served-By: cache-sjc10077-SJC, cache-bma1680-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 1
X-Timer: S1681525484.767907,VS0,VE2
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

142.250.74.106

200 OK

33593

URL GET HTTP/2

ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP

142.250.74.106:443
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint28:74:DC:A1:79:64:AB:97:A4:EA:AB:80:90:A6:E2:B9:D4:16:79:64

ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT

Magic

ASCII text, with very long lines (65483)

Size

33593
Hash

a54a444f20643b131117dc2112cca05f

074964746b12ff1d30f7656310d6154ae1cc98b5

aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830

HTTP Headers

                                        GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://safar-tours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 19:00:36 GMT
expires: Fri, 12 Apr 2024 19:00:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 113047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/old/slideshow/slideshow.css?1597947175

151.101.129.46

200 OK

1488

URL GET HTTP/1.1

cdn2.editmysite.com/css/old/slideshow/slideshow.css?1597947175
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (7352)

Size

1488
Hash

ba9bbd4df86b5b255f5ef44658e52130

3970cecb6939475f95556c2d32d17de0d1645f32

244b7b062e6e558009c622e46008d5542604b9163315220199a2ac50868ff3e5

HTTP Headers

                                        GET /css/old/slideshow/slideshow.css?1597947175 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1488
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 13 Apr 2023 20:24:52 GMT
ETag: W/"64386514-1cb9"
Expires: Thu, 27 Apr 2023 22:40:03 GMT
Cache-Control: max-age=1209600
X-Host: blu146.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:43 GMT
Age: 99881
X-Served-By: cache-sjc10022-SJC, cache-bma1631-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 13, 0
X-Timer: S1681525484.621968,VS0,VE162
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

9686b79b567ebc654135b814803081e7

7128dbe66cc2d82674292bf8f028f2a1690165bb

a993b81b31430c796fdf5a352329863c8c306c0d21cc372255ffa870c272b78c

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 02:24:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

safar-tours.com/gdpr/gdprscript.js?buildTime=1597947175&hasRemindMe=true&stealth=false

192.254.190.171

200 OK

199

URL GET HTTP/1.1

safar-tours.com/gdpr/gdprscript.js?buildTime=1597947175&hasRemindMe=true&stealth=false
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

199
Hash

09d361037fd770f4fc0023dc713b1fcd

cab0e426a23fca6503e527eec7b4937d57884823

c870349d4383dc36d9d200b62a762d2d4ed0c52193d01f1bea2467e36320da48

HTTP Headers

                                        GET /gdpr/gdprscript.js?buildTime=1597947175&hasRemindMe=true&stealth=false HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/index.html
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 19 Jun 2021 02:19:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 199
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript

safar-tours.com/files/main_style.css?1574175616

192.254.190.171

200 OK

10926

URL GET HTTP/1.1

safar-tours.com/files/main_style.css?1574175616
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Requested by

http://safar-tours.com/index.html

Magic

ASCII text, with very long lines (670)

Size

10926
Hash

1211805a65b4f30d5703f8f052f7b2e0

dd472e5d421e5f1bd4f6b48f9b0adfbaa68e238b

6c0ba5051ad637cba60d1dcc347d8bee9d6f08d6c9d46a0d4dc2b6348ea81b8e

HTTP Headers

                                        GET /files/main_style.css?1574175616 HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/index.html
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:43 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 19 Nov 2019 15:00:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10926
Keep-Alive: timeout=5, max=75
Content-Type: text/css

safar-tours.com/files/theme/custom.js?1570137717

192.254.190.171

200 OK

1979

URL GET HTTP/1.1

safar-tours.com/files/theme/custom.js?1570137717
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

1979
Hash

73dd6028972bcd2d82ddde8836414d7f

40728055b73fe76d71bc2a8fe166dd1006705408

89cf68e770b7fe236058a4d8336dc9622d92530b453543f1d805312ea294b236

HTTP Headers

                                        GET /files/theme/custom.js?1570137717 HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/index.html
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:43 GMT
Server: Apache
Last-Modified: Mon, 18 Nov 2019 10:13:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1979
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

cdn2.editmysite.com/images/editor/theme-background/stock/Dawn-Sky.jpg

151.101.129.46

200 OK

264200

URL GET HTTP/1.1

cdn2.editmysite.com/images/editor/theme-background/stock/Dawn-Sky.jpg
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Mario Habenbacher], baseline, precision 8, 2280x1667, components 3\012- data

