Report - www.nikhilsalvi.com/

Report Overview

Submitted URL
www.nikhilsalvi.com/
IP
75.98.175.81
ASN
#55293 A2HOSTING
Submitted
2023-03-07 06:38:05
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	2.7 kB	7.1 kB	23.36.77.32
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-25T05:22:40Z	1.0 kB	72 kB	172.217.21.168
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-25T05:09:34Z	686 B	1.4 kB	142.250.74.131
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-25T05:37:21Z	375 B	21 kB	142.250.74.46
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	3.2 kB	52 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333 B	391 B	34.117.237.239
www.nikhilsalvi.com	767719	2015-09-03T19:19:04Z	2023-03-09T00:37:49Z	6.3 kB	336 kB	75.98.175.81
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606 B	127 B	35.165.93.208
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-24T18:13:50Z	719 B	449 B	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-07	medium	www.nikhilsalvi.com/	Malware
2023-03-07	medium	www.nikhilsalvi.com/wp-content/themes/twentyeleven/style.css?ver=20221101	Malware
2023-03-07	medium	www.nikhilsalvi.com/wp-content/themes/twentyeleven/colors/dark.css?ver=20190404	Malware
2023-03-07	medium	www.nikhilsalvi.com/wp-content/themes/twentyeleven/blocks.css?ver=20220927	Malware
2023-03-07	medium	www.nikhilsalvi.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=8.12.1	Malware
2023-03-07	medium	www.nikhilsalvi.com/wp-includes/css/classic-themes.min.css?ver=1	Malware
2023-03-07	medium	www.nikhilsalvi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.nikhilsalvi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-05-04
Pretty URL www.nikhilsalvi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 75.98.175.81 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-04 18:13:49 Times Seen38181 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.googletagmanager.com/gtag/js?id=UA-36605954-1&l=dataLayer&cx=c	115 kB	2023-03-25	2023-03-25
Pretty URL www.googletagmanager.com/gtag/js?id=UA-36605954-1&l=dataLayer&cx=c IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:21:47 Last Seen2023-03-25 22:21:47 Times Seen1 Hash 5b6feb5a05c5bd27adaa6d42d130d9ce 8f169761720cd1de5f2352cfaa0370d51e29ad16 d03defa1551f3dfb5e6e7e88b751e5fd551f361b82703c3ec60866a4c5a2ee96 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.nikhilsalvi.com/	6.2 kB	2023-03-14	2023-03-25
Pretty URL www.nikhilsalvi.com/ IP 75.98.175.81 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:45:40 Last Seen2023-03-25 22:21:47 Times Seen2 Hash dda55751ebf0fab7c16519e1791846bf b482d873f07e57649d43abba24b098fe97a1dc67 f24c31b27fc310d035b4b4e802db18c79b72c8cd9749c5a00ec824626883ba92 Loading...

	www.nikhilsalvi.com/	2.2 kB	2023-03-14	2023-03-25
Pretty URL www.nikhilsalvi.com/ IP 75.98.175.81 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:45:40 Last Seen2023-03-25 22:21:47 Times Seen2 Hash 34a19cacc862bd3252df56a730e57598 d47778b5215615a4c8ef5d7af403f016253894ff 3f700b983f74fc6d21177fb135711e464a669c038aaf02ca4d50c8158e559551 Loading...

	unknown	0 B	2023-03-07	2024-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 00:10:06 Times Seen37349880 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.nikhilsalvi.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=8.12.1	31 kB	2023-03-07	2024-04-16
Pretty URL www.nikhilsalvi.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=8.12.1 IP 75.98.175.81 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:52 Last Seen2024-04-16 22:29:53 Times Seen882 Hash 3aec8aee9c0b7fb595ba301506f09002 f58b5d6b072ebed281356afa607efef1eb3fad8f 357201dedf46672163a0b8694cb297c5351c6d25402c76b625b3c9ae7305b0e0 Loading...

	www.nikhilsalvi.com/	278 B	2023-03-14	2023-04-05
Pretty URL www.nikhilsalvi.com/ IP 75.98.175.81 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:45:40 Last Seen2023-04-05 01:49:51 Times Seen3 Hash b8609af0c2be5595bb95d986f360d56a 75decc6c5dca05a746ac203af9580442dbbb022e 1bc997f2dc16024c21fe99f55a9d5e776e09ce4df3cd578677933db90ffacf7e Loading...

