offload-media.esaner.com Open in urlscan Pro
3.220.109.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.offload-media.esaner.com/
Effective URL:
https://offload-media.esaner.com/
Submission: On April 12 via api (April 12th 2024, 2:09:06 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 17 HTTP transactions. The main IP is 3.220.109.195, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is offload-media.esaner.com.
TLS certificate: Issued by R3 on April 11th 2024. Valid for: 3 months.

This is the only time offload-media.esaner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	3.220.109.195 3.220.109.195	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:235... 2600:9000:2359:4a00:11:487d:b80:21	16509 (AMAZON-02) (AMAZON-02)
1	52.5.154.105 52.5.154.105	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
17	8

3 3.220.109.195 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-109-195.compute-1.amazonaws.com

www.offload-media.esaner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
offload-media.esaner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2359:4a00:11:487d:b80:21 (United States)

ASN16509 (AMAZON-02, US)

d2pgjuqlw06ipa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.154.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-154-105.compute-1.amazonaws.com

ask.lib.jmu.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudfront.net d2pgjuqlw06ipa.cloudfront.net	134 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	268 KB
3	esaner.com 1 redirects www.offload-media.esaner.com offload-media.esaner.com	17 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7551	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 87	305 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3076	314 B
1	jmu.edu ask.lib.jmu.edu	4 KB
17	7

	Domain	Requested by
5	d2pgjuqlw06ipa.cloudfront.net	offload-media.esaner.com d2pgjuqlw06ipa.cloudfront.net
3	www.googletagmanager.com	offload-media.esaner.com www.googletagmanager.com
2	www.google.de	offload-media.esaner.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	offload-media.esaner.com
1	ask.lib.jmu.edu	offload-media.esaner.com
1	www.offload-media.esaner.com	1 redirects
17	8

This site contains links to these domains. Also see Links.

Domain
search.lib.jmu.edu
guides.lib.jmu.edu
commons.lib.jmu.edu
illiad.lib.jmu.edu
ask.lib.jmu.edu
canvas.jmu.edu
aeon.lib.jmu.edu
sites.lib.jmu.edu
jmu.illumira.net
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
www.jmu.edu
jmu.questionpro.com

Subject Issuer	Validity	Valid
offload-media.esaner.com R3	`2024-04-11` - `2024-07-10`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
ask.lib.jmu.edu R3	`2024-04-07` - `2024-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://offload-media.esaner.com/
Frame ID: 3C202BB1AF60FCAA5B85983EEA26365D
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offload Media

Page URL History Show full URLs

https://www.offload-media.esaner.com/ HTTP 301
https://offload-media.esaner.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

424 kB
Transfer

1314 kB
Size

3
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://search.lib.jmu.edu/
Title: Articles, Books & More

Search URL Search Domain Scan URL

URL: https://guides.lib.jmu.edu/az.php
Title: Databases

Search URL Search Domain Scan URL

URL: https://search.lib.jmu.edu/discovery/jsearch?vid=01JMU_INST:01JMU
Title: Journals

Search URL Search Domain Scan URL

URL: https://guides.lib.jmu.edu/news
Title: Newspapers & Magazines

Search URL Search Domain Scan URL

URL: https://commons.lib.jmu.edu/
Title: Scholarly Commons

Search URL Search Domain Scan URL

URL: https://illiad.lib.jmu.edu/illiad/
Title: Interlibrary Loan

Search URL Search Domain Scan URL

URL: https://search.lib.jmu.edu/discovery/search?vid=01JMU_INST:01JMU&lang=en&mode=advanced
Title: Advanced Search

Search URL Search Domain Scan URL

URL: https://guides.lib.jmu.edu/researchguides
Title: Research Guides

Search URL Search Domain Scan URL

URL: https://guides.lib.jmu.edu/courseguides
Title: Course Guides

Search URL Search Domain Scan URL

URL: https://guides.lib.jmu.edu/data
Title: Data Management

Search URL Search Domain Scan URL

URL: https://guides.lib.jmu.edu/copyright
Title: Copyright

Search URL Search Domain Scan URL

URL: https://guides.lib.jmu.edu/citing
Title: Cite Sources

Search URL Search Domain Scan URL

URL: https://ask.lib.jmu.edu/faq/119203
Title: Printing & Scanning

Search URL Search Domain Scan URL

URL: https://search.lib.jmu.edu/discovery/login?vid=01JMU_INST:01JMU
Title: Library Account

Search URL Search Domain Scan URL

URL: https://canvas.jmu.edu/
Title: Canvas

Search URL Search Domain Scan URL

URL: https://aeon.lib.jmu.edu/logon
Title: Special Collections

Search URL Search Domain Scan URL

URL: https://sites.lib.jmu.edu/wp-login.php?redirect_to=https%3A%2F%2Fsites.lib.jmu.edu%2F&action=shibboleth
Title: CampusPress

Search URL Search Domain Scan URL

URL: https://jmu.illumira.net/Shibboleth.sso/DS?SAMLDS=1&entityID=urn:mace:incommon:jmu.edu&target=https%3A%2F%2Fjmu.illumira.net%2Fdlr%2Fshibauth2.php%3Freferer%3Dhttp%253A%252F%252Fjmu.illumira.net%252F
Title: Illumira

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jmulibraries
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jmulibraries/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/jmuLibraries
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/jmulibraries
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.jmu.edu/policies/web-privacy-statement.shtml
Title: Privacy

Search URL Search Domain Scan URL

URL: https://jmu.questionpro.com/lib-web-feedback?source=https%3A%2F%2Foffload-media.esaner.com%2F
Title: Website Feedback

Search URL Search Domain Scan URL

URL: https://www.jmu.edu/index.shtml
Title: JMU Homepage

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.offload-media.esaner.com/ HTTP 301
https://offload-media.esaner.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
offload-media.esaner.com/
Redirect Chain

https://www.offload-media.esaner.com/
https://offload-media.esaner.com/

99 KB
16 KB

460ms
211ms

Document
text/html

3.220.109.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offload-media.esaner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.109.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-109-195.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9e4cad0f57e7bc30b8726e283b99a34ff7c96746a8347df0d2ac1f17f7938d49

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 15941
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Apr 2024 14:09:00 GMT
Keep-Alive: timeout=2, max=100
Link: <https://offload-media.esaner.com/wp-json/>; rel="https://api.w.org/", <https://offload-media.esaner.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://offload-media.esaner.com/>; rel=shortlink
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 12 Apr 2024 14:09:00 GMT
Keep-Alive: timeout=2, max=100
Location: https://offload-media.esaner.com/
Server: Apache

GET
H2 200 style.min.css
d2pgjuqlw06ipa.cloudfront.net/wp-includes/css/dist/block-library/ 111 KB
15 KB 509ms
409ms Stylesheet
text/css 2600:9000:2359:4a00:11:487d:b80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2pgjuqlw06ipa.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by: Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:4a00:11:487d:b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
content-encoding: gzip
via: 1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Apr 2024 20:42:19 GMT
server: Apache
x-amz-cf-pop: FRA60-P10
etag: "1bae5-615d83106caba-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 14991
x-amz-cf-id: KnfcwVMY4Ol_jh0twVxGA2m_Z6Abxqa4Q-GIXSEXsT8T8J6Nr60AYw==

GET
H2 200 wp.b807aa.css
d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/css/ 75 KB
12 KB 515ms
416ms Stylesheet
text/css 2600:9000:2359:4a00:11:487d:b80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/css/wp.b807aa.css
Requested by: Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:4a00:11:487d:b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8d610d064f933483787a8e26db1aa33e585f2e395aff144aa2bc645a5dc11057

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
content-encoding: gzip
via: 1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 13:05:02 GMT
server: Apache
x-amz-cf-pop: FRA60-P10
etag: "12d72-615bdafc21b80-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 11896
x-amz-cf-id: CgMcbF2pmtzzc6qZ788H0ALWMqWnKTUqbYIg4i8BTihldlJMBOWbiA==

GET
H2 200 jquery.min.js Show response
d2pgjuqlw06ipa.cloudfront.net/wp-includes/js/jquery/ 86 KB
30 KB 413ms
413ms Script
text/javascript 2600:9000:2359:4a00:11:487d:b80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2pgjuqlw06ipa.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:4a00:11:487d:b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
content-encoding: gzip
via: 1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 21:22:37 GMT
server: Apache
x-amz-cf-pop: FRA60-P10
etag: W/"15601-611ff0adf4140"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: WjxpPZkI2UhzlTDdN7hg0lPsQAV3w53PKAn-o9UYz2ZBn3dr78c5rg==

GET
H2 200 wp.f1ec96.js Show response
d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/js/ 91 KB
28 KB 414ms
413ms Script
text/javascript 2600:9000:2359:4a00:11:487d:b80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/js/wp.f1ec96.js
Requested by: Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:4a00:11:487d:b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 95d5c4537d5986533b9cedce4ea59679614d5acdf10270323a3d51470d0ddc4c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
content-encoding: gzip
via: 1.1 43244f77affffa1d8942dd025413b8d8.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 13:05:02 GMT
server: Apache
x-amz-cf-pop: FRA60-P10
etag: W/"16be1-615bdafc21b80"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: mf3q4PVRavRBOZnrcFyRcLyqA5a1IOvLOjeE04-QzEW8DxenY_-3Hg==

GET
H2 200 load_chat.php Show response
ask.lib.jmu.edu/ 13 KB
4 KB 864ms
135ms Script
application/javascript 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.lib.jmu.edu/load_chat.php?hash=163d8fff53c5f37ef3c2376f753f0eb1

Requested by

Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ecde9e1b07a1c031d2bc5ce4b5ac590b9c7b0eebf6cb35087d2d639ede085faf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=3600
x-backend-server: libanswers-us-4.springyaws.com
x-proxy-cache: MISS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
71 KB 240ms
59ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8GQ65F

Requested by

Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

724f6b99dfbaea4de0a028d36807a4ae993cad325cdeaca6391936e14fa05592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72426
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 14:09:01 GMT

GET
DATA 200
OK truncated
/ 122 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20a2c94142925d780f27b444d4766f6ec61bbdf80cb344e8ca7b064af87f5422

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 RobotoSlab-Regular.036e59.woff2
d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/fonts/roboto/ 49 KB
50 KB 495ms
414ms Font
font/woff2 2600:9000:2359:4a00:11:487d:b80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/fonts/roboto/RobotoSlab-Regular.036e59.woff2
Requested by: Host: d2pgjuqlw06ipa.cloudfront.net
URL: https://d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/css/wp.b807aa.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:4a00:11:487d:b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 47be78143443ade38793042ec4820b6c53054e1d2c414d9bb61fc08298750b61

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://d2pgjuqlw06ipa.cloudfront.net/wp-content/themes/jmu-libraries/public/css/wp.b807aa.css
Origin: https://offload-media.esaner.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
via: 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 13:05:02 GMT
server: Apache
x-amz-cf-pop: FRA60-P10
etag: "c494-615bdafc21b80"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
content-length: 50324
x-amz-cf-id: tboIwJJG88EgTMxbGXhhIvpwSrw0A5KGnWBBxuPlbmx57PoPozba-Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
98 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XZLGFJC3JY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GQ65F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37df8f46c2f5928bda4cf5b7ec25cfe60b05bfdb1910aad64bf45c8a02383ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 14:09:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
99 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3QPEZ8YC31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8GQ65F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5818856aabb00cf84d5ae774c426778699d600f6dca49010ab846c24eb83ee10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 14:09:01 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 138ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3QPEZ8YC31&gtm=45je44a0v898005189z8810172275za200&_p=1712930941369&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009004824.1712930942&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712930941&sct=1&seg=0&dl=https%3A%2F%2Foffload-media.esaner.com%2F&dt=Offload%20Media&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1946
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QPEZ8YC31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 14:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offload-media.esaner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 147ms
53ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3QPEZ8YC31&cid=2009004824.1712930942&gtm=45je44a0v898005189z8810172275za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QPEZ8YC31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 14:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offload-media.esaner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 148ms
64ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3QPEZ8YC31&cid=2009004824.1712930942&gtm=45je44a0v898005189z8810172275za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1709675503

Requested by

Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 14:09:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 117ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XZLGFJC3JY&gtm=45je44a0v897940620z8810172275za200&_p=1712930941369&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009004824.1712930942&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712930941&sct=1&seg=0&dl=https%3A%2F%2Foffload-media.esaner.com%2F&dt=Offload%20Media&en=page_view&_fv=1&_ss=1&tfd=1967
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XZLGFJC3JY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 14:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offload-media.esaner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 127ms
53ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XZLGFJC3JY&cid=2009004824.1712930942&gtm=45je44a0v897940620z8810172275za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XZLGFJC3JY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 14:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offload-media.esaner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 128ms
65ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XZLGFJC3JY&cid=2009004824.1712930942&gtm=45je44a0v897940620z8810172275za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1823899406

Requested by

Host: offload-media.esaner.com
URL: https://offload-media.esaner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 14:09:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon.8dcee2.svg
offload-media.esaner.com/wp-content/themes/jmu-libraries/public/images/ 433 B
705 B 118ms
118ms Other
image/svg+xml 3.220.109.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offload-media.esaner.com/wp-content/themes/jmu-libraries/public/images/favicon.8dcee2.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.220.109.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-109-195.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9614a4912154b3f2a64ab2089e63e6ccc3f3c0b3bf08ff71e28e2c0784bef8f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://offload-media.esaner.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 14:09:02 GMT
Last-Modified: Wed, 10 Apr 2024 13:05:02 GMT
Server: Apache
ETag: "1b1-615bdafc21b80"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 433

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.esaner.com/	1970-01-21 05:24:50	Name: _ga Value: GA1.1.2009004824.1712930942
.esaner.com/	1970-01-21 05:24:50	Name: _ga_3QPEZ8YC31 Value: GS1.1.1712930941.1.0.1712930941.60.0.0
.esaner.com/	1970-01-21 05:24:50	Name: _ga_XZLGFJC3JY Value: GS1.1.1712930941.1.0.1712930941.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ask.lib.jmu.edu
d2pgjuqlw06ipa.cloudfront.net
offload-media.esaner.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.offload-media.esaner.com
142.250.186.35
2001:4860:4802:32::36
2600:9000:2359:4a00:11:487d:b80:21
2a00:1450:4001:81d::2008
2a00:1450:400c:c00::9c
3.220.109.195
52.5.154.105
20a2c94142925d780f27b444d4766f6ec61bbdf80cb344e8ca7b064af87f5422
37df8f46c2f5928bda4cf5b7ec25cfe60b05bfdb1910aad64bf45c8a02383ad5
47be78143443ade38793042ec4820b6c53054e1d2c414d9bb61fc08298750b61
5818856aabb00cf84d5ae774c426778699d600f6dca49010ab846c24eb83ee10
724f6b99dfbaea4de0a028d36807a4ae993cad325cdeaca6391936e14fa05592
8d610d064f933483787a8e26db1aa33e585f2e395aff144aa2bc645a5dc11057
95d5c4537d5986533b9cedce4ea59679614d5acdf10270323a3d51470d0ddc4c
9614a4912154b3f2a64ab2089e63e6ccc3f3c0b3bf08ff71e28e2c0784bef8f1
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9e4cad0f57e7bc30b8726e283b99a34ff7c96746a8347df0d2ac1f17f7938d49
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecde9e1b07a1c031d2bc5ce4b5ac590b9c7b0eebf6cb35087d2d639ede085faf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

offload-media.esaner.com Open in urlscan Pro 3.220.109.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

424 kBTransfer

1314 kBSize

3 Cookies

25 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

Indicators

offload-media.esaner.com Open in urlscan Pro
3.220.109.195 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

424 kB
Transfer

1314 kB
Size

3
Cookies

17 HTTP transactions
1 data transactions