Size

264200
Hash

fe2c41bfe05606f0437b7216a2fd8057

d9e1a4c2c69a2f88ab023885160fec9de193b9d2

41a899069848454f2e2d470b5a3248b389a09e698b45de91c10d22b17bc927dd

HTTP Headers

                                        GET /images/editor/theme-background/stock/Dawn-Sky.jpg HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 264200
X-GUploader-UploadID: ADPycdvz-4z2ZX6u_YG-UbEJacq4qlqr3SXhBkVDi4hwqiVDRfdWNWL9nA_vyDj_rUKFcQoOgYi3_wFBj8hwuAJY1fqV4w
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Thu, 30 Mar 2023 23:50:01 GMT
Last-Modified: Thu, 25 May 2017 17:32:05 GMT
ETag: "fe2c41bfe05606f0437b7216a2fd8057"
x-goog-generation: 1495733525814532
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 264200
Content-Type: image/jpeg
x-goog-hash: crc32c=1DT21Q==, md5=/ixBv+BWBvBDe3IWov2AVw==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:44 GMT
Via: 1.1 varnish
Age: 3764
X-Served-By: cache-bma1680-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1681525484.096968,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

use.typekit.net/nxe1ajf.js

23.36.76.186

200 OK

6739

URL GET HTTP/2

use.typekit.net/nxe1ajf.js
IP

23.36.76.186:443
ASN

#20940 Akamai International B.V.

Requested by

http://safar-tours.com/index.html
Certificate

IssuerDigiCert Inc

Subjectuse.typekit.net

Fingerprint5F:2F:EB:47:33:08:97:87:7F:73:06:D1:9A:4B:F5:06:57:11:08:2B

ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT

Magic

Unicode text, UTF-8 text, with very long lines (2258)

Size

6739
Hash

6bb980d73bbe61b3547a605ac84476b6

027213ced8e5fbed431076b164b62b8cadb00b39

7f0365a1cdc1b1f8b60d3ef032e95d1646016f8c35465149a35724c86ff5115a

HTTP Headers

                                        GET /nxe1ajf.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://safar-tours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6739
date: Sat, 15 Apr 2023 02:24:44 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

216.58.207.227

200 OK

35888

URL GET HTTP/1.1

fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2
IP

216.58.207.227:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

Web Open Font Format (Version 2), TrueType, length 35888, version 1.0\012- data

Size

35888
Hash

78be9c1daeadb1ae4f8d1e622d7b2011

60923c3b5dfe1a5a07b9092ec9c5583d004d0c5b

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

HTTP Headers

                                        GET /s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35888
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 13 Apr 2023 18:15:48 GMT
Expires: Fri, 12 Apr 2024 18:15:48 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 21 Feb 2023 21:45:58 GMT
Content-Type: font/woff2
Age: 115736

fonts.gstatic.com/s/quattrocento/v17/OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2

216.58.207.227

200 OK

35952

URL GET HTTP/1.1

fonts.gstatic.com/s/quattrocento/v17/OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2
IP

216.58.207.227:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

Web Open Font Format (Version 2), TrueType, length 35952, version 1.0\012- data

Size

35952
Hash

1ede9b49c70635ad07115dc802702118

a7cea5ca5f71b4fed7fc4a69434091c87faf71f5

5e232623c90033b45c4ca98c53ff6b4b5b6c54b1c2da2f05a3a1a7e68e2ca8f5

HTTP Headers

                                        GET /s/quattrocento/v17/OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35952
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 13 Apr 2023 02:25:19 GMT
Expires: Fri, 12 Apr 2024 02:25:19 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:14:34 GMT
Content-Type: font/woff2
Age: 172765

fonts.gstatic.com/s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2

216.58.207.227

200 OK

35872

URL GET HTTP/1.1

fonts.gstatic.com/s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2
IP

216.58.207.227:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

Web Open Font Format (Version 2), TrueType, length 35872, version 1.0\012- data

Size

35872
Hash

62d2afa37918c2d8841c75898eadd68f

d6da38ee9ba1db21b7ee298f0018c2010d5ad882

fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596

HTTP Headers

                                        GET /s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35872
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 13 Apr 2023 02:29:18 GMT
Expires: Fri, 12 Apr 2024 02:29:18 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:12:18 GMT
Content-Type: font/woff2
Age: 172526

fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GDNNQ.woff2

216.58.207.227

200 OK

25540

URL GET HTTP/1.1

fonts.gstatic.com/s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GDNNQ.woff2
IP