HTTP Transactions (42)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7939
Expires: Tue, 07 Mar 2023 08:50:13 GMT
Date: Tue, 07 Mar 2023 06:37:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c8d3b63b0ab9c679c7a50df2ba42b497
7133ccb414f7d8040d0f4a1b1df359485a76c377
4652b9b479b50208073dbff5a0b434fe6e8a1a2c5caa6365a8c5de2ff7fd9865

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4652B9B479B50208073DBFF5A0B434FE6E8A1A2C5CAA6365A8C5DE2FF7FD9865"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Tue, 07 Mar 2023 09:10:06 GMT
Date: Tue, 07 Mar 2023 06:37:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Mar 2023 06:08:40 GMT
content-type: application/json
age: 1754
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6681493f94022a7df736f92e03badd12
31bc327734b19fbf70290dcc2d19222564a3a396
f9fe24479b86404d7884409068517cc6f57b988b35be92e4f58cb4634fcb2218

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9FE24479B86404D7884409068517CC6F57B988B35BE92E4F58CB4634FCB2218"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6350
Expires: Tue, 07 Mar 2023 08:23:44 GMT
Date: Tue, 07 Mar 2023 06:37:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: hM57AI1YHK7WwmPtAx77fcjRCRsBun3YDu9QgSdLUMBG4tTSo6bxXhF2UfpzTYRA/ClZ2lkBm1s=
x-amz-request-id: NVZA32P5KE6WQ25S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Mar 2023 06:17:27 GMT
age: 1227
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 06:37:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-70P3XPP3E2

172.217.21.168

302 Found

253 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=G-70P3XPP3E2
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
253 B (253 bytes)
Hash
f894bc81d383c9e084485542e64798d8
4d26f7509d2ba5099d5ccb262162f96e9e2c934a
533a274436baf0f6e8237f493a8bec9b684afe81b6a9861b248a9d721a648bc6

HTTP Headers

GET /gtag/js?id=G-70P3XPP3E2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-70P3XPP3E2
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 07 Mar 2023 06:37:54 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0

www.nikhilsalvi.com/

75.98.175.81

200 OK

22 kB

URL HTTP/1.1
www.nikhilsalvi.com/
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14642)
Size
22 kB (22153 bytes)
Hash
4eb1a11cc7797f296c43dc224661fd24
93f4bec0b5a309d9319c5b5e3ac091fb7b59ad30
41108d2c811b9019fc7114eb6d75d93f447efe925b46f724efa9cf776c485c16

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Link: <https://www.nikhilsalvi.com/wp-json/>; rel="https://api.w.org/"
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Expires: Tue, 07 Mar 2023 07:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22153
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.nikhilsalvi.com/wp-content/themes/twentyeleven/style.css?ver=20221101

75.98.175.81

200 OK

12 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/themes/twentyeleven/style.css?ver=20221101
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (812)
Size
12 kB (12131 bytes)
Hash
a255a7a29eade5b9f406bee4673abf84
ab291cda26d939b7c99605f6d96083b438ce3dc4
fa3f167c88d72e17bec89660f454e604274006b43e7254aa131c92646dcb14f4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/twentyeleven/style.css?ver=20221101 HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 07:22:11 GMT
ETag: "e2e1-5f544c137811a-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Pragma: public
Content-Length: 12131
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 06:37:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-70P3XPP3E2

172.217.21.168

200 OK

71 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-70P3XPP3E2
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (10336)
Size
71 kB (70835 bytes)
Hash
254b1ddd750f9cef861b0cb0b69e6c54
b1f24663b28f0142182d5a8ebbed9515b0b1c769
1d21066c23b7ced356d9a1ad9c327222eb5c2297e9763cc302556bff24ffa603

HTTP Headers

GET /gtag/js?id=G-70P3XPP3E2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.nikhilsalvi.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Mar 2023 06:37:54 GMT
expires: Tue, 07 Mar 2023 06:37:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.nikhilsalvi.com/wp-content/themes/twentyeleven/colors/dark.css?ver=20190404

75.98.175.81

200 OK

2.8 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/themes/twentyeleven/colors/dark.css?ver=20190404
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
ASCII text
Size
2.8 kB (2766 bytes)
Hash
17e960146527810fe7ae433b28e626c5
14690260dcb4b1862e2c567053ec5ded48a0168e
f9474479e362b40d865c278a529db3a5fddd2a3e87369693d7be813a4638435a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/twentyeleven/colors/dark.css?ver=20190404 HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 07:22:11 GMT
ETag: "33c6-5f544c131eb6b-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Pragma: public
Content-Length: 2766
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

www.nikhilsalvi.com/wp-content/themes/twentyeleven/blocks.css?ver=20220927

75.98.175.81

200 OK

1.8 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/themes/twentyeleven/blocks.css?ver=20220927
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
ASCII text
Size
1.8 kB (1767 bytes)
Hash
1ee94a28adbe57768522dda5bc6219f6
9a94e4dea256b13053651f3490144d19b4c82e48
7647ef7d6d15e542669f6cc80423fd1ca2cec8f0df9f6183f9f1f77c94852f90

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/twentyeleven/blocks.css?ver=20220927 HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 07:22:11 GMT
ETag: "1e11-5f544c131eb6b-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Pragma: public
Content-Length: 1767
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: text/css

www.nikhilsalvi.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=8.12.1

75.98.175.81

200 OK

6.3 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=8.12.1
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
C source, ASCII text
Size
6.3 kB (6259 bytes)
Hash
552d0dbd2326d901637a9aba1ce90676
e5b3e2dac4e6791a9b1c8dddd328cb8f5c8fde3d
9e2f9cfff1d473484ee628fcd0ab70a94e2a727350ac12730f21b87ae6016f20

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=8.12.1 HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Jan 2023 22:08:55 GMT
ETag: "78a3-5f2185ce2d04f-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Pragma: public
Content-Length: 6259
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: application/x-javascript

www.nikhilsalvi.com/wp-includes/css/classic-themes.min.css?ver=1

75.98.175.81

200 OK

189 B

URL HTTP/1.1
www.nikhilsalvi.com/wp-includes/css/classic-themes.min.css?ver=1
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Dec 2022 22:08:47 GMT
ETag: "d9-5f0ea9cd26011-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Pragma: public
Content-Length: 189
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

www.nikhilsalvi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

75.98.175.81

200 OK

12 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Dec 2022 22:08:46 GMT
ETag: "172a9-5f0ea9cc6d6f3-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Pragma: public
Content-Length: 12518
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 06:37:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.nikhilsalvi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

75.98.175.81

200 OK

5.0 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Apr 2022 17:26:24 GMT
ETag: "48b9-5dc785c2a1000-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Pragma: public
Content-Length: 5009
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: application/x-javascript

www.googletagmanager.com/gtag/js?id=UA-36605954-1&l=dataLayer&cx=c

172.217.21.168

302 Found

279 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=UA-36605954-1&l=dataLayer&cx=c
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
279 B (279 bytes)
Hash
9a1a1a43ffc7ff1faa52f1593922fe14
96bf503f53bd4d8c15110841adf3c8ce79e63a9f
973a2fdf8b9b1dc5e2b4989fb11a62bcf84ea5639f7d61915c3a743ed1802fbc

HTTP Headers

GET /gtag/js?id=UA-36605954-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=UA-36605954-1&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 07 Mar 2023 06:37:54 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 279
X-XSS-Protection: 0

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Mar 2023 06:03:41 GMT
age: 2053
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.nikhilsalvi.com/wp-content/themes/twentyeleven/images/comment-bubble-dark.png

75.98.175.81

200 OK

872 B

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/themes/twentyeleven/images/comment-bubble-dark.png
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
PNG image data, 43 x 36, 8-bit colormap, non-interlaced\012- data
Size
872 B (872 bytes)
Hash
82284abf5a3c8c004f41b606d6adae2c
c062194b8b156aa558c93afbc9574fbc087a24f6
08085bc74d29b0fac7d2d4b8aef2dabd6d94290a1c367deda816425f2e5c4eaf

HTTP Headers

GET /wp-content/themes/twentyeleven/images/comment-bubble-dark.png HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/wp-content/themes/twentyeleven/colors/dark.css?ver=20190404
Cookie: _ga_70P3XPP3E2=GS1.1.1678171074.1.0.1678171074.0.0.0; _ga=GA1.1.1725588333.1678171075

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 07:22:11 GMT
ETag: "368-5f544c132cdfb"
Accept-Ranges: bytes
Content-Length: 872
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Pragma: public
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/png

www.nikhilsalvi.com/wp-content/themes/twentyeleven/images/search.png

75.98.175.81

200 OK

440 B

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/themes/twentyeleven/images/search.png
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Size
440 B (440 bytes)
Hash
34cb7ea0e3fe637a33e31e8b74a0850e
29176b9abba5df1189c1a6e6a695f3152dd48d32
c99de94cb887e8c3236dd934c1a675ebd453fc8872a7291639d81d07e331fe48

HTTP Headers

GET /wp-content/themes/twentyeleven/images/search.png HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/wp-content/themes/twentyeleven/style.css?ver=20221101
Cookie: _ga_70P3XPP3E2=GS1.1.1678171074.1.0.1678171074.0.0.0; _ga=GA1.1.1725588333.1678171075

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Feb 2023 07:22:11 GMT
ETag: "1b8-5f544c13421d3"
Accept-Ranges: bytes
Content-Length: 440
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Pragma: public
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/png

www.nikhilsalvi.com/wp-content/uploads/2020/04/cropped-realisticdrawings.jpg

75.98.175.81

200 OK

41 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/uploads/2020/04/cropped-realisticdrawings.jpg
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1000x288, components 3\012- data
Size
41 kB (40931 bytes)
Hash
8ce0269a6bb8188af0a12da900f1fa38
e5f3c2adacf86088aa18496be490a7ca6324ccdb
619cde101f410dabaff4d30406e50380e09f535cc5b231bbf54b0d5e36fe300b

HTTP Headers

GET /wp-content/uploads/2020/04/cropped-realisticdrawings.jpg HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Apr 2020 11:18:36 GMT
ETag: "9fe3-5a2ede4f89b00"
Accept-Ranges: bytes
Content-Length: 40931
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Pragma: public
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1dfdbbe528416d7653788c31a945540d
ce7e4b0cc913dcf90dcb43ca51706e2ff0677eaf
872f2081ef126a0358e196338a21f095c376652feaa7cb9b2bfd6f3149838f60

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "872F2081EF126A0358E196338A21F095C376652FEAA7CB9B2BFD6F3149838F60"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6520
Expires: Tue, 07 Mar 2023 08:26:34 GMT
Date: Tue, 07 Mar 2023 06:37:54 GMT
Connection: keep-alive

www.nikhilsalvi.com/wp-content/uploads/2012/10/cardboard_flat.png

75.98.175.81

200 OK

33 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/uploads/2012/10/cardboard_flat.png
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
PNG image data, 256 x 256, 8-bit grayscale, non-interlaced\012- data
Size
33 kB (32880 bytes)
Hash
eb1e349e91607c19c3de6839da3ae117
dede78220b0673f9299a2d948d3a2b1717b0401c
027790ad42819e63c09dc445aa796700dc790541dd8f923945b3870f9564f2b6

HTTP Headers

GET /wp-content/uploads/2012/10/cardboard_flat.png HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/
Cookie: _ga_70P3XPP3E2=GS1.1.1678171074.1.0.1678171074.0.0.0; _ga=GA1.1.1725588333.1678171075

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Oct 2012 08:06:28 GMT
ETag: "8070-4cc0065dea900"
Accept-Ranges: bytes
Content-Length: 32880
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Pragma: public
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/png

www.nikhilsalvi.com/wp-content/uploads/2020/06/b01-791x1024.jpg

75.98.175.81

200 OK

60 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/uploads/2020/06/b01-791x1024.jpg
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 791x1024, components 3\012- data
Size
60 kB (59786 bytes)
Hash
965d51e824c5a72d0897377c5db41606
8ac74a1364055ab9cf9a2a0c91dfa034ec6c0b24
127537964f12298aabdc37640ebd274eaa37f22818f7a487e348e35ac39f1f37

HTTP Headers

GET /wp-content/uploads/2020/06/b01-791x1024.jpg HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Mon, 01 Jun 2020 12:13:59 GMT
ETag: "e98a-5a704bac90fc0"
Accept-Ranges: bytes
Content-Length: 59786
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:54 GMT
Pragma: public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/jpeg

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 07 Mar 2023 06:12:30 GMT
expires: Tue, 07 Mar 2023 08:12:30 GMT
cache-control: public, max-age=7200
age: 1525
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.nikhilsalvi.com/wp-content/uploads/2012/10/nikhil-salvi5.png

75.98.175.81

200 OK

13 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/uploads/2012/10/nikhil-salvi5.png
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (13070 bytes)
Hash
7f4d1f9908c5cdf0a699d7aa273beaf9
72a635ccd9cad36d9520f5371c5c6a25802cd731
2a1dc7567a17049465c9679a67d762a87ddfbc3955ee89726475ca7a2dc57be8

HTTP Headers

GET /wp-content/uploads/2012/10/nikhil-salvi5.png HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.nikhilsalvi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:55 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Oct 2012 13:55:17 GMT
ETag: "330e-4cbf1277e7b40"
Accept-Ranges: bytes
Content-Length: 13070
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:55 GMT
Pragma: public
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/png

push.services.mozilla.com/

35.165.93.208

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.93.208:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9dqjYkg3NXX8gC1nb8txpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vcn4yvX2VrCfciTU9pF3cE3LxEE=

region1.google-analytics.com/g/collect?v=2&tid=G-70P3XPP3E2&gtm=45je3310&_p=654159124&gdid=dZGIzZG&cid=1725588333.1678171075&ul=en-us&sr=1280x1024&_s=1&sid=1678171074&sct=1&seg=0&dl=http%3A%2F%2Fwww.nikhilsalvi.com%2F&dt=Nikhil%20Salvi%20%7C%20thoughts%20sublime%E2%80%A6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-70P3XPP3E2&gtm=45je3310&_p=654159124&gdid=dZGIzZG&cid=1725588333.1678171075&ul=en-us&sr=1280x1024&_s=1&sid=1678171074&sct=1&seg=0&dl=http%3A%2F%2Fwww.nikhilsalvi.com%2F&dt=Nikhil%20Salvi%20%7C%20thoughts%20sublime%E2%80%A6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-70P3XPP3E2&gtm=45je3310&_p=654159124&gdid=dZGIzZG&cid=1725588333.1678171075&ul=en-us&sr=1280x1024&_s=1&sid=1678171074&sct=1&seg=0&dl=http%3A%2F%2Fwww.nikhilsalvi.com%2F&dt=Nikhil%20Salvi%20%7C%20thoughts%20sublime%E2%80%A6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.nikhilsalvi.com
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.nikhilsalvi.com
date: Tue, 07 Mar 2023 06:37:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.nikhilsalvi.com/wp-content/uploads/2022/03/logo_FB_square.jpg

75.98.175.81

200 OK

104 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/uploads/2022/03/logo_FB_square.jpg
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2151, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3035], baseline, precision 8, 516x516, components 3\012- data
Size
104 kB (104134 bytes)
Hash
6490bdd8dafcc9bc8b897bbd0a2fcc06
31dd52d24ef7b92e807b48d6f9395dc35cfcc941
5690b3eac9038a40db3a4898ee139a43f1f7d5eb11f50929d5abf81405b436d3

HTTP Headers

GET /wp-content/uploads/2022/03/logo_FB_square.jpg HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nikhilsalvi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:55 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Mar 2022 10:24:03 GMT
ETag: "196c6-5d925906356c0"
Accept-Ranges: bytes
Content-Length: 104134
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:55 GMT
Pragma: public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/jpeg

www.nikhilsalvi.com/wp-content/uploads/2012/10/nikhil-salvi4.png

75.98.175.81

200 OK

13 kB

URL HTTP/1.1
www.nikhilsalvi.com/wp-content/uploads/2012/10/nikhil-salvi4.png
IP
75.98.175.81:0
ASN
#55293 A2HOSTING

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (13070 bytes)
Hash
7f4d1f9908c5cdf0a699d7aa273beaf9
72a635ccd9cad36d9520f5371c5c6a25802cd731
2a1dc7567a17049465c9679a67d762a87ddfbc3955ee89726475ca7a2dc57be8

HTTP Headers

GET /wp-content/uploads/2012/10/nikhil-salvi4.png HTTP/1.1
Host: www.nikhilsalvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.nikhilsalvi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 06:37:55 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sat, 13 Oct 2012 13:55:17 GMT
ETag: "330e-4cbf1277e7b40"
Accept-Ranges: bytes
Content-Length: 13070
Cache-Control: max-age=604800, public, public
Expires: Wed, 06 Mar 2024 06:37:55 GMT
Pragma: public
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16571
Expires: Tue, 07 Mar 2023 11:14:07 GMT
Date: Tue, 07 Mar 2023 06:37:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16571
Expires: Tue, 07 Mar 2023 11:14:07 GMT
Date: Tue, 07 Mar 2023 06:37:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16571
Expires: Tue, 07 Mar 2023 11:14:07 GMT
Date: Tue, 07 Mar 2023 06:37:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16571
Expires: Tue, 07 Mar 2023 11:14:07 GMT
Date: Tue, 07 Mar 2023 06:37:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6282 bytes)
Hash
e4a8d319b1ada8f22e8a1874033aba2c
3afc8111b03b662e88e61f4991a20a90d7d4f973
fca961af0737a3f0caa3a8d5762a309b871f54d0c8bd0e6ab4efdee4cf2fa462

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6282
x-amzn-requestid: 7f17d7b2-eff8-4e36-a0b6-661862d08620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOHQGtNIAMFp8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065d61-18f0b0196b949829744dae4c;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 18MDurmgerNTDpqnJEoxM5SUxCRIIpv7QKiUF1qESIQ7S_myX7CIKA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d15b6a95f7c8298444f59a99d8027cec.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 21:59:56 GMT
age: 31080
etag: "3afc8111b03b662e88e61f4991a20a90d7d4f973"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3359 bytes)
Hash
e6edb15b0628347e7e7064affe077331
c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26
56c482b858cef1eb56a47dc54b298c31c2dd85cacdc748cea30b3d74a3cda99b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3359
x-amzn-requestid: c884d077-cb85-41c5-adcb-2baac3350d4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOuYHNJIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065e5b-74ab80fe0f96e85957d1a0f3;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GRGivQ_U_5e7EnFMlr0hq-lyRJBfR55XHGsDTM_nOOBWq-qq1zobTQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:32:24 GMT
age: 29132
etag: "c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3553f944-d85f-4136-8939-71be8d622db9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10667 bytes)
Hash
a0d45909f5960fab61dc510f2d8727f9
3da4c9f6bd4deb49d97a8809d3ee5527a92bad29
508c8feca56c077a419b52d2c32b1df0cf10e8c189997c58f67660ea66803273

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3553f944-d85f-4136-8939-71be8d622db9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10667
x-amzn-requestid: 84db4940-e8e2-4729-8bfd-fd82d9cd32fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMPjaENkIAMF1cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640192e2-42c67d8a4a03cd0d33e5d004;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 06:25:38 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vRsOODhcPypCzX_hrZIv9drC32TAi3bfUvbqwMqMBSEjiIGikVh0iQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 07:48:04 GMT
age: 82192
etag: "3da4c9f6bd4deb49d97a8809d3ee5527a92bad29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216e13c1-0321-4461-bb89-dc80c2324842.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5198 bytes)
Hash
ec221aa2efafa6c622c0100d742ecef0
40a7c8a5c31d21eafbcc3547f944ae1c8d252777
c7dbcce86e47aa9e5b415af3f60ffe7057d1531bab0ed43ba5bf6d71c94fc150

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216e13c1-0321-4461-bb89-dc80c2324842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: b30e2262-abd5-4e1e-8449-abc420ece2cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOuZEiHIAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065e5b-071beb7f3b6ff99c7c9c7d6c;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: rsQBJEIJj7mAilcEkbcAZhCMAqQV3y8AG_zFzg-M7XBy4tcCMyah8Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:10:32 GMT
etag: "40a7c8a5c31d21eafbcc3547f944ae1c8d252777"
content-type: image/jpeg
age: 30444
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd169bcdd-a0a5-4941-9384-ffba4bdc071a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10336 bytes)
Hash
13e21a335c129822cf4c9982c721dec4
ada195a342a936549dc42232f8681621094a37d1
caaed03a5fdba3413792f5e68247381e93e0cc7ed7d13998bc266e977aa5b6dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd169bcdd-a0a5-4941-9384-ffba4bdc071a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10336
x-amzn-requestid: 888c797b-6ad4-41f9-a648-483e75bc5b37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BSYWhFVJoAMFVAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6404075c-6995a532313def514b657889;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 03:07:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bvmi_lcqX4J05f2-lPC8HsObS3y1WckQ6tPQ08ZAcNrt-yrcTWfufA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 04:51:01 GMT
age: 6415
etag: "ada195a342a936549dc42232f8681621094a37d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9515 bytes)
Hash
7ec4f2da6f73f59d9a2493697cbaec8c
3513d0fa932a2cf6ec0cf948cfd6e9c67e450824
cbe6ab8f36271592c0febfa90fe92c88d96dce40197e66cb7c06470bf99eccde

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9515
x-amzn-requestid: b2c70ebf-087b-4adf-bc0d-d657586581cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_J1hHdLoAMFQKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc5689-632acdce4082512541dc8c1a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:06:49 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 9IQZWv-0fN7tGMmzg02TvepIAwFovvh_QLoCzFyGokcjHvj1YYEYhA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:46:44 GMT
age: 28272
etag: "3513d0fa932a2cf6ec0cf948cfd6e9c67e450824"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)