www.indusface.com Open in urlscan Pro
64.185.181.238 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Submission: On September 17 via manual (September 17th 2021, 8:59:27 am UTC) from RU — Scanned from DE

Summary HTTP 106 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 29 domains to perform 106 HTTP transactions. The main IP is 64.185.181.238, located in United States and belongs to BITGRAVITY, US. The main domain is www.indusface.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 17th 2021. Valid for: a year.

This is the only time www.indusface.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	64.185.181.238 64.185.181.238	40009 (BITGRAVITY) (BITGRAVITY)
4	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
7	52.74.192.222 52.74.192.222	16509 (AMAZON-02) (AMAZON-02)
2	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
4	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
2 2	68.183.157.211 68.183.157.211	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	13.227.158.89 13.227.158.89	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1	2.18.234.132 2.18.234.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.154.140.16 35.154.140.16	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	104.18.26.190 104.18.26.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
1 2	108.174.11.69 108.174.11.69	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
2 8	99.84.82.62 99.84.82.62	16509 (AMAZON-02) (AMAZON-02)
1	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
4	99.84.82.124 99.84.82.124	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	99.84.82.6 99.84.82.6	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	34.117.59.81 34.117.59.81	15169 (GOOGLE) (GOOGLE)
1	99.84.82.115 99.84.82.115	16509 (AMAZON-02) (AMAZON-02)
1	54.213.26.105 54.213.26.105	16509 (AMAZON-02) (AMAZON-02)
2	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
4	99.84.82.91 99.84.82.91	16509 (AMAZON-02) (AMAZON-02)
3	99.84.90.163 99.84.90.163	16509 (AMAZON-02) (AMAZON-02)
1	178.128.135.233 178.128.135.233	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	52.22.91.206 52.22.91.206	14618 (AMAZON-AES) (AMAZON-AES)
9	2.16.186.211 2.16.186.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.227.158.29 13.227.158.29	16509 (AMAZON-02) (AMAZON-02)
2	99.84.82.113 99.84.82.113	16509 (AMAZON-02) (AMAZON-02)
106	36

16 64.185.181.238 (United States)

ASN40009 (BITGRAVITY, US)
PTR: pc-b.bitgravity.com

www.indusface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.74.192.222 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

web.mxradon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.157.211 (Clifton, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: websitepolicies.net-wpcc.io

cdn.wpcc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.158.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-158-89.muc51.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-132.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.154.140.16 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-154-140-16.ap-south-1.compute.amazonaws.com

indusface.viewpage.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.190 (None, )

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.11.69 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.84.82.62 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-62.muc50.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.82.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-124.muc50.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.82.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-6.muc50.r.cloudfront.net

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.82.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-115.muc50.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.213.26.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-26-105.us-west-2.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.82.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-91.muc50.r.cloudfront.net

f1.leadsquaredcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.90.163 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-90-163.muc50.r.cloudfront.net

dwmbily8o2kmd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.233 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.91.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-91-206.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.186.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-211.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.158.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-158-29.muc51.r.cloudfront.net

assetscdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.82.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-113.muc50.r.cloudfront.net

oeqepmcz7a.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	indusface.com www.indusface.com	397 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	457 KB
9	livechatinc.com cdn.livechatinc.com api.livechatinc.com secure.livechatinc.com accounts.livechatinc.com	289 KB
9	adroll.com 2 redirects s.adroll.com d.adroll.com	453 KB
8	omappapi.com a.omappapi.com api.omappapi.com z.omappapi.com	78 KB
7	mxradon.com web.mxradon.com	10 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
4	leadsquaredcdn.com f1.leadsquaredcdn.com	71 KB
4	google.com www.google.com	2 KB
3	cloudfront.net dwmbily8o2kmd.cloudfront.net	51 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	pushengage.com clientcdn.pushengage.com assetscdn.pushengage.com	26 KB
2	amazonaws.com oeqepmcz7a.execute-api.us-east-1.amazonaws.com	470 B
2	facebook.com www.facebook.com	331 B
2	google.de www.google.de	586 B
2	lfeeder.com sc.lfeeder.com tr.lfeeder.com	8 KB
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	facebook.net connect.facebook.net	114 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	websitepolicies.io cdn.websitepolicies.io	6 KB
2	wpcc.io 2 redirects cdn.wpcc.io	635 B
2	googletagmanager.com www.googletagmanager.com	94 KB
1	cloudflare.com cdnjs.cloudflare.com	44 KB
1	trackcmp.net trackcmp.net	384 B
1	ipinfo.io ipinfo.io	597 B
1	g2crowd.com tracking.g2crowd.com	1 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	viewpage.co indusface.viewpage.co	6 KB
1	licdn.com snap.licdn.com	2 KB
106	29

	Domain	Requested by
16	www.indusface.com	www.indusface.com
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
8	s.adroll.com	2 redirects www.googletagmanager.com www.indusface.com s.adroll.com
7	web.mxradon.com	www.indusface.com web.mxradon.com indusface.viewpage.co
4	cdn.livechatinc.com	www.indusface.com secure.livechatinc.com
4	f1.leadsquaredcdn.com	indusface.viewpage.co web.mxradon.com
4	api.omappapi.com	a.omappapi.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.indusface.com www.gstatic.com
4	fonts.googleapis.com	www.indusface.com indusface.viewpage.co a.omappapi.com secure.livechatinc.com
3	api.livechatinc.com	cdn.livechatinc.com
3	dwmbily8o2kmd.cloudfront.net	indusface.viewpage.co
3	a.omappapi.com	www.indusface.com a.omappapi.com
2	oeqepmcz7a.execute-api.us-east-1.amazonaws.com	clientcdn.pushengage.com
2	www.facebook.com	www.indusface.com
2	www.google.de	www.indusface.com
2	connect.facebook.net	www.indusface.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.indusface.com
2	www.google-analytics.com	www.indusface.com www.google-analytics.com
2	clientcdn.pushengage.com	www.indusface.com clientcdn.pushengage.com
2	cdn.websitepolicies.io	www.indusface.com
2	cdn.wpcc.io	2 redirects
2	www.googletagmanager.com	www.indusface.com
1	assetscdn.pushengage.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	cdnjs.cloudflare.com	www.indusface.com
1	trackcmp.net	www.indusface.com
1	z.omappapi.com	a.omappapi.com
1	d.adroll.com	s.adroll.com
1	tr.lfeeder.com	www.indusface.com
1	ipinfo.io	ajax.googleapis.com
1	sc.lfeeder.com	www.indusface.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	tracking.g2crowd.com	www.indusface.com
1	www.googleadservices.com	www.googletagmanager.com
1	indusface.viewpage.co	www.indusface.com
1	snap.licdn.com	www.indusface.com
1	ajax.googleapis.com	www.indusface.com
106	41

This site contains links to these domains. Also see Links.

Domain
indusface.com
waffirewall.com
www.twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.indusface.com Entrust Certification Authority - L1K	`2021-02-17` - `2022-03-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.mxradon.com Amazon	`2021-03-03` - `2022-04-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.websitepolicies.io R3	`2021-08-21` - `2021-11-19`	3 months	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.viewpage.co Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
a.omappapi.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
api.opmnstr.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
*.lfeeder.com Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
ipinfo.io GTS CA 1D4	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-07-01` - `2022-07-30`	a year	crt.sh
*.leadsquaredcdn.com Amazon	`2021-07-12` - `2022-08-10`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
z.omappapi.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
livechat.com DigiCert SHA2 Secure Server CA	`2021-04-20` - `2022-04-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-09-12` - `2022-10-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Frame ID: AC1FFFAA8CB0ACED2CF2122C26C02A06
Requests: 87 HTTP requests in this frame

Frame: https://indusface.viewpage.co/SQL-MAS-GetQuote
Frame ID: 78D8984CB3339B6D7BB9C118E82A49C6
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5IloaAAAAAPTdIlAWU0WAxc0-ccbgvaXIlJDh&co=aHR0cHM6Ly93d3cuaW5kdXNmYWNlLmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&badge=inline&cb=7a11vucra7xu
Frame ID: 4F2C817EFFA0989F714073928A76984F
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C367F902D10B6F3B7ED2A7734E0DD6B8
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=8923344&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: E583E9648D17A17C82FF8E6B21BD5620
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detect Web Apps Attacks Using Web Server Access Logs | Indusface Blog

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js
jquery[.-]([\d.]*\d)[^/]*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

106
Requests

100 %
HTTPS

0 %
IPv6

29
Domains

41
Subdomains

36
IPs

5
Countries

2181 kB
Transfer

5439 kB
Size

27
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://indusface.com/video-repository.php
Title: Video Repository

Search URL Search Domain Scan URL

URL: https://waffirewall.com/
Title: Web Application Firewall

Search URL Search Domain Scan URL

URL: http://www.twitter.com/indusface
Title: <img src="https://www.indusface.com/wp-content/themes/indusface/assets/images/twitter.svg" alt="twitter" class="hvr-float" width="30px" height="30px">

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Indusface/127432040602579
Title: <img src="https://www.indusface.com/wp-content/themes/indusface/assets/images/facebook.svg" alt="facebook" class="hvr-float" width="30px" height="30px">

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/indusface
Title: <img src="https://www.indusface.com/wp-content/themes/indusface/assets/images/linkedin.svg" alt="linkedin" class="hvr-float" width="30px" height="30px">

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5qgcYs8sounnnt9ypCqBOw
Title: <img src="https://www.indusface.com/wp-content/themes/indusface/assets/images/YT-30x30.svg" width="30px" height="30px" alt="youtube" class="hvr-float">

Search URL Search Domain Scan URL

URL: https://www.instagram.com/indusface_apptrana/
Title: <img src="https://www.indusface.com/wp-content/themes/indusface/assets/images/Insta-30x30.svg" width="30px" height="30px" alt="instagram" class="hvr-float">

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.css HTTP 301
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.css

Request Chain 11

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.js HTTP 301
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.js

Request Chain 42

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=173203&time=1631869161147&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D173203%26time%3D1631869161147%26url%3Dhttps%253A%252F%252Fwww.indusface.com%252Fblog%252Fdetect-web-application-attacks-using-web-server-access-logs%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=173203&time=1631869161147&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&liSync=true

Request Chain 60

https://s.adroll.com/j/exp/Q7CW4G7ZJJGWDLUB76P5IV/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 61

https://s.adroll.com/j/pre/Q7CW4G7ZJJGWDLUB76P5IV/WH2M5MREOVC4HNKNZPPJZR/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

106 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/ 117 KB
28 KB 2299ms
758ms Document
text/html 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

4ce249296997d075ef270bfd41478e0e563d216af6e4cfa184160662261b1267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.indusface.com
:scheme: https
:path: /blog/detect-web-application-attacks-using-web-server-access-logs/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 17 Sep 2021 08:59:20 GMT
x-frame-options: SAMEORIGIN
x-cache-handler: cache-enabler-engine
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
cache-control: max-age=0, no-cache
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
x-content-type-options: nosniff
content-encoding: gzip
set-cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv; Path=/; Max-Age=86400; HttpOnly
strict-transport-security: max-age=31536000
x-cache: MISS,v16fra1
age: 0
accept-ranges: bytes
server: v/6.5.1/6.5.2/v10fra1-www
x-version: 1.3
x-server: v/6.5.1/v10fra1-https

GET
H2 200 A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
www.indusface.com/wp-content/cache/autoptimize/ 399 KB
82 KB 717ms
716ms Stylesheet
text/css 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

f5db866bbeb631f6d1bb313810fbd65eae68ee20003810e42aba78c5e047622f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 409861
age: 0
x-cache: MISS,v16fra1
strict-transport-security: max-age=31536000
content-length: 82959
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Sep 2021 07:51:07 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=300,private
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Fri, 17 Sep 2021 09:04:21 GMT

GET
H2 200 autoptimize_ea2045187d44cfe6fdb31e2c120673ac.php
www.indusface.com/wp-content/cache/autoptimize/ 12 KB
3 KB 636ms
635ms Stylesheet
text/css 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-content/cache/autoptimize/autoptimize_ea2045187d44cfe6fdb31e2c120673ac.php

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

a312c1ef020085e72a815e6091b624a301d8274567dcfaf901a5eb196edfb1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/cache/autoptimize/autoptimize_ea2045187d44cfe6fdb31e2c120673ac.php
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS,v16fra1
strict-transport-security: max-age=31536000
content-length: 3003
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Sep 2021 10:50:59 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
etag: W/"PSA-cZJm4uBRjG-gzip"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=30672000, public, immutable, public, immutable
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Wed, 07 Sep 2022 08:59:21 GMT

GET
H2 200 A.dashicons.min.css,qver=5.4.6.pagespeed.cf.Zfe6btZDbd.css
www.indusface.com/wp-includes/css/ 46 KB
28 KB 7ms
6ms Stylesheet
text/css 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-includes/css/A.dashicons.min.css,qver=5.4.6.pagespeed.cf.Zfe6btZDbd.css

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

828082977a5f96b0a62e0d58c7545ef1036b320bb2d9db72f94993170cb15c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/css/A.dashicons.min.css,qver=5.4.6.pagespeed.cf.Zfe6btZDbd.css
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 47564
age: 86862
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 28413
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 08:29:42 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
etag: W/"0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sat, 17 Sep 2022 08:59:20 GMT

GET
H2 200 jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js Show response
www.indusface.com/wp-includes/js/jquery/ 95 KB
33 KB 8ms
7ms Script
application/javascript 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 96873
age: 146647
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 33683
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Sep 2021 13:33:25 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sat, 17 Sep 2022 08:59:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 39ms
14ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 07:02:30 GMT
server: ESF
date: Fri, 17 Sep 2021 08:59:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 08:59:21 GMT

GET
H2 200 A.autoptimize_4a8bc5d490127fba1e504524cfa205e6.php.pagespeed.cf.yKSPjA7dAY.css
www.indusface.com/wp-content/cache/autoptimize/ 1 KB
1 KB 13ms
12ms Stylesheet
text/css 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_4a8bc5d490127fba1e504524cfa205e6.php.pagespeed.cf.yKSPjA7dAY.css

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

954df4af79faab3ad69ea0b43ddb5d243aede5f7c3f17e70eb5cd3fddbce81d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/cache/autoptimize/A.autoptimize_4a8bc5d490127fba1e504524cfa205e6.php.pagespeed.cf.yKSPjA7dAY.css
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 1459
age: 84138
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 644
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 09:15:24 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
etag: W/"0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sat, 17 Sep 2022 08:59:21 GMT

GET
H2 200 Tracker.js Show response
web.mxradon.com/t/ 12 KB
4 KB 774ms
246ms Script
application/javascript 52.74.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.mxradon.com/t/Tracker.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.192.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

cbde479c10d012a88da713f2db63f49216655d7f57529df6ac1dae293625f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:20 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 16:09:01 GMT
server: Microsoft-IIS/10.0
etag: "808c94eed39d71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3332

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 41ms
19ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827450946

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

db579366767f73086ab53d247894394ec27abd5e723cb9d203d2479c76286830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39181
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Sep 2021 08:59:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 29ms
8ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 04:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 17 Sep 2022 04:30:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 907 B
1009 B 66ms
24ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

a7f99ab09b15008cdb7bc2b2b680b24cf4e95219b83c9355d76da7e879480543

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 575
x-xss-protection: 1; mode=block
expires: Fri, 17 Sep 2021 08:59:21 GMT

GET
H2

200

cookieconsent.min.css
cdn.websitepolicies.io/lib/1.0.2/
Redirect Chain

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.css
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.css

4 KB
2 KB

127ms
96ms

Stylesheet
text/css

89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.css

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/17/2021 10:59:20
cdn-pullzone: 403741
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
expires: Sun, 17 Oct 2021 08:59:20 GMT
last-modified: Fri, 05 Apr 2019 15:44:28 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, must-revalidate, proxy-revalidate, no-cache, max-age=2592000
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 8c92a184b28ca6d64e2e9c1325db99dc
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Fri, 17 Sep 2021 08:59:20 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.css
x-xss-protection: 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 178
x-content-type-options: nosniff

GET
H2

200

cookieconsent.min.js Show response
cdn.websitepolicies.io/lib/1.0.2/
Redirect Chain

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.js
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.js

9 KB
4 KB

88ms
88ms

Script
application/javascript

89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

19a5bc2d205600f87e8e72f1fd400ac9539ddaebe048e68f4dcf6188a485c0ac

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/17/2021 10:59:21
cdn-pullzone: 403741
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
expires: Sun, 17 Oct 2021 08:59:21 GMT
last-modified: Tue, 01 Jun 2021 15:09:17 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, must-revalidate, proxy-revalidate, no-cache, max-age=2592000
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: fddd3fecd61e6afeb10e0d39a306d81a
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Fri, 17 Sep 2021 08:59:21 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.js
x-xss-protection: 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 178
x-content-type-options: nosniff

GET
H2 200 lazysizes.min.js,qao_version=2.9.2.pagespeed.jm.1GZcCAEhu4.js Show response
www.indusface.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
4 KB 19ms
18ms Script
application/javascript 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js,qao_version=2.9.2.pagespeed.jm.1GZcCAEhu4.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

6b927499e3f315b3ce83c7d8edc5a88b392eb5c94006a61c5b96766d691f036c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js,qao_version=2.9.2.pagespeed.jm.1GZcCAEhu4.js
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 9813
age: 72626
x-cache: HIT,v16fra1
strict-transport-security: max-age=31536000
content-length: 4063
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 12:48:54 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
etag: W/"0-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sat, 17 Sep 2022 08:59:21 GMT

GET
H2 200 80780b73b5a3f4655fee62041e51f1be.js Show response
clientcdn.pushengage.com/core/ 77 KB
19 KB 321ms
273ms Script
application/javascript 13.227.158.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/80780b73b5a3f4655fee62041e51f1be.js
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.158.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-158-89.muc51.r.cloudfront.net
Software: nginx /
Resource Hash: 1c6ce13a9747305e487c0ce68a51c914a6dd4581c2d3b0d1b515744b2fd74e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: MUC51-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-id: jyrYZcGbhMop378zl0cGVBaiq6EJxlkTX9H4ASejGWMUAqN2oMZcaA==
via: 1.1 161da0b4a35876d11292625c13ca0f51.cloudfront.net (CloudFront)

GET
H2 200 autoptimize_60afb3ce86f3b67950e12b7355616a04.php.pagespeed.jm.m7AQI_Kll0.js Show response
www.indusface.com/wp-content/cache/autoptimize/ 370 KB
103 KB 8ms
6ms Script
text/javascript 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-content/cache/autoptimize/autoptimize_60afb3ce86f3b67950e12b7355616a04.php.pagespeed.jm.m7AQI_Kll0.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

804f633d0b6f9e014010c41276eea80d9c5fef5ad53f2d456bf39733d87c7477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/cache/autoptimize/autoptimize_60afb3ce86f3b67950e12b7355616a04.php.pagespeed.jm.m7AQI_Kll0.js
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 15:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102011
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 104689
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Sep 2021 10:51:26 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300,private
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Fri, 17 Sep 2021 09:04:21 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.indusface.com/wp-includes/js/ 14 KB
5 KB 14ms
12ms Script
application/javascript 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indusface.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.6

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.4.6
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 10:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 13884
age: 92803
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 4600
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 13 May 2021 02:35:08 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
etag: W/"PSA-yNWkzRRjK8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31557600, public, s-maxage=10
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sat, 17 Sep 2022 14:59:21 GMT

GET
H2 200 WebTracker.aspx Show response
web.mxradon.com/t/ 575 B
776 B 356ms
354ms Script
text/html 52.74.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.mxradon.com/t/WebTracker.aspx?p1=18917&p2=Detect%20Web%20Apps%20Attacks%20Using%20Web%20Server%20Access%20Logs%20%7C%20Indusface%20Blog&p3=-1&p4=&p5=1&p6=&p7=&p8=

Requested by

Host: web.mxradon.com
URL: https://web.mxradon.com/t/Tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.192.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

11ef31d73574d8fd7e1c76acda2825b24bb98e391624368b762b27da765382a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private,private,max-age=0
strict-transport-security: max-age=31536000
content-length: 391

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
7ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 744
date: Fri, 17 Sep 2021 08:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 17 Sep 2021 10:46:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
56 KB 30ms
28ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMC6JX

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d104dc9ce2e19ab0c6001655d306bbefa8048a9c46f420d265ef38ab4f6fb4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56851
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Sep 2021 08:59:21 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 43ms
10ms Script
application/x-javascript 2.18.234.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:59:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=8658
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1 200
OK SQL-MAS-GetQuote Show response
indusface.viewpage.co/ Frame 78D8 23 KB
6 KB 552ms
129ms Document
text/html 35.154.140.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://indusface.viewpage.co/SQL-MAS-GetQuote
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.154.140.16 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-154-140-16.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: 077d7fed529797b01f6456996252cd7706fb925c1c46edd34c2427af21abdf50

Request headers

Host: indusface.viewpage.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Sep 2021 08:59:21 GMT
Vary: Accept-Encoding
Content-Length: 6158
Connection: keep-alive

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dp-arr.svg
www.indusface.com/wp-content/themes/indusface/assets/images/ 225 B
602 B 9ms
8ms Image
image/svg+xml 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.indusface.com/wp-content/themes/indusface/assets/images/dp-arr.svg

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

026d8c7df82f0c9913841d4926e74584cbee624a1f5f0ba94f7d922fa7738d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/indusface/assets/images/dp-arr.svg
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.indusface.com
referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 15:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82933
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 179
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Sep 2020 12:22:18 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, s-maxage=10
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sun, 17 Oct 2021 08:59:21 GMT

GET
H2 200 search.svg
www.indusface.com/wp-content/themes/indusface/assets/images/ 467 B
663 B 9ms
9ms Image
image/svg+xml 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.indusface.com/wp-content/themes/indusface/assets/images/search.svg

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

23f43495961fdb47783b3a3563d5bf46afb81d3695dfbf434ce234fd281a02d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/indusface/assets/images/search.svg
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.indusface.com
referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 15:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82933
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 240
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Sep 2020 12:22:20 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, s-maxage=10
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sun, 17 Oct 2021 08:59:21 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fac671afb020a706ba947b453637882b0e3b7bf6dc99f257b0aed4a314ebd01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d2914fed5198064aa815d2a6fdf846fdbe243fd2bcae452f0ac1b4d830a1eb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 343 KB
135 KB 58ms
16ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137529
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 17 Sep 2022 08:48:30 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fec53ef2b9b7550f8d516a14890c15c4ada19557908e8c42210fbd081aa042f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 302 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 682 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 list-icon.svg
www.indusface.com/wp-content/themes/indusface/assets/images/ 703 B
837 B 6ms
6ms Image
image/svg+xml 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.indusface.com/wp-content/themes/indusface/assets/images/list-icon.svg

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

0af71276105149b8cb567c8216492d639180b1c5ebd49c7bb7569e13a3f8cd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/indusface/assets/images/list-icon.svg
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.indusface.com
referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 15:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81045
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 414
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Sep 2020 12:22:19 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, s-maxage=10
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sun, 17 Oct 2021 08:59:21 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 76ms
34ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-827450946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14042
x-xss-protection: 0
server: cafe
etag: 5157641309300231189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 08:59:21 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 206 KB
58 KB 63ms
7ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: fcf7342ac0f25805477906cca75be1f284a00b5a973eb70c8011ca60d49dc5ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 09/16/2021 03:41:28
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 15 Sep 2021 17:44:22 GMT
cdn-proxyver: 1.0
cdn-fileserver: 188
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 94ad574ee342ac73517c5a00ce5e5c83
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 up1.svg
www.indusface.com/wp-content/themes/indusface/assets/images/ 189 B
589 B 7ms
6ms Image
image/svg+xml 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.indusface.com/wp-content/themes/indusface/assets/images/up1.svg

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

f0ec6341fb255aa21912c4bfef493584c86109c70c31242187eeec3f9c6325d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/indusface/assets/images/up1.svg
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv; _gcl_au=1.1.1424634426.1631869161
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.indusface.com
referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 14:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140106
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 166
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Sep 2020 12:22:20 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, s-maxage=10
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sun, 17 Oct 2021 08:59:21 GMT

GET
H2 200 2226.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 210ms
151ms Script
text/javascript 104.18.26.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/2226.js?p=https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/&e=

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 4568c895-bbbb-473c-9840-156a341db25e
x-runtime: 0.008868
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 6901235168bb277c-PRG

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 28ms
7ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options: nosniff
age: 276963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:03:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 32ms
14ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:55:08 GMT
x-content-type-options: nosniff
age: 439453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 06:55:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 26ms
11ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options: nosniff
age: 140985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 17:49:36 GMT

GET
H2 200 xlogo.png.pagespeed.ic.emgQ5nTP6h.webp
www.indusface.com/wp-content/themes/indusface/assets/images/ 5 KB
5 KB 12ms
12ms Image
image/png 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.indusface.com/wp-content/themes/indusface/assets/images/xlogo.png.pagespeed.ic.emgQ5nTP6h.webp

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

4b5bdb87f16cf8bf070b5cb09df7b1d05fd49a049a5f4ed629e097ac5bf058e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/indusface/assets/images/xlogo.png.pagespeed.ic.emgQ5nTP6h.webp
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv; _gcl_au=1.1.1424634426.1631869161
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Thu, 16 Sep 2021 15:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94295
x-cache: HIT,v10fra1
strict-transport-security: max-age=31536000
content-length: 5127
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Sep 2020 12:22:19 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300,private
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
link: <https://www.indusface.com/wp-content/themes/indusface/assets/images/logo.png>; rel="canonical"
expires: Fri, 17 Sep 2021 09:04:21 GMT

GET
H2 200 What-are-Managed-Security-Services.png
www.indusface.com/wp-content/uploads/2014/03/ 32 KB
32 KB 7ms
7ms Image
image/png 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.indusface.com/wp-content/uploads/2014/03/What-are-Managed-Security-Services.png

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

352aa4485c3afac728ff3e909ee2abc101634bd4d865327cc83bf8d1288099bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2014/03/What-are-Managed-Security-Services.png
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv; _gcl_au=1.1.1424634426.1631869161
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.indusface.com
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Fri, 17 Sep 2021 08:16:27 GMT
x-content-type-options: nosniff
age: 2574
x-cache: HIT,v10fra1
content-length: 32607
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Jan 2021 12:36:44 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
etag: W/"PSA-BLj3oJhmfu"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=31557600, public, s-maxage=10
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sat, 17 Sep 2022 14:59:21 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=173203&time=1631869161147&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D173203%26time%3D1631869161147%26url%3Dhttps%253A%252F%252Fwww.indusface.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=173203&time=1631869161147&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&liSync=true

0
57 B

137ms
136ms

Image
application/javascript

108.174.11.69
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=173203&time=1631869161147&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&liSync=true
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-69.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: 65fhUVuQpRYAgMbTsSoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXMLSWz+yWeWTgXql2Gcg==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 70961A67165446D0A3DEA5733805D20F Ref B: PRG01EDGE0717 Ref C: 2021-09-17T08:59:21Z
x-frame-options: sameorigin
date: Fri, 17 Sep 2021 08:59:21 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=173203&time=1631869161147&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1520885443&t=pageview&_s=1&dl=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&ul=en-us&de=UTF-8&dt=Detect%20Web%20Apps%20Attacks%20Using%20Web%20Server%20Access%20Logs%20%7C%20Indusface%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=38164585&gjid=684622304&cid=1432523405.1631869161&tid=UA-448454-1&_gid=1845569972.1631869161&_r=1&_slc=1&z=921235453

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 08:59:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.indusface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: kH/31VvRV5cSGzCmFdO2+CqJvWYXcPBO34bbpr5hWZwxMoV8jrsHrUznTzirUQ32cK99twHxqB8MBc79C1c/yA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 17 Sep 2021 08:59:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 44 KB
45 KB 42ms
13ms Script
text/javascript 99.84.82.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMC6JX
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-62.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id: jmFs7KywGuBDQQS_2esYMgDw6mfwd1hF
Via: 1.1 ac90d46be219b2aa8a23e6982405715d.cloudfront.net (CloudFront)
Etag: "2441168df9ddcfa64f2b072ba490993a"
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 45465
Last-Modified: Mon, 30 Aug 2021 22:12:49 GMT
Server: AmazonS3
Date: Fri, 17 Sep 2021 08:57:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: p1MdyCvREAJbHYpX4JXKk-zPgdfIQMsi6YoL08a-rWuA_ToFuoRgdQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
464 B 43ms
14ms XHR
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-448454-1&cid=1432523405.1631869161&jid=38164585&gjid=684622304&_gid=1845569972.1631869161&_u=IEBAAEAAAAAAAC~&z=1361955063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 17 Sep 2021 08:59:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.indusface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4F2C 7 KB
1 KB 36ms
20ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5IloaAAAAAPTdIlAWU0WAxc0-ccbgvaXIlJDh&co=aHR0cHM6Ly93d3cuaW5kdXNmYWNlLmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&badge=inline&cb=7a11vucra7xu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

52cbca744ac7a9aa2d6f9919a1b0b23819515a0196b924583266709f9c9e9162

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WHsFFIjseVcT5j3QG9p+8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lc5IloaAAAAAPTdIlAWU0WAxc0-ccbgvaXIlJDh&co=aHR0cHM6Ly93d3cuaW5kdXNmYWNlLmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&badge=inline&cb=7a11vucra7xu
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'report-sample' 'nonce-WHsFFIjseVcT5j3QG9p+8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Fri, 17 Sep 2021 08:59:21 GMT
expires: Fri, 17 Sep 2021 08:59:21 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1042
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mdbrtp4i4vqs8zwg5jp5 Show response
api.omappapi.com/v2/embed/99141/ 3 KB
2 KB 277ms
187ms XHR
application/json 99.84.82.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/99141/mdbrtp4i4vqs8zwg5jp5
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-124.muc50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 219c5024e3784a2566dd80a628827c34def1cb9b6500248ed652b9c39bdb117e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: MUC50-C1
x-cache-status: EXPIRED
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: mdbrtp4i4vqs8zwg5jp5
x-user-agent: standard--
last-modified: Thu, 16 Sep 2021 12:08:48 GMT
server: Pagely Gateway/1.5.1
etag: W/"2bb3b86f2538e106eb4a36b6d604d452"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 72818776d4abe4e5a732c084dae83f1b.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: gxb8zExGCu1LIDkkYhZ2YwTnq3W5awqQk8lSvB3L8h_sSleNOG-Frw==
expires: Fri, 17 Sep 2021 08:59:51 GMT

GET
H2 200 kgexffmpqqi5hwjz2cbf Show response
api.omappapi.com/v2/embed/99141/ 3 KB
2 KB 545ms
459ms XHR
application/json 99.84.82.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/99141/kgexffmpqqi5hwjz2cbf
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-124.muc50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 90f6cf7cce685be89a5a634ada6861eaeb5cd1dadf68aaaf6bef1c0c3620ec75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: MUC50-C1
x-cache-status: EXPIRED
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: kgexffmpqqi5hwjz2cbf
x-user-agent: standard--
last-modified: Mon, 31 May 2021 10:39:00 GMT
server: Pagely Gateway/1.5.1
etag: W/"37196acd362343291ade40cc749856b4"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 72818776d4abe4e5a732c084dae83f1b.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: LcMAm4QPiy8d-5Z8aE3UZMbNEse8fMlMRi4l4kcTExDq6-KE-_0PwA==
expires: Fri, 17 Sep 2021 08:59:51 GMT

GET
H2 200 dbjbxjuldhrziluyv1x3 Show response
api.omappapi.com/v2/embed/99141/ 3 KB
2 KB 460ms
379ms XHR
application/json 99.84.82.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/99141/dbjbxjuldhrziluyv1x3
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-124.muc50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 1bf2615467e449c54538d0d1f12b843fed237524537bf01b8feb8e805866d781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: MUC50-C1
x-cache-status: EXPIRED
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: dbjbxjuldhrziluyv1x3
x-user-agent: standard--
last-modified: Thu, 03 Jun 2021 13:40:06 GMT
server: Pagely Gateway/1.5.1
etag: W/"9a5b132a731d8faa5b38ca1a470b85fa"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 72818776d4abe4e5a732c084dae83f1b.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: EhhpIV3NbxjYNsZlUy69F1r4Eiumdz6crr-Wb2TiatTQthydkJzDxw==
expires: Fri, 17 Sep 2021 08:59:51 GMT

GET
H2 200 vjbfzdt2rkbjkx1hqzyc Show response
api.omappapi.com/v2/embed/99141/ 3 KB
2 KB 486ms
409ms XHR
application/json 99.84.82.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/99141/vjbfzdt2rkbjkx1hqzyc
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-124.muc50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 68f3f7e1501f20e862ce2dda9e3f9f3ecd88e315e0e03889bd92763f6a55cbfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: MUC50-C1
x-cache-status: EXPIRED
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: vjbfzdt2rkbjkx1hqzyc
x-user-agent: standard--
last-modified: Thu, 27 May 2021 11:06:01 GMT
server: Pagely Gateway/1.5.1
etag: W/"2a80b2f34fc2647f9e696870d4010c87"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 72818776d4abe4e5a732c084dae83f1b.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: mhCFJQeaP2hpYyiLoCcrrmHuNP1w4sJ6xsXBzwVN5Rm0XUS8Qs9hwA==
expires: Fri, 17 Sep 2021 08:59:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827450946/ 2 KB
2 KB 42ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827450946/?random=1631869161311&cv=9&fst=1631869161311&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&tiba=Detect%20Web%20Apps%20Attacks%20Using%20Web%20Server%20Access%20Logs%20%7C%20Indusface%20Blog&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1cdd15a8e9182c58416ea7211f550600558c1edd1b8c285e2a6600374ac1c39b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1099
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lftracker_v1_kn9Eq4R1l2K7RlvP.js Show response
sc.lfeeder.com/ 22 KB
8 KB 92ms
26ms Script
application/javascript 99.84.82.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_kn9Eq4R1l2K7RlvP.js
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-6.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb8b9e7d611f04abb8d93ad323370524c254de5c17ea37844b30068cf44e5266

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 4QbODiGpPqIcv3pURYAXyU9E9UeYAssi
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 12:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
etag: W/"45caf479ede3291d1256c4a1b8ab6513"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc43.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Fri, 17 Sep 2021 08:59:21 GMT
x-amz-cf-id: Ucl8OTXNGAkeWlvHMkEtxL-dTmcP1UpfUXCuWGU8PLcqnAaBaxFsAw==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
19ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-448454-1&cid=1432523405.1631869161&jid=38164585&_u=IEBAAEAAAAAAAC~&z=1446412127

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 08:59:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 40ms
18ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-448454-1&cid=1432523405.1631869161&jid=38164585&_u=IEBAAEAAAAAAAC~&z=1446412127

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 08:59:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ipinfo.io/ 572 B
597 B 131ms
115ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?token=2dbf3b2c0581da&callback=jQuery33108252232261456653_1631869161055&_=1631869161056

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

b6a856e69b1a14d6e38c71ad9b57ba20b16988091b7d2a3fd18bb1a17ea42f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 2
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 234 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d7cd639c89358f19d898c0f407c362e22f9f3efb8f419bb35ede15d184daa71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 flags.png
www.indusface.com/images/ 69 KB
70 KB 15ms
15ms Image
image/png 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.indusface.com/images/flags.png

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),

Reverse DNS

pc-b.bitgravity.com

Software

v/6.5.1/6.5.2/v10fra1-www /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /images/flags.png
pragma: no-cache
cookie: sess_map=rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv; _gcl_au=1.1.1424634426.1631869161; _ga=GA1.2.1432523405.1631869161; _gid=GA1.2.1845569972.1631869161; _gat=1; _omappvp=edia9iyLEn2VOTEMK79MwadWhwmXLrmMVf2oXxWlNCDG9QOFYmsguUuPcdHjmpZdXy16x1UnecgsgvvJwrHqDH4iwngJ8pIw; _omappvs=1631869161310
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.indusface.com
referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/wp-content/cache/autoptimize/A.autoptimize_10655bc6a005d8c2fc636ba792689d16.php.pagespeed.cf.Saaek0XU0I.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-version: 1.3
date: Fri, 17 Sep 2021 08:59:21 GMT
x-content-type-options: nosniff
age: 75540
x-cache: HIT,v16fra1
content-length: 70857
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 13:31:32 GMT
server: v/6.5.1/6.5.2/v10fra1-www
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=31557600, public, s-maxage=10
x-server: v/6.5.1/v10fra1-https
accept-ranges: bytes
expires: Sat, 17 Sep 2022 14:59:21 GMT

GET
H3 200 301513400253889 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 142ms
134ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301513400253889?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

0ce4f52c01e57bf28cd8bb1c41e7d56ed1e753e098a8c27f1583bbb641b6f1d0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: cQl38TLxyBELX9AzAe4O3usUkYNR/xVDWB8Zhb8b3AjxmF/850jV1z1zpvrrzNDJLvr36WP9PI860NJ5BmAbBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 17 Sep 2021 08:59:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/Q7CW4G7ZJJGWDLUB76P5IV/index.js
https://s.adroll.com/j/exp/index.js

28 B
750 B

25ms
14ms

Script
application/javascript

99.84.82.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-62.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id: negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Via: 1.1 a19127e21dc5a939819061334abff380.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 19 Jul 2021 22:23:14 GMT
Server: AmazonS3
Date: Thu, 16 Sep 2021 16:55:35 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pharWwMsznUaUjBVFRrrJCvpPakcPNuhokiigQ75psuPRn-7j1K73A==

Redirect headers

Date: Thu, 16 Sep 2021 18:11:43 GMT
Via: 1.1 ac90d46be219b2aa8a23e6982405715d.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-C1
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0
X-Amz-Cf-Id: VIQT2fUBk00It8w85jaTTLCAXRLOthM-825eLZL01efb50cRZCwDxw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/Q7CW4G7ZJJGWDLUB76P5IV/WH2M5MREOVC4HNKNZPPJZR/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
721 B

13ms
13ms

Script
application/javascript

99.84.82.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-62.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 ac90d46be219b2aa8a23e6982405715d.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Thu, 16 Sep 2021 16:55:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _43MVAe9m6Nt0EfLT1Ay8POSwvIQVmLIfYDK3OY24n3Cgwprao5j5A==

Redirect headers

Date: Thu, 16 Sep 2021 18:11:49 GMT
Via: 1.1 ac90d46be219b2aa8a23e6982405715d.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-C1
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0
X-Amz-Cf-Id: iYO-kNKHyOPegQpUfTCiVJmb32ar08qo-GIkiRuJdDzYkKK8r4jjEw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/Q7CW4G7ZJJGWDLUB76P5IV/WH2M5MREOVC4HNKNZPPJZR/ 4 KB
5 KB 48ms
23ms Script
text/javascript 99.84.82.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/Q7CW4G7ZJJGWDLUB76P5IV/WH2M5MREOVC4HNKNZPPJZR/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-62.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id: DBAl1wmwzKgOErZZqg0zzevN0gp.8wly
Via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
Etag: "33ed216ef4569e95a97e55fb39d91d38"
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4598
Last-Modified: Fri, 17 Sep 2021 00:12:40 GMT
Server: AmazonS3
Date: Fri, 17 Sep 2021 08:59:21 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 43FXTWgWZOQ2Foptcp-liP-QRyZrNCppkeefxfPudoEm-9pXOE78Fg==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 4F2C 52 KB
25 KB 40ms
17ms Stylesheet
text/css 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5IloaAAAAAPTdIlAWU0WAxc0-ccbgvaXIlJDh&co=aHR0cHM6Ly93d3cuaW5kdXNmYWNlLmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&badge=inline&cb=7a11vucra7xu

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 17 Sep 2022 08:13:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 4F2C 343 KB
134 KB 49ms
25ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137529
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 17 Sep 2022 08:48:30 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/827450946/ 42 B
64 B 17ms
17ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827450946/?random=1631869161311&cv=9&fst=1631865600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&tiba=Detect%20Web%20Apps%20Attacks%20Using%20Web%20Server%20Access%20Logs%20%7C%20Indusface%20Blog&async=1&fmt=3&is_vtc=1&random=1339506170&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 08:59:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/827450946/ 42 B
64 B 35ms
20ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827450946/?random=1631869161311&cv=9&fst=1631865600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&tiba=Detect%20Web%20Apps%20Attacks%20Using%20Web%20Server%20Access%20Logs%20%7C%20Indusface%20Blog&async=1&fmt=3&is_vtc=1&random=1339506170&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 08:59:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 /
tr.lfeeder.com/ 0
0 60ms
13ms Image
text/html 99.84.82.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=kn9Eq4R1l2K7RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTQ0ODQ1NC0xIl0sImdhQ2xpZW50SWRzIjpbIjE0MzI1MjM0MDUuMTYzMTg2OTE2MSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjI2LjIifSwicGFnZVVybCI6Imh0dHBzOi8vd3d3LmluZHVzZmFjZS5jb20vYmxvZy9kZXRlY3Qtd2ViLWFwcGxpY2F0aW9uLWF0dGFja3MtdXNpbmctd2ViLXNlcnZlci1hY2Nlc3MtbG9ncy8iLCJwYWdlVGl0bGUiOiJEZXRlY3QgV2ViIEFwcHMgQXR0YWNrcyBVc2luZyBXZWIgU2VydmVyIEFjY2VzcyBMb2dzIHwgSW5kdXNmYWNlIEJsb2ciLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjYwMWY5YzFlYmRiZGY4Y2QiLCJjbGllbnRUaW1lc3RhbXAiOiIyMDIxLTA5LTE3VDA4OjU5OjIxLjQxM1oiLCJjbGllbnRUaW1lem9uZSI6MCwic2NyaXB0SWQiOiJrbjlFcTRSMWwySzdSbHZQIiwiY29va2llc0VuYWJsZWQiOnRydWUsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjU3OTNmNjJmNDdkNjY0ZTIuMTYzMTg2OTE2MTQxMiIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e319
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-115.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4F2C 2 KB
2 KB 16ms
16ms Image
image/png 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:54:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 338716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 20 Sep 2021 10:54:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4F2C 15 KB
15 KB 34ms
13ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 09:07:47 GMT
x-content-type-options: nosniff
age: 258694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 09:07:47 GMT

GET
H2 200 Q7CW4G7ZJJGWDLUB76P5IV Show response
d.adroll.com/consent/check/ 386 B
479 B 529ms
165ms Script
application/javascript 54.213.26.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/Q7CW4G7ZJJGWDLUB76P5IV?arrfrr=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&_s=6d3cde8910840743ccc60774ecb5bd85&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.26.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-26-105.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 12ef329f8118fac90d5027aca25aa9087aa7dbc659ffa4e30c57120f9415e9e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
server: nginx/1.20.0
content-length: 386
content-type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 22ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301513400253889&ev=PageView&dl=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&rl=&if=false&ts=1631869161530&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1631869161529.995242676&it=1631869161357&coo=false&rqm=GET

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 17 Sep 2021 08:59:21 GMT

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 6ms
6ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 08/11/2021 05:08:04
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Thu, 27 May 2021 17:38:16 GMT
cdn-proxyver: 1.0
cdn-fileserver: 162
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 4ab1a0ee542d70e6e07b7cb9a03217b7
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK bootstrap.min.css
f1.leadsquaredcdn.com/bootstrap/3.2.0/css/ Frame 78D8 107 KB
18 KB 104ms
25ms Stylesheet
text/css 99.84.82.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f1.leadsquaredcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Requested by: Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-91.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:59:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2015 14:00:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-C1
ETag: W/"385b964b68acb68d23cb43a5218fade9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 af3abf09293a5c762de5e451f8d6a913.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: ZFIWrwXhg-m4J0fNm7AG9dvTO6Qi6bcSMpUt8eqbK-GDVlIfRVrE1A==

GET
H/1.1 200
OK lsq.landingpage.min.css
dwmbily8o2kmd.cloudfront.net/common/css/ Frame 78D8 85 KB
26 KB 79ms
31ms Stylesheet
text/css 99.84.90.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dwmbily8o2kmd.cloudfront.net/common/css/lsq.landingpage.min.css
Requested by: Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-163.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b8c93e74a9052987f8ad9dc17196dd1fb719effc678ecaa962806102e995670

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:59:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Sep 2020 00:00:29 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-C1
ETag: "3d84e339c74f67140ccadebbb00c5e32"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 72818776d4abe4e5a732c084dae83f1b.cloudfront.net (CloudFront)
Cache-Control: public, max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26025
X-Amz-Cf-Id: kSMHdHb30xBTXuDJ9YXmiS397LKHSt3q7-uxgV9o9VJYUDMfxRVEBQ==

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
f1.leadsquaredcdn.com/jquery/js/ Frame 78D8 94 KB
33 KB 96ms
16ms Script
application/javascript 99.84.82.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f1.leadsquaredcdn.com/jquery/js/jquery-1.11.1.min.js
Requested by: Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-91.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 18:46:40 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 24 Jun 2019 02:45:16 GMT
Server: AmazonS3
Age: 17676762
ETag: W/"8101d596b2b8fa35fe3a634ea342d7c3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 14930ca61b5acb472c19a8d7b170ad11.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Cf-Id: FERn1Q3vLGo09DNRpRnuJFKgRNOvGPyNDjf3ofF5uG_qKtDAKtDlJQ==

GET
H/1.1 200
OK bootstrap.min.js Show response
f1.leadsquaredcdn.com/bootstrap/3.2.0/js/ Frame 78D8 31 KB
9 KB 93ms
14ms Script
application/javascript 99.84.82.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f1.leadsquaredcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
Requested by: Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-91.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 11:21:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 23 Mar 2015 14:01:05 GMT
Server: AmazonS3
Age: 250699
ETag: W/"abda843684d022f3bc22bc83927fe05f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Cf-Id: YQbzSD40say5UXmLvYZs6eLfD-j0aMZdVwpHaFYl3pb0BIqq0M3fGQ==

GET
H/1.1 200
OK jquery.phone.custom.min.js Show response
dwmbily8o2kmd.cloudfront.net/common/js/ Frame 78D8 32 KB
10 KB 71ms
23ms Script
application/javascript 99.84.90.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dwmbily8o2kmd.cloudfront.net/common/js/jquery.phone.custom.min.js
Requested by: Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-163.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cbbf9ba8d1e46bbab721d680dbf58936697e127d69c7450c20e6a7125dd0f0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:59:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:32:25 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-C1
ETag: "9cfcac803f2c6e8ad1e7ad0f3680570d"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 acc9aed747aea07d6138203ddfb2dcd9.cloudfront.net (CloudFront)
Cache-Control: public,max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9870
X-Amz-Cf-Id: lrlezyzQLKDdnea7v5p00TsvZPkiQn-nv-ALn0H1H9TeFN0dCs3oUQ==

GET
H/1.1 200
OK lp_main.v3.min.js Show response
dwmbily8o2kmd.cloudfront.net/common/js/ Frame 78D8 61 KB
15 KB 102ms
55ms Script
application/javascript 99.84.90.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dwmbily8o2kmd.cloudfront.net/common/js/lp_main.v3.min.js
Requested by: Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-163.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d2e6f0a9f32be19c749e9fcc7c5ab66d68eb953682ab0bbb2fbaef65b11f6b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 08:59:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:33:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-C1
ETag: "fa54af2eda6b28b25cf49ff1ee0899d6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 acc9aed747aea07d6138203ddfb2dcd9.cloudfront.net (CloudFront)
Cache-Control: public,max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15145
X-Amz-Cf-Id: oeBRGuoP1VabisPY40b1iMughvUIZav1QyknyvR6hU9uYoqjaSdcmw==

GET
H3 200 css
fonts.googleapis.com/ Frame 78D8 2 KB
546 B 30ms
15ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 08:52:51 GMT
server: ESF
date: Fri, 17 Sep 2021 08:59:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 08:59:21 GMT

GET
H2 200 Tracker.js Show response
web.mxradon.com/t/ Frame 78D8 12 KB
4 KB 247ms
246ms Script
application/javascript 52.74.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.mxradon.com/t/Tracker.js

Requested by

Host: indusface.viewpage.co
URL: https://indusface.viewpage.co/SQL-MAS-GetQuote

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.192.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

cbde479c10d012a88da713f2db63f49216655d7f57529df6ac1dae293625f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:21 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 16:09:01 GMT
server: Microsoft-IIS/10.0
etag: "808c94eed39d71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3332

GET
H2 200 WebTracker.aspx Show response
web.mxradon.com/t/ Frame 78D8 506 B
591 B 252ms
252ms Script
text/html 52.74.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.mxradon.com/t/WebTracker.aspx?p1=18917&p2=SQL%20MAS%20Get%20Quote&p3=-1&p4=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&p5=0&p6=&p7=&p8=b36c3725-4b7f-11e7-8ce9-22000a9601fc

Requested by

Host: web.mxradon.com
URL: https://web.mxradon.com/t/Tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.192.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

8974ae4fc3b64bc4f85d632d54a148a4ab9f337b5a362b17bc6d717b2392b36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:22 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private,private,max-age=0
strict-transport-security: max-age=31536000
content-length: 283

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 397 KB
397 KB 15ms
14ms Script
application/javascript 99.84.82.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-62.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fff426e1f2e0f6df1fdf4fd50790a29de380123e633dde9eb76290852785221c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id: FE38nrrp1HWTDadu3Uyr7nm1dYat8XV0
Via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
Etag: "d0e7c263fcf5865882cfb13022c3f4b4"
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 406024
Last-Modified: Thu, 29 Jul 2021 18:15:16 GMT
Server: AmazonS3
Date: Fri, 17 Sep 2021 08:54:27 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: VPJwXQQVlNfutV6QFd6XptAK4m2GfCqc5X8-EiKK8mUlBN4sWFPkeA==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C367 0
18 B 15ms
7ms Document
text/plain 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 8984
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.indusface.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.indusface.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.indusface.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Fri, 17 Sep 2021 08:59:22 GMT

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 14ms
14ms Image
image/png 99.84.82.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-62.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 c60fec1b7e3a36f4232723195f10e64c.cloudfront.net (CloudFront)
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Date: Thu, 16 Sep 2021 16:55:50 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: XxnU-yDsGKALP_8ghUsutNuUcjtKJFZVJMFyw-NeQfOTu2B03bZqQg==

GET
H3 200 css
fonts.googleapis.com/ 8 KB
781 B 17ms
17ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400%7CSource+Sans+Pro:600,700,400

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

0951e099281617d5f25f803368496f75f57d2fd4a7022418641b0925d616fe97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 08:59:22 GMT
server: ESF
date: Fri, 17 Sep 2021 08:59:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 08:59:22 GMT

GET
H2 200 LeadSquaredWidget.aspx Show response
web.mxradon.com/t/ Frame 78D8 0
250 B 253ms
253ms Script
application/javascript 52.74.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.mxradon.com/t/LeadSquaredWidget.aspx?p1=18917&p2=https%3A%2F%2Findusface.viewpage.co%2FSQL-MAS-GetQuote&p3=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&p4=SQL%20MAS%20Get%20Quote&p5=false&p6=1631869162&p7=1

Requested by

Host: web.mxradon.com
URL: https://web.mxradon.com/t/Tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.192.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,private,max-age=0
content-length: 0

GET
H/1.1 200
OK lsqccbar.min.js Show response
f1.leadsquaredcdn.com/cdn/js/ Frame 78D8 36 KB
11 KB 13ms
13ms Script
application/javascript 99.84.82.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://f1.leadsquaredcdn.com/cdn/js/lsqccbar.min.js
Requested by: Host: web.mxradon.com
URL: https://web.mxradon.com/t/Tracker.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-91.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f5bf0ae68114f652768b54601198f1b79f14ff8b9f66715c72fb9f550f9e271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 19:11:06 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 24 Jun 2019 02:49:23 GMT
Server: AmazonS3
Age: 49697
ETag: "a717c85dc0d4ba52f018637d0b508a3d"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 af3abf09293a5c762de5e451f8d6a913.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: MUC50-C1
Accept-Ranges: bytes
Content-Length: 10491
X-Amz-Cf-Id: OHTXjrOHuSgTDTFldz_lNQQhRK3e6STx_s6i4ytGPc3MKXTn7_disg==

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 14ms
14ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7CSource+Sans+Pro:600,700,400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 13:18:36 GMT
x-content-type-options: nosniff
age: 157246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 13:18:36 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 14ms
14ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7CSource+Sans+Pro:600,700,400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 04:26:59 GMT
x-content-type-options: nosniff
age: 361943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:26:59 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 23ms
22ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7CSource+Sans+Pro:600,700,400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 03:52:06 GMT
x-content-type-options: nosniff
age: 277636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 03:52:06 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 19ms
19ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400%7CSource+Sans+Pro:600,700,400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.indusface.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:41:06 GMT
x-content-type-options: nosniff
age: 141496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 17:41:06 GMT

GET
H2 200 CookieConsentWidget.aspx Show response
web.mxradon.com/t/ Frame 78D8 0
242 B 259ms
259ms Script
text/html 52.74.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.mxradon.com/t/CookieConsentWidget.aspx?p1=18917&p2=0&p3=SQL%20MAS%20Get%20Quote&p4=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&p5=

Requested by

Host: web.mxradon.com
URL: https://web.mxradon.com/t/Tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.192.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indusface.viewpage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
strict-transport-security: max-age=31536000
content-type: text/html
access-control-allow-origin: *
cache-control: private,private,max-age=0
content-length: 0

GET
H2 200 efbd52fc91755b93cd40f5158ca912cb-optin.json Show response
a.omappapi.com/app/campaign-views/e53a01893efb/mdbrtp4i4vqs8zwg5jp5/ 25 KB
5 KB 21ms
6ms XHR
application/json 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/e53a01893efb/mdbrtp4i4vqs8zwg5jp5/efbd52fc91755b93cd40f5158ca912cb-optin.json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 9e7fa11e56b0b53c77da9464b2787d301a9c5fc3cc79b8defeef59079a0ce42b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:22 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 09/16/2021 16:01:06
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Thu, 16 Sep 2021 12:08:59 GMT
cdn-proxyver: 1.0
cdn-fileserver: 172
vary: Accept-Encoding
content-type: application/json
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 3834348f5df97d00dadfdc359d5afd1c
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
205 B 623ms
106ms XHR
text/plain 178.128.135.233
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=99141&cid=mdbrtp4i4vqs8zwg5jp5&sid=601145b81b816&rt=false&dv=desktop&cty=slide&url=blog%2Fdetect-web-application-attacks-using-web-server-access-logs&v=5
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.128.135.233 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/0.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.indusface.com
Date: Fri, 17 Sep 2021 08:59:22 GMT
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
Connection: keep-alive

GET
H2 200 WebTracker.aspx Show response
web.mxradon.com/t/ 575 B
777 B 312ms
304ms Script
text/html 52.74.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.mxradon.com/t/WebTracker.aspx?p1=18917&p2=Detect%20Web%20Apps%20Attacks%20Using%20Web%20Server%20Access%20Logs%20%7C%20Indusface%20Blog&p3=-1&p4=&p5=1&p6=dc49249d-852b-43c1-a124-ccfd3b2997f4&p7=&p8=

Requested by

Host: web.mxradon.com
URL: https://web.mxradon.com/t/Tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.192.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-192-222.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

501e2c91bb051cd690836bc5a3e16ce26fe2c092de6aae4168534c05eec613cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:22 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private,private,max-age=0
strict-transport-security: max-age=31536000
content-length: 391

GET
H2 200 visit Show response
trackcmp.net/ 0
384 B 425ms
162ms Script
text/javascript 52.22.91.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/visit?actid=223422163&e=&r=&u=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.91.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-91-206.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:22 GMT
server: Apache/2.4.48 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 85 KB
25 KB 269ms
7ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.indusface.com
URL: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 63508872396bf73c75a08b9513228b07a032a0ad55db59aa37e1718d60909594

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: UNthEjmRppGx6Tm04oBNmBhprukdvllU
content-encoding: br
last-modified: Mon, 13 Sep 2021 08:03:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"d62b6f43ec368c005e73fdd273f71780"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Fri, 17 Sep 2021 08:59:22 GMT
content-length: 25152
x-amz-cf-id: 2RvF9LGZamvRhUJjob5ZTG1tYapDnFN9ImOJGlM_-lgfKVKay6vNlA==
expires: Fri, 17 Sep 2021 16:59:22 GMT

GET
H2 200 utils.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/12.1.6/js/ 220 KB
44 KB 288ms
27ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/12.1.6/js/utils.js

Requested by

Host: www.indusface.com
URL: https://www.indusface.com/wp-content/cache/autoptimize/autoptimize_60afb3ce86f3b67950e12b7355616a04.php.pagespeed.jm.m7AQI_Kll0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1648a9579fc584a85b4e89a9dc03381ada3dcd38f1fba2c240c06747e57a2978

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 736903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44343
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea6-370a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmOUETksBviSvg86ZSvmhn5ETr8PnOF%2FUQK7leT4cmHDAcHPuXUpasSjOUmVfv42xZyM%2FQ2mb4Hp75DZy0W%2BkrJFacqkZzpDidh1DIhAlCwXaNkaMDR%2BAoFYvW9uLkKz1cTH4RI7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6901235affc44119-PRG
expires: Wed, 07 Sep 2022 08:59:22 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 229 B
515 B 178ms
146ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=8923344&url=https%3A%2F%2Fwww.indusface.com%2Fblog%2Fdetect-web-application-attacks-using-web-server-access-logs%2F&channel_type=code&jsonp=__ix3hz1etjf

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

7a91d8d2cca66912e3ed63989e4a08251c8d70870117b13f179579bec7bb3797

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/;
X-Frame-Options	allow-from https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/;
x-frame-options: allow-from https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
date: Fri, 17 Sep 2021 08:59:22 GMT
content-length: 229
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 4 KB
2 KB 160ms
159ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=8923344&version=1691.6.6.852.6.47.18.6.6.6.6.54&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5f91a3da195a2092f6f1637d0044ae9fb0220317569a0fe1ab9eaea9f7770a39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:23 GMT
content-encoding: gzip
cache-control: public, max-age=600
content-type: application/javascript; charset=UTF-8
content-length: 1399
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 09:09:23 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame E583 4 KB
2 KB 154ms
137ms Document
text/html 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8923344&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 043a4158f2c6fd6892ed67ced373e1f555b8d7612405609e15eab0c9e4a850a3

Request headers

:method: GET
:authority: secure.livechatinc.com
:scheme: https
:path: /customer/action/open_chat?license_id=8923344&group=0&embedded=1&widget_version=3&unique_groups=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 2018
expires: Fri, 17 Sep 2021 08:59:23 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 17 Sep 2021 08:59:23 GMT

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 10 KB
4 KB 138ms
138ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=8923344&version=c92df623023877719a90b2a350049cd0&language=en&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 713cff5d59627a0149e604744b5403fdd860ea8af20c6a4eb4fe1f77edc066a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:23 GMT
cache-control: public, max-age=600
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
content-length: 3703
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 09:09:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E583 5 KB
709 B 16ms
16ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8923344&group=0&embedded=1&widget_version=3&unique_groups=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 08:57:19 GMT
server: ESF
date: Fri, 17 Sep 2021 08:59:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 08:59:23 GMT

GET
H2 200 0.302b0b12.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E583 175 KB
53 KB 7ms
6ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.302b0b12.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8923344&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c68424d0ad9710ed4c049adfc60fd10c606238c5d995fb9ecfd4de65d6c5a251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: CYkwmOSu9k4V9RTRudbPS.Aoxy5ZI2.B
content-encoding: br
last-modified: Thu, 02 Sep 2021 10:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"df1a6ea33d24153cdc89f019b3f4d3eb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 17 Sep 2021 08:59:23 GMT
content-length: 54147
x-amz-cf-id: 6J7ojJYzX2oce318u_5Oh6R9lColVBgCFJ2u87lbgHoXGQmcmKGjwQ==
expires: Sat, 17 Sep 2022 08:59:23 GMT

GET
H2 200 3.758973a2.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E583 204 KB
64 KB 12ms
12ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/3.758973a2.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8923344&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6067ae4827a1c04af690b928da2eec7715e42ad9091b268536234ac68a6d8b6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: cvw7aJse1HfUMM_tBsTlW1q1HLLv3xbk
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 10:00:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"a3629801e0ecc75f3c40adde8e824808"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 17 Sep 2021 08:59:23 GMT
content-length: 64853
x-amz-cf-id: veHduB8V9I1hGw5gsl_4BfoTXEhJR5ULWk64QJHn44V3rBcTP8iLoA==
expires: Sat, 17 Sep 2022 08:59:23 GMT

GET
H2 200 iframe.41153d18.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E583 464 KB
138 KB 14ms
14ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.41153d18.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8923344&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6558031315a54e23bf79c666e4f320b2c97bd0efc59f77ee49902abc5ce20389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: zm9GH0ma7P9Q_07MigcuuUpq1HIyyhEM
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 08:03:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"f5e7abc6dac135122f6a63577b800223"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 17 Sep 2021 08:59:23 GMT
content-length: 140421
x-amz-cf-id: HfC4vmrlhjv1SpyLGl-A9w0dT_FqHva2UN6OdfnyPMyH4_ylQQbLVg==
expires: Sat, 17 Sep 2022 08:59:23 GMT

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame E583 16 KB
16 KB 13ms
13ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 17:40:07 GMT
x-content-type-options: nosniff
age: 227956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:44:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Sep 2022 17:40:07 GMT

GET
H3 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame E583 16 KB
16 KB 14ms
14ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 17:40:07 GMT
x-content-type-options: nosniff
age: 227956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Sep 2022 17:40:07 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame E583 138 B
910 B 151ms
137ms XHR
application/json 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.302b0b12.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 838827189658cc99bf2d70f8d5a48f72a3c4f80bc1c21fec16618bc101cd4fac

Request headers

Referer: https://secure.livechatinc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 08:59:23 GMT
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-API-Type, X-Application, X-Region
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pushengage.js Show response
clientcdn.pushengage.com/ 18 KB
5 KB 14ms
14ms Script
application/javascript 13.227.158.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/pushengage.js
Requested by: Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/80780b73b5a3f4655fee62041e51f1be.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.158.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-158-89.muc51.r.cloudfront.net
Software: nginx /
Resource Hash: 44fa801946bf74772ec9aa30fc593af9a402602949e2c3897c110e1d7a26d0a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:59:18 GMT
content-encoding: gzip
server: nginx
age: 5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=300
x-amz-cf-pop: MUC51-C1
x-amz-cf-id: JxrMMRIOnRWoGXYFH6xEZURCeu253SqEucKN5WsSNq1k-IXUCoEmGw==
via: 1.1 161da0b4a35876d11292625c13ca0f51.cloudfront.net (CloudFront)

GET
H2 200 poweredby.png
assetscdn.pushengage.com/site_assets/img/ 1 KB
1 KB 58ms
13ms Image
image/png 13.227.158.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn.pushengage.com/site_assets/img/poweredby.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.158.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-158-29.muc51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fc433d29c75ad01a8b659920e90e0e9cec6a29f64554b294f0b711531e95be0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.indusface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 03:45:01 GMT
via: 1.1 7a353ac52edd918080eb1d76630437d4.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 09:48:13 GMT
server: AmazonS3
age: 20015
etag: "02aec77a0221b1cf0bee11ff572c74e3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 1025
x-amz-cf-id: W0nRwS8lIIWVQfp9f5z5DvsNHm_GtESUKN2GZ0VH-c9K0HVu0OHv4Q==

OPTIONS
H2 200 records
oeqepmcz7a.execute-api.us-east-1.amazonaws.com/beta/streams/optin/ Frame 0
0 160ms
112ms Preflight
application/json 99.84.82.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oeqepmcz7a.execute-api.us-east-1.amazonaws.com/beta/streams/optin/records
Protocol: H2
Server: 99.84.82.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-113.muc50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://www.indusface.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 17 Sep 2021 08:59:23 GMT
x-amzn-requestid: 353c2722-4fd0-40fe-a753-ac984798f8f7
access-control-allow-origin: *
access-control-allow-headers: X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With
x-amz-apigw-id: FzLU4G6DIAMF7kg=
access-control-allow-methods: GET,OPTIONS,PUT
x-cache: Miss from cloudfront
via: 1.1 598adc26bc2de491984cda2fac7d893a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: UktoSMH8VfhgjOn0PnSPiMpXgAOR__Ll9JAA3yqCutfQFC8ZhiNAgg==

PUT
H2 200 records Show response
oeqepmcz7a.execute-api.us-east-1.amazonaws.com/beta/streams/optin/ 110 B
470 B 325ms
324ms XHR
application/json 99.84.82.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oeqepmcz7a.execute-api.us-east-1.amazonaws.com/beta/streams/optin/records
Requested by: Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/80780b73b5a3f4655fee62041e51f1be.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-113.muc50.r.cloudfront.net
Software: /
Resource Hash: 6f3b11b662b9cc0003ce7a8861c2454484658421312545e2b4ccb1e80982a637

Request headers

Referer: https://www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 17 Sep 2021 08:59:24 GMT
via: 1.1 598adc26bc2de491984cda2fac7d893a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-amzn-requestid: 4cfde2c3-e872-4510-a9cc-36c63815dada
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-614458ec-7131fbda0504a0fd6a37dbe2
x-amz-apigw-id: FzLU7EZnIAMFrUg=
content-length: 110
x-amz-cf-id: ULijShKfjFz-4luUGlb3FTxZ5bPzXIAEDy_C1macmm_VJcTLur_G2A==

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.indusface.com/blog/detect-web-application-attacks-using-web-server-access-logs	1969-12-31 23:59:59	Name: Value: MXCookie
.accounts.livechatinc.com/customer	1970-01-20 14:49:01	Name: __lc_cid Value: 59b384ac-3f85-4a33-4cbc-ae341ffa065f
.accounts.livechatinc.com/customer	1970-01-20 14:49:01	Name: __lc_cst Value: f812c999f2e9422c989aa07db0e97ddb04867aa8ed2e2c3ff9a44ecbd8f61506a46e44c03fa68d43c4eab4f79b8a5f223727d22105355d4f8f76ecaad145
www.indusface.com/	1970-01-19 21:19:15	Name: sess_map Value: rrvdzeqsxsxaerbfarwzuvwatbfsazsrdbarvsxvduqfewvczdwdfrrvbafectfzwwedzsxtzvxaeswbzfxftzwqzbdyuwtfcefavdyzdsqfyfyweedxdqebufeyyzbzsuddqxdrzyuqfsbvvefyuxarfrqcddfv
.indusface.com/	1970-01-19 23:27:25	Name: _gcl_au Value: 1.1.1424634426.1631869161
.indusface.com/	1970-01-20 14:49:01	Name: _ga Value: GA1.2.1432523405.1631869161
.indusface.com/	1970-01-19 21:19:15	Name: _gid Value: GA1.2.1845569972.1631869161
.indusface.com/	1970-01-19 21:17:49	Name: _gat Value: 1
www.indusface.com/	1970-01-23 21:16:22	Name: _omappvp Value: edia9iyLEn2VOTEMK79MwadWhwmXLrmMVf2oXxWlNCDG9QOFYmsguUuPcdHjmpZdXy16x1UnecgsgvvJwrHqDH4iwngJ8pIw
www.indusface.com/	1970-01-19 21:17:50	Name: _omappvs Value: 1631869161310
tracking.g2crowd.com/	1970-01-19 21:37:58	Name: _session_id Value: aa7b71850c4bfdf7d9b1529e48ceab3e
.g2crowd.com/	1970-01-19 21:17:50	Name: __cf_bm Value: WSyhBaHzdagH.etJtuBDuN3IIP9rw7HN0dogEsxk0hM-1631869161-0-AcGSCUTY/tn3L+rT1xgW5wtC68gHagAuNShXz2ZIPMBlK2eRwKK/plsJMg0Y/GCNqDsIvDf62AiIr7T0nItNvLI=
.doubleclick.net/	1970-01-19 21:17:50	Name: test_cookie Value: CheckForPermission
.indusface.com/	1970-01-20 14:49:01	Name: ORG18917 Value: dc49249d-852b-43c1-a124-ccfd3b2997f4
.indusface.com/	1970-01-20 14:49:01	Name: _lfa Value: LF1.1.5793f62f47d664e2.1631869161412
.linkedin.com/	1970-01-19 22:01:01	Name: UserMatchHistory Value: AQKLyEx44F6RVAAAAXvy-0_4QkQaov3aTwRoRBXNBOt9xchQnj0lWjP4snVwDBGi9hRxlZjivUBQYg
.linkedin.com/	1970-01-19 22:01:01	Name: AnalyticsSyncHistory Value: AQK4EuhtCOCmMQAAAXvy-0_4iOUXghPofQyBGKScRHC373c33iGI6JyS1ge6nILdcrTOZx-cJM27Sb4ptY8teg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:49:43	Name: bcookie Value: "v=2&4e4fd724-d859-45da-84a6-d962edf95810"
.linkedin.com/	1970-01-19 21:19:15	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2553:u=1:x=1:i=1631869161:t=1631955561:v=2:sig=AQGJIEeXCnZLuZj5yAVAiIR-Ksxl7qwc"
.indusface.com/	1970-01-19 23:27:25	Name: _fbp Value: fb.1.1631869161529.995242676
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:49:43	Name: bscookie Value: "v=1&2021091708592117021075-2709-40dd-8313-fb7977351fbbAQHpsCNGAwMH8XI9UQwzsh8s2k9EDcZk"
www.indusface.com/	1970-01-19 22:01:01	Name: omSeen-mdbrtp4i4vqs8zwg5jp5 Value: 1631869162274
trackcmp.net/	1970-01-19 22:01:01	Name: cmp223422163 Value: 3875f7072b5f9a8e3b173ca30fd6e938
www.indusface.com/	1970-01-19 21:27:53	Name: PushSubscriberStatus Value: CLOSED
www.indusface.com/	1970-01-19 21:27:53	Name: peclosed Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tr.lfeeder.com/?sid=kn9Eq4R1l2K7RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTQ0ODQ1NC0xIl0sImdhQ2xpZW50SWRzIjpbIjE0MzI1MjM0MDUuMTYzMTg2OTE2MSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjI2LjIifSwicGFnZVVybCI6Imh0dHBzOi8vd3d3LmluZHVzZmFjZS5jb20vYmxvZy9kZXRlY3Qtd2ViLWFwcGxpY2F0aW9uLWF0dGFja3MtdXNpbmctd2ViLXNlcnZlci1hY2Nlc3MtbG9ncy8iLCJwYWdlVGl0bGUiOiJEZXRlY3QgV2ViIEFwcHMgQXR0YWNrcyBVc2luZyBXZWIgU2VydmVyIEFjY2VzcyBMb2dzIHwgSW5kdXNmYWNlIEJsb2ciLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjYwMWY5YzFlYmRiZGY4Y2QiLCJjbGllbnRUaW1lc3RhbXAiOiIyMDIxLTA5LTE3VDA4OjU5OjIxLjQxM1oiLCJjbGllbnRUaW1lem9uZSI6MCwic2NyaXB0SWQiOiJrbjlFcTRSMWwySzdSbHZQIiwiY29va2llc0VuYWJsZWQiOnRydWUsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjU3OTNmNjJmNDdkNjY0ZTIuMTYzMTg2OTE2MTQxMiIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e319 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
accounts.livechatinc.com
ajax.googleapis.com
api.livechatinc.com
api.omappapi.com
assetscdn.pushengage.com
cdn.livechatinc.com
cdn.websitepolicies.io
cdn.wpcc.io
cdnjs.cloudflare.com
clientcdn.pushengage.com
connect.facebook.net
d.adroll.com
dwmbily8o2kmd.cloudfront.net
f1.leadsquaredcdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
indusface.viewpage.co
ipinfo.io
oeqepmcz7a.execute-api.us-east-1.amazonaws.com
px.ads.linkedin.com
s.adroll.com
sc.lfeeder.com
secure.livechatinc.com
snap.licdn.com
stats.g.doubleclick.net
tr.lfeeder.com
trackcmp.net
tracking.g2crowd.com
web.mxradon.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.indusface.com
www.linkedin.com
z.omappapi.com
104.16.19.94
104.18.26.190
108.174.11.69
13.107.42.14
13.227.158.29
13.227.158.89
142.250.185.100
142.250.185.110
142.250.185.163
142.250.185.195
142.250.185.98
142.250.186.170
142.250.186.74
142.250.186.99
142.250.74.200
173.194.76.154
178.128.135.233
2.16.186.211
2.18.234.132
216.58.212.162
31.13.92.14
31.13.92.36
34.117.59.81
35.154.140.16
52.22.91.206
52.74.192.222
54.213.26.105
64.185.181.238
68.183.157.211
89.187.169.47
99.84.82.113
99.84.82.115
99.84.82.124
99.84.82.6
99.84.82.62
99.84.82.91
99.84.90.163
026d8c7df82f0c9913841d4926e74584cbee624a1f5f0ba94f7d922fa7738d9e
043a4158f2c6fd6892ed67ced373e1f555b8d7612405609e15eab0c9e4a850a3
077d7fed529797b01f6456996252cd7706fb925c1c46edd34c2427af21abdf50
0951e099281617d5f25f803368496f75f57d2fd4a7022418641b0925d616fe97
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0af71276105149b8cb567c8216492d639180b1c5ebd49c7bb7569e13a3f8cd55
0ce4f52c01e57bf28cd8bb1c41e7d56ed1e753e098a8c27f1583bbb641b6f1d0
0d7cd639c89358f19d898c0f407c362e22f9f3efb8f419bb35ede15d184daa71
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fc433d29c75ad01a8b659920e90e0e9cec6a29f64554b294f0b711531e95be0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
11ef31d73574d8fd7e1c76acda2825b24bb98e391624368b762b27da765382a8
12ef329f8118fac90d5027aca25aa9087aa7dbc659ffa4e30c57120f9415e9e2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1648a9579fc584a85b4e89a9dc03381ada3dcd38f1fba2c240c06747e57a2978
19a5bc2d205600f87e8e72f1fd400ac9539ddaebe048e68f4dcf6188a485c0ac
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bf2615467e449c54538d0d1f12b843fed237524537bf01b8feb8e805866d781
1c6ce13a9747305e487c0ce68a51c914a6dd4581c2d3b0d1b515744b2fd74e0e
1cdd15a8e9182c58416ea7211f550600558c1edd1b8c285e2a6600374ac1c39b
1fac671afb020a706ba947b453637882b0e3b7bf6dc99f257b0aed4a314ebd01
219c5024e3784a2566dd80a628827c34def1cb9b6500248ed652b9c39bdb117e
23f43495961fdb47783b3a3563d5bf46afb81d3695dfbf434ce234fd281a02d5
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2d2914fed5198064aa815d2a6fdf846fdbe243fd2bcae452f0ac1b4d830a1eb6
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
352aa4485c3afac728ff3e909ee2abc101634bd4d865327cc83bf8d1288099bc
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
44fa801946bf74772ec9aa30fc593af9a402602949e2c3897c110e1d7a26d0a2
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5bdb87f16cf8bf070b5cb09df7b1d05fd49a049a5f4ed629e097ac5bf058e4
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
4ce249296997d075ef270bfd41478e0e563d216af6e4cfa184160662261b1267
4d2e6f0a9f32be19c749e9fcc7c5ab66d68eb953682ab0bbb2fbaef65b11f6b8
501e2c91bb051cd690836bc5a3e16ce26fe2c092de6aae4168534c05eec613cd
52cbca744ac7a9aa2d6f9919a1b0b23819515a0196b924583266709f9c9e9162
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4
5f5bf0ae68114f652768b54601198f1b79f14ff8b9f66715c72fb9f550f9e271
5f91a3da195a2092f6f1637d0044ae9fb0220317569a0fe1ab9eaea9f7770a39
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6067ae4827a1c04af690b928da2eec7715e42ad9091b268536234ac68a6d8b6b
63508872396bf73c75a08b9513228b07a032a0ad55db59aa37e1718d60909594
6558031315a54e23bf79c666e4f320b2c97bd0efc59f77ee49902abc5ce20389
68f3f7e1501f20e862ce2dda9e3f9f3ecd88e315e0e03889bd92763f6a55cbfd
6b8c93e74a9052987f8ad9dc17196dd1fb719effc678ecaa962806102e995670
6b927499e3f315b3ce83c7d8edc5a88b392eb5c94006a61c5b96766d691f036c
6f3b11b662b9cc0003ce7a8861c2454484658421312545e2b4ccb1e80982a637
713cff5d59627a0149e604744b5403fdd860ea8af20c6a4eb4fe1f77edc066a3
7a91d8d2cca66912e3ed63989e4a08251c8d70870117b13f179579bec7bb3797
804f633d0b6f9e014010c41276eea80d9c5fef5ad53f2d456bf39733d87c7477
828082977a5f96b0a62e0d58c7545ef1036b320bb2d9db72f94993170cb15c58
838827189658cc99bf2d70f8d5a48f72a3c4f80bc1c21fec16618bc101cd4fac
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8974ae4fc3b64bc4f85d632d54a148a4ab9f337b5a362b17bc6d717b2392b36a
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d
90f6cf7cce685be89a5a634ada6861eaeb5cd1dadf68aaaf6bef1c0c3620ec75
954df4af79faab3ad69ea0b43ddb5d243aede5f7c3f17e70eb5cd3fddbce81d5
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
9cbbf9ba8d1e46bbab721d680dbf58936697e127d69c7450c20e6a7125dd0f0a
9e7fa11e56b0b53c77da9464b2787d301a9c5fc3cc79b8defeef59079a0ce42b
a312c1ef020085e72a815e6091b624a301d8274567dcfaf901a5eb196edfb1ab
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a7f99ab09b15008cdb7bc2b2b680b24cf4e95219b83c9355d76da7e879480543
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b6a856e69b1a14d6e38c71ad9b57ba20b16988091b7d2a3fd18bb1a17ea42f49
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c68424d0ad9710ed4c049adfc60fd10c606238c5d995fb9ecfd4de65d6c5a251
cb8b9e7d611f04abb8d93ad323370524c254de5c17ea37844b30068cf44e5266
cbde479c10d012a88da713f2db63f49216655d7f57529df6ac1dae293625f513
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d104dc9ce2e19ab0c6001655d306bbefa8048a9c46f420d265ef38ab4f6fb4f7
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57
db579366767f73086ab53d247894394ec27abd5e723cb9d203d2479c76286830
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0ec6341fb255aa21912c4bfef493584c86109c70c31242187eeec3f9c6325d2
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5db866bbeb631f6d1bb313810fbd65eae68ee20003810e42aba78c5e047622f
fcf7342ac0f25805477906cca75be1f284a00b5a973eb70c8011ca60d49dc5ce
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fec53ef2b9b7550f8d516a14890c15c4ada19557908e8c42210fbd081aa042f5
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
fff426e1f2e0f6df1fdf4fd50790a29de380123e633dde9eb76290852785221c

www.indusface.com Open in urlscan Pro 64.185.181.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

100 %HTTPS

0 %IPv6

29 Domains

41 Subdomains

36 IPs

5 Countries

2181 kBTransfer

5439 kBSize

27 Cookies

7 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.indusface.com Open in urlscan Pro
64.185.181.238 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

100 %
HTTPS

0 %
IPv6

29
Domains

41
Subdomains

36
IPs

5
Countries

2181 kB
Transfer

5439 kB
Size

27
Cookies

106 HTTP transactions
9 data transactions