216.58.207.227:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

Web Open Font Format (Version 2), TrueType, length 25540, version 1.0\012- data

Size

25540
Hash

19ab149056827f64d640fa3d65f4e536

754c09533c5b386067e762ae85f39c345ec10915

60b9b9640fc716abd752df41f38ad81052f4905e42be2ff3c1f78e851863aee0

HTTP Headers

                                        GET /s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GDNNQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25540
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 12 Apr 2023 15:22:44 GMT
Expires: Thu, 11 Apr 2024 15:22:44 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 24 May 2022 18:29:16 GMT
Content-Type: font/woff2
Age: 212520

fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2

216.58.207.227

200 OK

25184

URL GET HTTP/1.1

fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
IP

216.58.207.227:80
ASN

#15169 GOOGLE

Requested by

http://safar-tours.com/index.html

Magic

Web Open Font Format (Version 2), TrueType, length 25184, version 1.0\012- data

Size

25184
Hash

23eec75ba54d389a0188abbb596b7614

daa4672ad515a108325f52116e9a49aab8cdd5fa

538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862

HTTP Headers

                                        GET /s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25184
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 12 Apr 2023 01:10:26 GMT
Expires: Thu, 11 Apr 2024 01:10:26 GMT
Cache-Control: public, max-age=31536000
Age: 263658
Last-Modified: Tue, 24 May 2022 18:26:18 GMT
Content-Type: font/woff2

use.typekit.net/af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3

23.36.76.186

200 OK

27788

URL GET HTTP/2

use.typekit.net/af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3
IP

23.36.76.186:443
ASN

#20940 Akamai International B.V.

Requested by

http://safar-tours.com/index.html
Certificate

IssuerDigiCert Inc

Subjectuse.typekit.net

Fingerprint5F:2F:EB:47:33:08:97:87:7F:73:06:D1:9A:4B:F5:06:57:11:08:2B

ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT

Magic

Web Open Font Format (Version 2), CFF, length 27788, version 1.0\012- data

Size

27788
Hash

ccc7b72fb1a80abb8cbafa94de34a554

0c68982548e2af3c6d6e8c49128be51e3f5dd0d1

3d25e0efebb8648cd1fcb31872cf5200c2e577259ad589b6e802bb1d95d03efe

HTTP Headers

                                        GET /af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://safar-tours.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27788
etag: "d76106a15ff619ce03b2c3ca28b4559b159b1b63"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 15 Apr 2023 02:24:44 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

23.36.76.186

200 OK

26888

URL GET HTTP/2

use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP

23.36.76.186:443
ASN

#20940 Akamai International B.V.

Requested by

http://safar-tours.com/index.html
Certificate

IssuerDigiCert Inc

Subjectuse.typekit.net

Fingerprint5F:2F:EB:47:33:08:97:87:7F:73:06:D1:9A:4B:F5:06:57:11:08:2B

ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data

Size

26888
Hash

6c288957e1ea69636d76b434a53c65ef

b8e0e2074136f3b167567d532312cc0f838bdf5f

c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc

HTTP Headers

                                        GET /af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://safar-tours.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26888
etag: "49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 15 Apr 2023 02:24:44 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3

23.36.76.186

200 OK

26568

URL GET HTTP/2

use.typekit.net/af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
IP

23.36.76.186:443
ASN

#20940 Akamai International B.V.

Requested by

http://safar-tours.com/index.html
Certificate

IssuerDigiCert Inc

Subjectuse.typekit.net

Fingerprint5F:2F:EB:47:33:08:97:87:7F:73:06:D1:9A:4B:F5:06:57:11:08:2B

ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 26568, version 1.0\012- data

Size

26568
Hash

69d7f21af427ec644440343c1bcd0606

186c5445f00e61e82a73ce3207965ce28c410f72

2a1074cd5044c672760ad745fdbbd125381d63a86f5380b57a1dd28ad0da0d75

HTTP Headers

                                        GET /af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://safar-tours.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26568
etag: "c11943bfe7851ce643a829e2f815ebf55030b555"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 15 Apr 2023 02:24:44 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3

23.36.76.186

200 OK

29052

URL GET HTTP/2

use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
IP

23.36.76.186:443
ASN

#20940 Akamai International B.V.

Requested by

http://safar-tours.com/index.html
Certificate

IssuerDigiCert Inc

Subjectuse.typekit.net

Fingerprint5F:2F:EB:47:33:08:97:87:7F:73:06:D1:9A:4B:F5:06:57:11:08:2B

ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT

Magic

Web Open Font Format (Version 2), CFF, length 29052, version 1.0\012- data

Size

29052
Hash

3437e060c8710bccafd202e3da9a25dc

8e1bbee3d09332165b23156a05b43641f8d9f913

0656089e2e797a739897875d68a79ca62256a3c76ab3f4c31cb2f363cd778fee

HTTP Headers

                                        GET /af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safar-tours.com
Connection: keep-alive
Referer: http://safar-tours.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29052
etag: "a6e56bc1473094b110819c4cfa4169b4a97bd255"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sat, 15 Apr 2023 02:24:44 GMT
X-Firefox-Spdy: h2

safar-tours.com/uploads/1/2/5/3/125321948/published/untitled-2.jpg?1574077944

192.254.190.171

200 OK

4304

URL GET HTTP/1.1

safar-tours.com/uploads/1/2/5/3/125321948/published/untitled-2.jpg?1574077944
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Requested by

http://safar-tours.com/index.html

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 169x125, components 3\012- data

Size

4304
Hash

6e65e06a796a5f25caa8e1a553e1a6eb

b6f11e454bc22ef7c8b27f0f5c16d472120236b3

3c1947188e69f27192a21bc71d7bf8df2d186c7864e84bf42e3cd0e4b2446fde

HTTP Headers

                                        GET /uploads/1/2/5/3/125321948/published/untitled-2.jpg?1574077944 HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/index.html
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:44 GMT
Server: Apache
Last-Modified: Mon, 18 Nov 2019 10:46:22 GMT
Accept-Ranges: bytes
Content-Length: 4304
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg

safar-tours.com/files/theme/plugins.js?1570137717

192.254.190.171

200 OK

22173

URL GET HTTP/1.1

safar-tours.com/files/theme/plugins.js?1570137717
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Requested by

http://safar-tours.com/index.html

Magic

ASCII text

Size

22173
Hash

33d471c86444b9f044254bc9afcc79ae

65f1942e4bc2ba3d7d8666aedf8ec773247fbf08

8961437d3d8b1329599aa480efe745d7d90d4987dc3dc4214f3a47aa516acbd0

HTTP Headers

                                        GET /files/theme/plugins.js?1570137717 HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/index.html
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 23 Apr 2019 10:02:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript

p.typekit.net/p.gif?s=1&k=nxe1ajf&ht=tk&h=safar-tours.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1681525558461

23.36.76.186

200 OK

URL GET HTTP/2

p.typekit.net/p.gif?s=1&k=nxe1ajf&ht=tk&h=safar-tours.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1681525558461
IP

23.36.76.186:443
ASN

#20940 Akamai International B.V.

Requested by

http://safar-tours.com/index.html
Certificate

IssuerDigiCert Inc

Subjectuse.typekit.net

Fingerprint5F:2F:EB:47:33:08:97:87:7F:73:06:D1:9A:4B:F5:06:57:11:08:2B

ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT

Magic

GIF image data, version 89a, 1 x 1\012- data

Size

35
Hash

81144d75b3e69e9aa2fa3e9d83a64d03

f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc

9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

HTTP Headers

                                        GET /p.gif?s=1&k=nxe1ajf&ht=tk&h=safar-tours.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1681525558461 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://safar-tours.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Sat, 15 Apr 2023 02:24:44 GMT
X-Firefox-Spdy: h2

safar-tours.com/uploads/1/2/5/3/125321948/93_1.jpg

192.254.190.171

200 OK

11049

URL GET HTTP/1.1

safar-tours.com/uploads/1/2/5/3/125321948/93_1.jpg
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Requested by

http://safar-tours.com/index.html

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x166, components 3\012- data

Size

11049
Hash

583e0ac15a530150dc82662f0a56421c

c67a7ef60d3d567195634fb7016240e422eb9706

4d6a7f824242c6e438b9bb5b95320ed93dcbe1641edaf1c687842a37b6b9344a

HTTP Headers

                                        GET /uploads/1/2/5/3/125321948/93_1.jpg HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/index.html
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 18 Nov 2019 10:13:31 GMT
Accept-Ranges: bytes
Content-Length: 11049
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg

cdn2.editmysite.com/images/old/slideshow/control_icons.gif

151.101.129.46

200 OK

187

URL GET HTTP/1.1

cdn2.editmysite.com/images/old/slideshow/control_icons.gif
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

GIF image data, version 89a, 25 x 13\012- data

Size

187
Hash

88041de02e278ceedcd7de52bcdb8156

775bf1f3464e006b3f644512e52477ecc9385222

00bd643d7b1cd928b72aa4b6d69df8d5838a8f07e26294fda69ab365fa454c3f

HTTP Headers

                                        GET /images/old/slideshow/control_icons.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1597947175
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 187
X-GUploader-UploadID: ADPycdsC6EgagpSbmWcm5SioUCsxhaWSYE4wyMpjJT0J3UqTITYB7jiGc1eS7yUQhLzRfF0h_xbgZhfv2yZPdZZ-OyNi0w
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Thu, 13 Apr 2023 22:59:36 GMT
Last-Modified: Thu, 25 May 2017 18:53:05 GMT
ETag: "88041de02e278ceedcd7de52bcdb8156"
x-goog-generation: 1495738385881388
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 187
Content-Type: image/gif
x-goog-hash: crc32c=P9yuOw==, md5=iAQd4C4njO7c195SvNuBVg==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:44 GMT
Via: 1.1 varnish
Age: 98631
X-Served-By: cache-bma1680-BMA
X-Cache: HIT
X-Cache-Hits: 16
X-Timer: S1681525484.452417,VS0,VE0
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn2.editmysite.com/images/old/loading.gif

151.101.129.46

200 OK

2964

URL GET HTTP/1.1

cdn2.editmysite.com/images/old/loading.gif
IP

151.101.129.46:80
ASN

#54113 FASTLY

Requested by

http://safar-tours.com/index.html

Magic

GIF image data, version 89a, 30 x 30\012- data

Size

2964
Hash

0b0212ec4e07451700c88a335ebba854

e62e40bbd31145dc64c0a555991a5dc5696d1943

37f5bf015ade9651005d72bcfdbb48838014c1c357f848585df731bc7eaff120

HTTP Headers

                                        GET /images/old/loading.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1597947175
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2964
X-GUploader-UploadID: ADPycdvfCw23ZCvA7uFgSHlZ6KFMZ0ZPOejpV16ThPzshSO_kzY0MU0snW9z3o-6xxf2lZ95PBXQSPTUBMTZA471eIoXoQ
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Thu, 09 Mar 2023 23:23:02 GMT
Last-Modified: Thu, 25 May 2017 18:45:50 GMT
ETag: "0b0212ec4e07451700c88a335ebba854"
x-goog-generation: 1495737950396999
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2964
Content-Type: image/gif
x-goog-hash: crc32c=F+8alw==, md5=CwIS7E4HRRcAyIozXruoVA==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Sat, 15 Apr 2023 02:24:44 GMT
Via: 1.1 varnish
Age: 10257
X-Served-By: cache-bma1680-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1681525484.486183,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

safar-tours.com/uploads/1/2/5/3/125321948/1.jpg

192.254.190.171

200 OK

21643

URL GET HTTP/1.1

safar-tours.com/uploads/1/2/5/3/125321948/1.jpg
IP

192.254.190.171:80
ASN

#46606 UNIFIEDLAYER-AS-1

Requested by

http://safar-tours.com/index.html

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 300x300, components 3\012- data

Size

21643
Hash

22e29c3fc4cfe982fe094c1c16983925

8119ba5be242e6b1f27ff5140b1745dfaac55f96

d96d9d6b7943ca90835be72a9e068c8afe6f4e9acf0770677ac8a7c75c76d391

HTTP Headers

                                        GET /uploads/1/2/5/3/125321948/1.jpg HTTP/1.1
Host: safar-tours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safar-tours.com/index.html
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 02:24:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 24 Sep 2019 12:27:46 GMT
Accept-Ranges: bytes
Content-Length: 21643
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg

safar-tours.com/uploads/1/2/5/3/125321948/1234511.png

192.254.190.171

200 OK

87623

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

#1 JS:Script (size: 117)

#2 JS:Script (size: 1756)

#3 JS:Script (size: 17632)

#4 JS:Script (size: 40459)

#5 JS:Script (size: 55)

#6 JS:Script (size: 477188)

#7 JS:Script (size: 266)

#8 JS:Script (size: 23)

#9 JS:Script (size: 35)

#10 JS:Script (size: 5953)

#11 JS:Script (size: 227)

#12 JS:Script (size: 93636)

#13 JS:Script (size: 182251)

#14 JS:Script (size: 67465)

#15 JS:Script (size: 533936)

#16 JS:Script (size: 32)

#17 JS:Script (size: 22)

#18 JS:Script (size: 62)

#19 JS:Script (size: 2018)

#20 JS:Script (size: 790)

#21 JS:Script (size: 5001)

#22 JS:Script (size: 1267)

#23 JS:Script (size: 655)

HTTP Transactions (70)

URL User Request GET HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Magic

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Magic

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP