idafchev.github.io Open in urlscan Pro
185.199.108.153 Public Scan

URL:
https://idafchev.github.io/
Submission: On July 16 via manual (July 16th 2021, 5:36:03 pm UTC) from HU

Summary HTTP 95 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 11 domains to perform 95 HTTP transactions. The main IP is 185.199.108.153, located in United States and belongs to FASTLY, US. The main domain is idafchev.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.

This is the only time idafchev.github.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
20	2600:9000:219... 2600:9000:2190:4200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
3	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY)
95	17

41 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

idafchev.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

idafchev.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2190:4200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	github.io idafchev.github.io	1 MB
23	disquscdn.com c.disquscdn.com a.disquscdn.com	773 KB
15	disqus.com idafchev.disqus.com disqus.com referrer.disqus.com links.services.disqus.com	102 KB
4	google.com apis.google.com accounts.google.com	40 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	viglink.com cdn.viglink.com	541 B
2	facebook.net connect.facebook.net	70 KB
2	googletagmanager.com www.googletagmanager.com	89 KB
1	gstatic.com ssl.gstatic.com	40 KB
1	facebook.com www.facebook.com
1	googleapis.com ajax.googleapis.com	33 KB
95	11

	Domain	Requested by
41	idafchev.github.io	idafchev.github.io
20	c.disquscdn.com	idafchev.disqus.com disqus.com c.disquscdn.com
8	disqus.com	idafchev.disqus.com c.disquscdn.com
3	links.services.disqus.com	c.disquscdn.com
3	a.disquscdn.com	idafchev.github.io c.disquscdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	referrer.disqus.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	cdn.viglink.com	idafchev.github.io
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	idafchev.disqus.com	idafchev.github.io idafchev.disqus.com
2	www.googletagmanager.com	idafchev.github.io www.googletagmanager.com
1	ssl.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	ajax.googleapis.com	idafchev.github.io
95	16

This site contains links to these domains. Also see Links.

Domain
github.com
twitter.com
www.tbs.tech
abuse.ch
bazaar.abuse.ch
tour.golang.org
go-re.tk
www.dragos.com
golang.org
blog.golang.org

Subject Issuer	Validity	Valid
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://idafchev.github.io/
Frame ID: E9A96A49A52EEC7A421D55379E60D6FF
Requests: 63 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
Frame ID: 3566073AFEDDE39DEB70445D39F0A826
Requests: 21 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=idafchev&t_u=https%3A%2F%2Fidafchev.github.io%2F&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00
Frame ID: 2A32280F7B9DA54E04397D55FD52F420
Requests: 8 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 12396B066303BA296B4E26469BA590BC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Jekyll (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

html /<!-- Begin Jekyll SEO tag/i
meta generator /Jekyll (v[\d.]+)?/i

Ruby (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /^https?:\/\/[^/]+\.github\.io\//i
headers server /^GitHub\.com$/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /^https?:\/\/[^/]+\.github\.io\//i
headers server /^GitHub\.com$/i

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

url /^https?:\/\/[^/]+\.github\.io\//i
headers server /^GitHub\.com$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

95
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

16
Subdomains

17
IPs

2
Countries

2237 kB
Transfer

3500 kB
Size

2
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/idafchev
Title: Iliya Dafchev

Search URL Search Domain Scan URL

URL: https://twitter.com/michigangraham
Title: mattgraham

Search URL Search Domain Scan URL

URL: https://www.tbs.tech/product/asoc/
Title: ASOC

Search URL Search Domain Scan URL

URL: https://www.tbs.tech/
Title: TBS

Search URL Search Domain Scan URL

URL: https://abuse.ch/
Title: abuse.ch

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/
Title: MalwareBazaar

Search URL Search Domain Scan URL

URL: https://github.com/idafchev/EKANS-String-Decryptor
Title: https://github.com/idafchev/EKANS-String-Decryptor

Search URL Search Domain Scan URL

URL: https://tour.golang.org/welcome/1
Title: A Tour of Go

Search URL Search Domain Scan URL

URL: https://go-re.tk/gore/
Title: Go Reverse Engineering Toolkit

Search URL Search Domain Scan URL

URL: https://go-re.tk/redress/
Title: redress

Search URL Search Domain Scan URL

URL: https://github.com/idafchev/EKANS-String-Decryptor/blob/master/ekans_decrypted_process_names.txt
Title: Decrypted process names

Search URL Search Domain Scan URL

URL: https://github.com/idafchev/EKANS-String-Decryptor/blob/master/ekans_decrypted_service_names.txt
Title: Decrypted service names

Search URL Search Domain Scan URL

URL: https://www.dragos.com/blog/industry-news/ekans-ransomware-and-ics-operations/
Title: https://www.dragos.com/blog/industry-news/ekans-ransomware-and-ics-operations/

Search URL Search Domain Scan URL

URL: https://golang.org/src/crypto/rand/rand.go
Title: https://golang.org/src/crypto/rand/rand.go

Search URL Search Domain Scan URL

URL: https://blog.golang.org/gob
Title: https://blog.golang.org/gob

Search URL Search Domain Scan URL

URL: https://golang.org/src/encoding/gob/doc.go
Title: https://golang.org/src/encoding/gob/doc.go

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
idafchev.github.io/ 22 KB
8 KB 113ms
100ms Document
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 8359fa1d7d9fe721eab498bd3da15fd627345deed221770261c35850e214a900

Request headers

:method: GET
:authority: idafchev.github.io
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: GitHub.com
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jul 2020 19:53:04 GMT
access-control-allow-origin: *
etag: W/"5f1c8da0-59ca"
expires: Fri, 16 Jul 2021 17:45:45 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 2168:EAB3:5EF454:623755:60F1C371
accept-ranges: bytes
date: Fri, 16 Jul 2021 17:35:45 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4031-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1626456946.794169,VS0,VE93
vary: Accept-Encoding
x-fastly-request-id: 80a103b358248e2c4bc12a51ef4b94f40c21876b
content-length: 7727

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-110057192-1

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a63f86368b767d22792722e142e8049a7d3d4715b51a9d565e6eb3cd4688b87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40509
x-xss-protection: 0
expires: Fri, 16 Jul 2021 17:35:45 GMT

GET
H2 200 style.css
idafchev.github.io/css/ 20 KB
5 KB 96ms
95ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://idafchev.github.io/css/style.css
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 8a40fed2b6d4ab251ec8748f56c001bc9a9e1412442f914b4de687452e50a622

Request headers

:path: /css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: ab4c0e1ebed262a53fc1727379d371c7ae0ee82a
date: Fri, 16 Jul 2021 17:35:45 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 5069
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 2BC4:B75C:EAAEBF:F24150:60F1C371
x-timer: S1626456946.899374,VS0,VE89
etag: W/"5f1c8d9c-5137"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Fri, 16 Jul 2021 17:45:45 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 16:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 16:39:56 GMT

GET
H2 200 respond.js Show response
idafchev.github.io/assets/js/ 16 KB
5 KB 93ms
93ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://idafchev.github.io/assets/js/respond.js
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 8956b2b57e667404fc8db9ea546592d3f1abf4462c8f321dd3cd4a1f67bf2d42

Request headers

:path: /assets/js/respond.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 8051734e89fb703f3abeefa0de5074821f6c7d8b
date: Fri, 16 Jul 2021 17:35:45 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 5054
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
last-modified: Fri, 24 Jul 2020 02:41:10 GMT
server: GitHub.com
x-github-request-id: C116:B504:A268A1:A7822B:60F1C371
x-timer: S1626456946.899675,VS0,VE86
etag: W/"5f1a4a46-3e91"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 16 Jul 2021 17:45:45 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot01.png
idafchev.github.io/images/ekans/ 25 KB
25 KB 92ms
92ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot01.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: c1e8fc151838c333303803f181fb7f22a3e4b012034991a82097d971fd1a4f20

Request headers

:path: /images/ekans/ekans_screenshot01.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: cc80588b6ee1fb9d3873f2f99f8552732340d44e
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 25570
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 0A6E:8870:701973:73E8CD:60F1C371
x-timer: S1626456946.994502,VS0,VE85
etag: "5f1c8d9c-63e2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot02.png
idafchev.github.io/images/ekans/ 24 KB
24 KB 91ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot02.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 3082ef0ff78b193e8f9f9731c8eb0fb832875cd7f8b972cbf628d15d51c3fd82

Request headers

:path: /images/ekans/ekans_screenshot02.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 00438b1ffdb6b97223b9a24f855a385fa4389198
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 24785
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: B4F8:EAA8:573A4:7370B:60F1C371
x-timer: S1626456946.996053,VS0,VE84
etag: "5f1c8d9c-60d1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot03.png
idafchev.github.io/images/ekans/ 27 KB
27 KB 96ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot03.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: b724464333517b3c642de650e4737666c6f638e27df9a2ace34a8fc239037584

Request headers

:path: /images/ekans/ekans_screenshot03.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: b0bf87aa8e680652b1537c3a6112a1baeb092fa5
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 27462
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 7216:A749:B178A8:BA8A30:60F1C372
x-timer: S1626456946.007112,VS0,VE84
etag: "5f1c8d9c-6b46"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot04.png
idafchev.github.io/images/ekans/ 18 KB
19 KB 102ms
97ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot04.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: f86b4c252d6a08b7108929dd5a1227937e4878cb0ec0bffa637ad5061fafbd42

Request headers

:path: /images/ekans/ekans_screenshot04.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: d21f1ef3052ad623a924da30e64ad6e4ef8a2855
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 18768
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 0CA4:35B3:908AC5:97E87B:60F1C372
x-timer: S1626456946.007102,VS0,VE89
etag: "5f1c8d9c-4950"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot05.png
idafchev.github.io/images/ekans/ 8 KB
9 KB 101ms
96ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot05.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: b80955d55cce69b4e3569cc920f1c3cb11aaf669adebf3b8e57c4face19ffc19

Request headers

:path: /images/ekans/ekans_screenshot05.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: b1901c25108cae7d70db16044cfeb7ecfba2d34d
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 8589
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: FCD2:71D1:FE31E:105434:60F1C372
x-timer: S1626456946.007303,VS0,VE88
etag: "5f1c8d9c-218d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot07.png
idafchev.github.io/images/ekans/ 56 KB
56 KB 104ms
99ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot07.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: cd22afec80df6cd11a6ec223dd2edba47ff5155ab583e34b8dbea33ed8e89307

Request headers

:path: /images/ekans/ekans_screenshot07.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 63ef23a0bda355e2926f6c433f6351b88a5e867d
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 57068
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 4648:8870:701975:73E8D1:60F1C372
x-timer: S1626456946.007288,VS0,VE89
etag: "5f1c8d9c-deec"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot08.png
idafchev.github.io/images/ekans/ 33 KB
33 KB 97ms
93ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot08.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 93a42499e8851cae1d19dd78ab5d9f17fa26a783ab7d85a9db7ccb5bc962cf37

Request headers

:path: /images/ekans/ekans_screenshot08.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.1.405857213.1626456946
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 4ebf3f8ba5085eee4c9734365df82089ef6ebc33
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 33722
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: B90C:3151:2FC303:354EC6:60F1C372
x-timer: S1626456946.108892,VS0,VE86
etag: "5f1c8d9c-83ba"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot09.png
idafchev.github.io/images/ekans/ 14 KB
14 KB 96ms
92ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot09.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 5980acaa48bc28ae354b76b71297b24d90dfcf43f5dc9fdbe494b4926dbadefb

Request headers

:path: /images/ekans/ekans_screenshot09.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.1.405857213.1626456946
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 7cd30e5271d14608301999c89fe96acc27044021
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 14217
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: F12A:B504:A268B2:A78239:60F1C372
x-timer: S1626456946.108882,VS0,VE85
etag: "5f1c8d9c-3789"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot10.png
idafchev.github.io/images/ekans/ 42 KB
42 KB 95ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot10.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: b35b2b1619023c11ca83bd55dfdd9f8b88ee8d53300e6559f7de98077ded7ef4

Request headers

:path: /images/ekans/ekans_screenshot10.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.1.405857213.1626456946
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: b6983df4db124c7fe7df8805ee7ec87b887efebf
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 43247
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 3DAC:71D0:6CC3F:719EC:60F1C372
x-timer: S1626456946.109209,VS0,VE84
etag: "5f1c8d9c-a8ef"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot11.png
idafchev.github.io/images/ekans/ 60 KB
60 KB 96ms
94ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot11.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 983f0dab251298a43a44a5fd10930aa94323855b91eca084780e117f6885cb9a

Request headers

:path: /images/ekans/ekans_screenshot11.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.1.405857213.1626456946
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: d7ad8156760f26bac679aa67a0b9edb7c80fea14
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 61468
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 8E9A:BBBD:3AD1E4:3C58A2:60F1C372
x-timer: S1626456946.109333,VS0,VE87
etag: "5f1c8d9c-f01c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot12.png
idafchev.github.io/images/ekans/ 89 KB
89 KB 96ms
95ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot12.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 0b49749f51cfa4491c9db20fbe920e73bed24c8d9b277b8736395bfee4d8fe52

Request headers

:path: /images/ekans/ekans_screenshot12.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.1.405857213.1626456946
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: fcfc1cc43846b764bdb6a7bb6cba671a41cb3884
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 91316
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 8560:A749:B178AA:BA8A35:60F1C372
x-timer: S1626456946.109326,VS0,VE88
etag: "5f1c8d9c-164b4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot13.png
idafchev.github.io/images/ekans/ 16 KB
17 KB 94ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot13.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: d7dfe73fbb5bbad33e6f6bf2c94444eec29986bbc601309e340e7a326dbd1bc9

Request headers

:path: /images/ekans/ekans_screenshot13.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 03f04a96406cf61e5db940d1fe2ba816f646cb0f
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 16664
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 0CA4:35B3:908ACB:97E882:60F1C372
x-timer: S1626456946.205816,VS0,VE84
etag: "5f1c8d9c-4118"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot06.png
idafchev.github.io/images/ekans/ 28 KB
28 KB 96ms
94ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot06.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 423b400e91438ba5b4136cd2dd5fe2f56648ea5beaac5c82b32e475ac724303d

Request headers

:path: /images/ekans/ekans_screenshot06.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 7f6333b6aac7a5ae28ba7aaba47aa09631a3131c
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 28219
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: FCD2:71D1:FE32D:105445:60F1C372
x-timer: S1626456946.205999,VS0,VE87
etag: "5f1c8d9c-6e3b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot14.png
idafchev.github.io/images/ekans/ 47 KB
47 KB 94ms
93ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot14.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 52dbef08a9012cd4ee6fa236c834bf988e766217017a4de3a90f977c98030b6c

Request headers

:path: /images/ekans/ekans_screenshot14.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 4d6f1ad564caa622eb95ed34c31a143785e67db7
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 48348
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: B4F8:EAA8:573A6:7370C:60F1C372
x-timer: S1626456946.206471,VS0,VE87
etag: "5f1c8d9c-bcdc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot15.png
idafchev.github.io/images/ekans/ 12 KB
12 KB 91ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot15.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: b72cd9cbad689d6645c69684f770e93b55d46a8df4997d43a8b6d439f08e2ef9

Request headers

:path: /images/ekans/ekans_screenshot15.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: bf9ed4c496f1913193264f2125b4bf532c2cbc5e
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 12240
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: C010:B75B:6DD589:735812:60F1C372
x-timer: S1626456946.211225,VS0,VE84
etag: "5f1c8d9c-2fd0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot16.png
idafchev.github.io/images/ekans/ 6 KB
6 KB 91ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot16.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 7eea60e1ff17305ff494bda5655c80fd694e33c2548a2df2023e10552cd62c0f

Request headers

:path: /images/ekans/ekans_screenshot16.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: caaa3e53ac5a0374fe4d07f055160e0c912b2a62
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 6251
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 1A8C:830C:8DFD2:99DBE:60F1C372
x-timer: S1626456946.216686,VS0,VE84
etag: "5f1c8d9c-186b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot17.png
idafchev.github.io/images/ekans/ 6 KB
6 KB 92ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot17.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 485d0df7e4cfd91ae2342f3617a0f121b21b27c1bf609e32f2a2bd1f259cabf1

Request headers

:path: /images/ekans/ekans_screenshot17.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 2e7408326dfe58a2331d112dc93addc321e63a2b
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 5912
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 205C:B504:A268BB:A78242:60F1C372
x-timer: S1626456946.216912,VS0,VE84
etag: "5f1c8d9c-1718"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot21.png
idafchev.github.io/images/ekans/ 52 KB
52 KB 93ms
92ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot21.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: eb316349447a72ef22c5f2c49cc755bb6d21819371371254e4abbb7b8217211b

Request headers

:path: /images/ekans/ekans_screenshot21.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: ef9bbe63e59c623983f1073ad9090467b37e6012
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 52737
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 3DFA:3153:1115EF0:11AC737:60F1C372
x-timer: S1626456946.298163,VS0,VE85
etag: "5f1c8d9c-ce01"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot20.png
idafchev.github.io/images/ekans/ 23 KB
23 KB 93ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot20.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 61e5aaad8460d4c269df937286ddadb22330eb502491ea6a9fa0309ab6b95222

Request headers

:path: /images/ekans/ekans_screenshot20.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 2b96668657bf53a5d49fc486fcb623d1d0b4ed3d
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 23687
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: E41C:A74A:177165B:183ADA3:60F1C372
x-timer: S1626456946.302754,VS0,VE84
etag: "5f1c8d9c-5c87"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot22.png
idafchev.github.io/images/ekans/ 29 KB
29 KB 93ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot22.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 180eb19b09ca79b99c0c02545d3cb259486c15e100eb331f26cda0ac93021703

Request headers

:path: /images/ekans/ekans_screenshot22.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: d058b261c9c33e1674635c9f4a48343161dc52b9
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 29834
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: CD22:EC54:F2D49:FCF66:60F1C372
x-timer: S1626456946.303042,VS0,VE84
etag: "5f1c8d9c-748a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot36.png
idafchev.github.io/images/ekans/ 50 KB
50 KB 93ms
92ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot36.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: df1ff862d8abb2b126d8e092d1ec291efdbfcb9018230ab8f91f2428abea2dff

Request headers

:path: /images/ekans/ekans_screenshot36.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 1e1f8dc94e298ba26fa4a314d398217e989fad50
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 51287
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: A1AA:830E:31F153:3334DB:60F1C372
x-timer: S1626456946.303719,VS0,VE85
etag: "5f1c8d9c-c857"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot24.png
idafchev.github.io/images/ekans/ 78 KB
78 KB 92ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot24.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: da20142e5f9f33e49f2a7d4e976e2be8f49402f889e82a8510e9791f08cb6824

Request headers

:path: /images/ekans/ekans_screenshot24.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 1f1df00ff20a6afaf4c2b4e089f5b2f688339f69
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 79873
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 43C4:B502:1CF4AD:1FF9B3:60F1C372
x-timer: S1626456946.308719,VS0,VE85
etag: "5f1c8d9c-13801"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot25.png
idafchev.github.io/images/ekans/ 38 KB
39 KB 91ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot25.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 51d50141231c04bc95d1fec719117c5c0eb753231c67d717b3deaaa3d22dedb8

Request headers

:path: /images/ekans/ekans_screenshot25.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 0024a893995ab0df28065cfc78fb9a04f1063007
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 39218
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 19AA:3152:8E180A:951CEF:60F1C372
x-timer: S1626456946.308851,VS0,VE84
etag: "5f1c8d9c-9932"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot26.png
idafchev.github.io/images/ekans/ 41 KB
41 KB 100ms
100ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot26.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 22c2dc7ff4bb9cacbe25f57dd71782129aec8bdc8870c3e2cfae9e9c5bd796d2

Request headers

:path: /images/ekans/ekans_screenshot26.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 582c34f7dd33d7ef4414159db7ccdf436bb865ed
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 42217
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: C2DE:A74A:1771662:183ADAB:60F1C372
x-timer: S1626456946.391016,VS0,VE93
etag: "5f1c8d9c-a4e9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot27.png
idafchev.github.io/images/ekans/ 60 KB
60 KB 95ms
94ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot27.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 440377acc20a60091a68181a7869aa3a4b0e10c1b197a67723e364b52f866e6c

Request headers

:path: /images/ekans/ekans_screenshot27.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: d9921ff98ab2bb631bdcea50569fc22bbac97e1c
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 61215
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 5C80:EC54:F2D4A:FCF68:60F1C372
x-timer: S1626456946.395299,VS0,VE88
etag: "5f1c8d9c-ef1f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot28.png
idafchev.github.io/images/ekans/ 18 KB
18 KB 92ms
92ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot28.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 769886ed07e27ca33207d9132b341e33a6763b4d210af26e6f5fdb8a54b50c07

Request headers

:path: /images/ekans/ekans_screenshot28.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 2a6ddf18b655b512fa4a2e02c223bf861cac5f1a
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 18199
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 3D9E:BBBC:1C169F:1D3682:60F1C372
x-timer: S1626456946.395846,VS0,VE84
etag: "5f1c8d9c-4717"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot29.png
idafchev.github.io/images/ekans/ 14 KB
15 KB 91ms
91ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot29.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 5a96168921299cd5912dfd064f3740ab03969885722fde550d400bdc26ef3736

Request headers

:path: /images/ekans/ekans_screenshot29.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 73f7fec7da44efb297d457e39c625a929fd1b662
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 14684
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 93A6:78BF:101704C:109DE42:60F1C372
x-timer: S1626456946.396507,VS0,VE85
etag: "5f1c8d9c-395c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot32.png
idafchev.github.io/images/ekans/ 50 KB
50 KB 94ms
94ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot32.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: bef746df93dd761ad98d23c0d493e2b76403171dae3bba329100b26a24c35b05

Request headers

:path: /images/ekans/ekans_screenshot32.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 1bb363d82640ffceee97e4a51303270432f95758
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 51288
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 98F6:78BF:101704C:109DE46:60F1C372
x-timer: S1626456946.403186,VS0,VE85
etag: "5f1c8d9c-c858"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot34.png
idafchev.github.io/images/ekans/ 39 KB
40 KB 92ms
92ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot34.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 68bb9bddc24bcc3ede8bede6448af2cebe335c2eafc58f6050a396ad3a37277b

Request headers

:path: /images/ekans/ekans_screenshot34.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: bd941999a3636ee388dfe1371832f44b28ae8b66
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 40379
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 5BFE:BBBD:3AD1F9:3C58BD:60F1C372
x-timer: S1626456946.403203,VS0,VE84
etag: "5f1c8d9c-9dbb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ekans_screenshot37a.png
idafchev.github.io/images/ekans/ 31 KB
32 KB 91ms
90ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/images/ekans/ekans_screenshot37a.png
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: cec955ed0f3ee60c8f10c4e70dcadaab99e0235db990e7fc25f0351bf78e7ac5

Request headers

:path: /images/ekans/ekans_screenshot37a.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 861b5382db45fcf2a7fd03b4244dd188bfd6875f
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 32249
x-served-by: cache-hhn4031-HHN
last-modified: Sat, 25 Jul 2020 19:53:00 GMT
server: GitHub.com
x-github-request-id: 7982:71D0:6CC55:71A04:60F1C372
x-timer: S1626456946.488590,VS0,VE84
etag: "5f1c8d9c-7df9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 17:45:46 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
49 KB 43ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RM4CJG36RJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-110057192-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0196e0feae010a2bceaff2416629b178eb65732cb2dd5686a70cd07b512666fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50614
x-xss-protection: 0
expires: Fri, 16 Jul 2021 17:35:46 GMT

GET
H2 200 hr.gif
idafchev.github.io/assets/images/ 1 KB
1 KB 95ms
95ms Image
image/gif 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idafchev.github.io/assets/images/hr.gif
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: ac414d4843b7d3e4d118bfdd2b7dfe6900d4a5c5961e53ae42aa52a1da63fbf1

Request headers

:path: /assets/images/hr.gif
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.1.405857213.1626456946
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: f5ccd3f09676d656784a4f5956557127a7e545a5
date: Fri, 16 Jul 2021 17:35:46 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 1121
x-served-by: cache-hhn4031-HHN
last-modified: Fri, 24 Jul 2020 02:41:10 GMT
server: GitHub.com
x-github-request-id: 37EC:78BE:7CD6BA:82ED3E:60F1A898
x-timer: S1626456946.096961,VS0,VE88
etag: "5f1a4a46-461"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
expires: Fri, 16 Jul 2021 15:51:12 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 404 bullet.png
idafchev.github.io/images/ 9 KB
9 KB 91ms
91ms Image
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://idafchev.github.io/images/bullet.png

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

f04f89ad9d4d1a4e84531986d45ecff9d2a46395f8732e29f203d915eb25310b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:path: /images/bullet.png
pragma: no-cache
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 6e134ea63bd47af7af79807a1c3ffef12d58556f
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5f1a48a3-247b"
age: 0
x-cache: MISS
content-length: 5232
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: 5FE8:8540:12CFB6:14FD0F:60F1C372
x-timer: S1626456946.488938,VS0,VE84
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 404 OpenSans-Light-webfont.woff
idafchev.github.io/fonts/ 0
0 96ms
95ms Font
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.github.io/fonts/OpenSans-Light-webfont.woff

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:path: /fonts/OpenSans-Light-webfont.woff
pragma: no-cache
origin: https://idafchev.github.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://idafchev.github.io
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 24141c9cb6b18b1185fd339972ff7a739aedd920
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5f5ffe29-247b"
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 5232
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: FA92:35B3:908AC4:97E87A:60F1C372
x-timer: S1626456946.007633,VS0,VE88
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 404 OpenSans-Regular-webfont.woff
idafchev.github.io/fonts/ 0
0 95ms
94ms Font
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.github.io/fonts/OpenSans-Regular-webfont.woff

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:path: /fonts/OpenSans-Regular-webfont.woff
pragma: no-cache
origin: https://idafchev.github.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://idafchev.github.io
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 39779005fc2bc928f91449470245338c7b7273e1
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5ececa4d-247b"
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 5232
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: 8C90:BBBC:1C1690:1D366E:60F1C372
x-timer: S1626456946.007621,VS0,VE87
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 404 OpenSans-Bold-webfont.woff
idafchev.github.io/fonts/ 0
0 97ms
96ms Font
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.github.io/fonts/OpenSans-Bold-webfont.woff

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

:path: /fonts/OpenSans-Bold-webfont.woff
pragma: no-cache
origin: https://idafchev.github.io
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://idafchev.github.io
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: d3ab2173d4fe7e48f09a34904560b585fe37e00b
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5ececa4d-247b"
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 5232
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: CFFA:2C28:89F860:91339F:60F1C372
x-timer: S1626456946.007599,VS0,VE88
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS

GET
H/1.1 200
OK embed.js Show response
idafchev.disqus.com/ 75 KB
25 KB 163ms
136ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.disqus.com/embed.js

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

bfb57d60be4c60d7edad85ef251ef2aafccd0deb849b8920f15b0a1258c994fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:46 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24772

POST
H2 204 collect
www.google-analytics.com/g/ 0
65 B 14ms
14ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RM4CJG36RJ&gtm=2oe7e0&_p=679721000&sr=1600x1200&ul=en-us&cid=405857213.1626456946&_s=1&dl=https%3A%2F%2Fidafchev.github.io%2F&dt=Home%20%7C%20Ring%200x00&sid=1626456945&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RM4CJG36RJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 17:35:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://idafchev.github.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-110057192-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6134
date: Fri, 16 Jul 2021 15:53:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 16 Jul 2021 17:53:32 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=679721000&t=pageview&_s=1&dl=https%3A%2F%2Fidafchev.github.io%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Ring%200x00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1055236813&gjid=1110991896&cid=405857213.1626456946&tid=UA-110057192-1&_gid=1884227849.1626456946&_r=1&gtm=2ou7e0&z=517165672

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 17:35:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://idafchev.github.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 OpenSans-Regular-webfont.ttf
idafchev.github.io/fonts/ 0
0 91ms
90ms Font
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.github.io/fonts/OpenSans-Regular-webfont.ttf

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

sec-fetch-mode: cors
origin: https://idafchev.github.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
:path: /fonts/OpenSans-Regular-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://idafchev.github.io
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 95b19bba33f9a4be23a3baa4263192ac7e6d67c6
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5ececa4d-247b"
age: 0
x-cache: MISS
content-length: 5232
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: 6F34:8542:6C988D:703EDE:60F1C372
x-timer: S1626456946.119650,VS0,VE84
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 404 OpenSans-Light-webfont.ttf
idafchev.github.io/fonts/ 0
0 95ms
95ms Font
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.github.io/fonts/OpenSans-Light-webfont.ttf

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

sec-fetch-mode: cors
origin: https://idafchev.github.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
:path: /fonts/OpenSans-Light-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://idafchev.github.io
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: f0dd0eb9b4f23d9b883575511d1d047fc70f4253
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5f99a0e5-247b"
age: 0
x-cache: MISS
content-length: 5232
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: 7216:A749:B178AB:BA8A37:60F1C372
x-timer: S1626456946.119995,VS0,VE87
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 404 OpenSans-Bold-webfont.ttf
idafchev.github.io/fonts/ 0
0 95ms
95ms Font
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.github.io/fonts/OpenSans-Bold-webfont.ttf

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

sec-fetch-mode: cors
origin: https://idafchev.github.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_RM4CJG36RJ=GS1.1.1626456945.1.0.1626456945.0; _ga=GA1.3.405857213.1626456946; _gid=GA1.3.1884227849.1626456946; _gat_gtag_UA_110057192_1=1
:path: /fonts/OpenSans-Bold-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: idafchev.github.io
referer: https://idafchev.github.io/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://idafchev.github.io
Referer: https://idafchev.github.io/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: be8d957de22398c3789c9fdda55b4cd5cf4132a3
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5f1a48a3-247b"
age: 0
x-cache: MISS
content-length: 5232
x-served-by: cache-hhn4031-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: CFFA:2C28:89F867:9133A5:60F1C372
x-timer: S1626456946.120974,VS0,VE87
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 40ms
13ms Other
text/css 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339279
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Zklw_JWCFkbjx6wWnMdD3IohykGQFNca4r9CH1svQn7hgJnoWQTTfg==
x-cache-hits: 0

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ 0
93 KB 50ms
22ms Other
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3366330
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: JraZafLnqbDUu6fXZVENZeIZ-m05KWGl6NMPDFhDMor7IB6-TWm10w==
x-cache-hits: 0

GET
H2 200 lounge.bundle.2a32e5c6479e46af458ecd884be3a615.js
c.disquscdn.com/next/embed/ 0
118 KB 63ms
36ms Other
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.2a32e5c6479e46af458ecd884be3a615.js

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339279
x-cache: Hit from cloudfront
content-length: 120447
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-1d67f"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 7zallfwxh6-8l4a8e9A5lZIYLDO8l1JKEuP6-eDBat-u4kbhauPuZg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 51ms
16ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:46 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12153
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
idafchev.disqus.com/ 62 KB
21 KB 156ms
156ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://idafchev.disqus.com/recommendations.js

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

85cff94ab46d88b50ef23165092180c2e77d7892e9484a97d9cb48ea92825d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:46 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20833

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 3566 8 KB
4 KB 99ms
99ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2ea01f8fab21f72eb66298d5beeb837b40e55833e4937b9658e1dd4ea2afb0ee

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://idafchev.github.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://idafchev.github.io/

Response headers

Connection: keep-alive
Content-Length: 3228
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 11 Jul 2021 05:06:23 GMT
ETag: W/"lounge:view:8140742174.80facf061f4b37d7d5eda307a4b803cf.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 16 Jul 2021 17:35:46 GMT
Age: 13
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 0
4 KB 12ms
11ms Other
text/css 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 10:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6161071
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 10:11:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: WW2mh68Hn1AOVG19ZyYdm6SKdYXkjItZrZVsjGbnYWyEaVpUCKA-fA==
x-cache-hits: 0

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js
c.disquscdn.com/next/recommendations/ 0
87 KB 13ms
12ms Other
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3366337
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 3PboBuaY7NvTUr4yQctFQE6HBH1iP7TCB6pye2Dt6CGq-se53NxJZg==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.37a289e2ed6acdf6cbf01e83d4fb3ce6.js
c.disquscdn.com/next/recommendations/ 0
20 KB 15ms
14ms Other
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.37a289e2ed6acdf6cbf01e83d4fb3ce6.js

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1378875
x-cache: Hit from cloudfront
content-length: 20103
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 30 Jun 2021 17:42:54 GMT
server: nginx
etag: "60dcad1e-4e87"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Thu, 30 Jun 2022 18:34:31 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: VEFWyKZPCJc9kDVtd9Sf79iB3fG0Og8vSud09Lwr2ShnXt6hnjMFUg==
x-cache-hits: 0

GET
H2 200 lounge.load.1d62d7a68460a7a82d224c1ca569e248.js Show response
c.disquscdn.com/next/embed/ Frame 3566 1 KB
1 KB 36ms
12ms Script
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.1d62d7a68460a7a82d224c1ca569e248.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3b226850bc42f1b18c9689bb2b502dea3693cd4926a438992b7d1008e2211746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339278
x-cache: Hit from cloudfront
content-length: 533
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-215"
content-type: application/javascript; charset=utf-8
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: yAc4cCkxBfVEcuWvfnCPsVTmz7bKss5oXUMtjMbbRG0u3ArLXBhCAg==
x-cache-hits: 0

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js Show response
c.disquscdn.com/next/embed/ Frame 3566 282 KB
93 KB 12ms
12ms Script
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.1d62d7a68460a7a82d224c1ca569e248.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3366330
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Z96E-_j1dt0fUOMZhr8vF1qPm0-c3Ulrebb0QZ1pJDuTOoyReTPqPg==
x-cache-hits: 0

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ Frame 3566 163 KB
26 KB 12ms
11ms Stylesheet
text/css 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339279
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: x0BdmvlBJZfiw9JLVTUyA_EPmyHRl0QEFF71jsdGkmQxYB-PIuKJ4g==
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 2A32 6 KB
3 KB 115ms
115ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=idafchev&t_u=https%3A%2F%2Fidafchev.github.io%2F&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c10ae101338ed09194a9a6b1a5000f7878e89fa883579bc43cce572dfcb48ef0

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://idafchev.github.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://idafchev.github.io/

Response headers

Connection: keep-alive
Content-Length: 2376
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 12 Aug 2019 22:50:32 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 16 Jul 2021 17:35:46 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.bundle.2a32e5c6479e46af458ecd884be3a615.js Show response
c.disquscdn.com/next/embed/ Frame 3566 467 KB
118 KB 12ms
12ms Script
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.2a32e5c6479e46af458ecd884be3a615.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9d94a3f224f6f4b40fbb6b778570ea9097a5490e651bf627ba549b3d9223112f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339279
x-cache: Hit from cloudfront
content-length: 120447
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-1d67f"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: v4e5scuVLQvBNaLE_sAUr3M9XQBhJL1M0UZCxD09qa9exa0nqn5rig==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 3566 12 KB
12 KB 21ms
7ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

992caeeef5c8ce8d12cd5bfa0aef3922f4013d082f147e886d847ac071991a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:46 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12153
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 3566 3 KB
4 KB 116ms
115ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=idafchev&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ff08ad4ae805a2e7afc7f89bc42436f80dbec77db3c0c2aeb6f446ece00d0ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3233
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 3566 2 KB
2 KB 24ms
6ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1624570071/images/noavatar92.png

Requested by

Host: idafchev.github.io
URL: https://idafchev.github.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 18:53:57 GMT
server: nginx
age: 1547477
etag: "60d4d4c5-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CuKOWug1Tl31GITn7e6Q8TK4A8JwMtpFSCR3qynTLsqqsWnjs1SaoQ==
expires: Wed, 28 Jul 2021 19:44:30 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 3566 13 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6836285
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dwuXEuxnhlLpiSzu41cBGmujxODunHCdBEyCOS0HGok2KKyc5HughQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 3566 3 KB
3 KB 12ms
11ms Image
image/gif 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 14128659
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZPdbXPuQDkE9b3pLCmsqDjEJ0nnhXgy-hFancevg2xkkjeIYkZxi5g==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 3566 2 KB
2 KB 12ms
12ms Image
image/png 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:47:19 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3048507
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 10 Jun 2021 21:33:44 GMT
server: nginx
etag: "60c28538-746"
content-type: image/png
access-control-allow-origin: *
expires: Sat, 11 Jun 2022 10:47:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SiaAf9m1Z1_9H3TU_3G2oiIv05bBlrqZ-2VlGmSN55tIr0JGuFty7g==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 3566 8 KB
8 KB 12ms
12ms Font
application/octet-stream 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6338052
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xIm78iI_gPo1q0TzUih_Fv-xvpKINnJMkKKg6F8_vDzMphJmcPniHg==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 12ms
11ms Script
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: idafchev.disqus.com
URL: https://idafchev.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6228616
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: vYK36gWwZqigll4VvA9s7uQFOnJ8B5FXO0ZcQoQ4idXZQ3-waiTjcw==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 3566 2 KB
2 KB 7ms
6ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1624570071/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.2a32e5c6479e46af458ecd884be3a615.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 18:53:57 GMT
server: nginx
age: 1547477
etag: "60d4d4c5-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CuKOWug1Tl31GITn7e6Q8TK4A8JwMtpFSCR3qynTLsqqsWnjs1SaoQ==
expires: Wed, 28 Jul 2021 19:44:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3566 3 KB
2 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4119ae26da3a9d40132638f09b38c5752338c865aeb2ef5647fec1d29512d10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QJkkjMocJMHRRtXE3BOLNg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 58uf+044s4VfmdkXH0oHE0oUw26y+4JTzVBaME/6Ghh4IjhoSpgJSt+osrPtovKwBxdD7dj1ws+Lu0E7jkV+8A==
x-fb-trip-id: 686109401
x-fb-content-md5: 35ac72999d14f0ee19678593122d92bd
x-frame-options: DENY
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c78f20a66dee162a229a1612ddfa794a"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 16 Jul 2021 17:52:20 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 3566 12 KB
5 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

434a4b8125a48bbd77e6dd64bb0ee642cc22e3c9bb525034d1532fb87632be2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gs6AChwVuIgVKyKrePgvcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "3cf5d77c9aa60e34852a4d4794789e56"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Gs6AChwVuIgVKyKrePgvcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 16 Jul 2021 17:35:46 GMT

GET
H2 200 recommendations.load.d21c88f023def29b898231ae9d2cafb8.js Show response
c.disquscdn.com/next/recommendations/ Frame 2A32 923 B
1020 B 12ms
11ms Script
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.d21c88f023def29b898231ae9d2cafb8.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=idafchev&t_u=https%3A%2F%2Fidafchev.github.io%2F&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8560d2f34792426340aa3375a67eec4d07388433aec166c0c860a68e1096d4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1378874
x-cache: Hit from cloudfront
content-length: 447
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 30 Jun 2021 17:42:54 GMT
server: nginx
etag: "60dcad1e-1bf"
content-type: application/javascript; charset=utf-8
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
expires: Thu, 30 Jun 2022 18:34:32 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: bWqi5tLLYUFghVLNUVswxgbaav99RAwKSMpy4dFr9nkv0LYcZdw0aA==
x-cache-hits: 0

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 49ms
24ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=4.693916378100066
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:46 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 8
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 66fcfd2e3fad4dbe-FRA
x-amz-request-id: 9XASVBPZZ8WMPQ1Y
x-amz-id-2: pMKguQPpwTprnkBouPC+bayQrVoLCHZ6TrT0OgWZdfwvxczOfNycx8DBPVGD9kavO0wDreinU127ASoHSbVa+Q==

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
439 B 44ms
19ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=4.693916378100066
Requested by: Host: idafchev.github.io
URL: https://idafchev.github.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:46 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 8
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 66fcfd2e3faf4dbe-FRA
x-amz-request-id: 9XASVBPZZ8WMPQ1Y
x-amz-id-2: pMKguQPpwTprnkBouPC+bayQrVoLCHZ6TrT0OgWZdfwvxczOfNycx8DBPVGD9kavO0wDreinU127ASoHSbVa+Q==

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 3566 13 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6836285
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OUlD-a6eVOj1bXngvVaa8rksjMbD3YRDWPnBq94ykWTwbvqvT8yqow==
x-cache-hits: 0

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js Show response
c.disquscdn.com/next/recommendations/ Frame 2A32 262 KB
87 KB 12ms
12ms Script
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.d21c88f023def29b898231ae9d2cafb8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3366337
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: gcWb-AZ4r1K_0fKUDAzujDB-f8r6Q2jfSic2YFGMaLAokeDQU97Qog==
x-cache-hits: 0

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3566 234 KB
68 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bb5f42a32f9bce28507d9349c7ccfbe0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9aabf547782a842f5326e154349065808112493d221445a094ef6168bdc7ca7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: N0tsoStlIGNpBR9s/v39KQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69535
x-fb-rlafr: 0
x-fb-debug: U8hz8L3qH94qS9D1lqLzUNEMdPcDzCu2OVGcepJ2gRjhcWH1IX+KptcXVB7CsT3KiVU6s6W9ANRbTx6JaC4wlw==
x-fb-content-md5: 14ab182ddea54ef20d37a8e8d554a180
x-frame-options: DENY
date: Fri, 16 Jul 2021 17:35:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a5ec61f5480c739413820e50397157ab"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Jul 2022 16:09:59 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ Frame 3566 102 KB
34 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66dc84eff4279521a92d581a7d875df3382a15620944aee348c0fac4b87646f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 20:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34654
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 20:42:02 GMT

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 2A32 17 KB
4 KB 12ms
11ms Stylesheet
text/css 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 10:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6161071
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 10:11:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: KHn1OvOytxFTaK6HQB3NlDDvYJ9BbctliWwRO1oqsAeyTKaeSgK2GA==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.37a289e2ed6acdf6cbf01e83d4fb3ce6.js Show response
c.disquscdn.com/next/recommendations/ Frame 2A32 65 KB
20 KB 12ms
11ms Script
application/javascript 2600:9000:2190:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.37a289e2ed6acdf6cbf01e83d4fb3ce6.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

922f390e4a57640ef5eef814166ea4b04eef303a2d2cf71f8c98d5f5be494e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1378875
x-cache: Hit from cloudfront
content-length: 20103
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 30 Jun 2021 17:42:54 GMT
server: nginx
etag: "60dcad1e-4e87"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Thu, 30 Jun 2022 18:34:31 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: NU7AqDY-2Mra0n6GvFtpMy6LAVCf39bYeyS-_c7FZF-0HR1g_iRPfg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 2A32 12 KB
12 KB 7ms
7ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

992caeeef5c8ce8d12cd5bfa0aef3922f4013d082f147e886d847ac071991a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/recommendations/?base=default&f=idafchev&t_u=https%3A%2F%2Fidafchev.github.io%2F&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:46 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12153
X-XSS-Protection: 1; mode=block

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 3566 0
0 123ms
110ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fidafchev.github.io&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Didafchev%26t_i%3D%252Fmalware_analysis%252F2020%252F07%252F24%252FEKANS_analysis.html%26t_u%3Dhttps%253A%252F%252Fidafchev.github.io%252Fmalware_analysis%252F2020%252F07%252F24%252FEKANS_analysis.html%26t_d%3DHome%2520%257C%2520Ring%25200x00%26t_t%3DHome%2520%257C%2520Ring%25200x00%26s_o%3Ddefault%23version%3D1d62d7a68460a7a82d224c1ca569e248&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: iWfefaCVilKMot+pgw0+kTBVq8kbK6mlx5fna3Lq05Gvqpi0jkM9REy4N6hAz2EPkVMkvN8HzQoobfsdP9Q3Rg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 16 Jul 2021 17:35:47 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 1239 513 B
636 B 19ms
19ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ili,ipu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6d728bc13fcb7b35a507dbec546a2321bf19e47ffcf038bcbb0fecd1a32e1b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aBpGl8jJQnBtdnloFBqbYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=219=ya9JIYfvEYgqSW8kUejx0vN-RbHkIfwr3rtNMbu8MGHJs77E66IHuE99Iu3IR3oOGCCZgpSnSHfgdZRtm3aHlA9nPHSIK7dSvuao71tWsySiJcd0Iv48-xaIx10vvFuc8Gr3YttadpXxyfHfjdl-c6O8_WGW_Q9XwqHLZ81Dvdk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Jul 2021 17:35:46 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-aBpGl8jJQnBtdnloFBqbYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 2A32 3 KB
4 KB 111ms
111ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=idafchev&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ff08ad4ae805a2e7afc7f89bc42436f80dbec77db3c0c2aeb6f446ece00d0ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=idafchev&t_u=https%3A%2F%2Fidafchev.github.io%2F&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3233
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 2A32 1 KB
2 KB 99ms
99ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=idafchev&thread=url%3Ahttps%3A%2F%2Fidafchev.github.io%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f3175494b707b2e703bb39a14a19cd62944c4abf7a7199e793bf608fdb9c717d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=idafchev&t_u=https%3A%2F%2Fidafchev.github.io%2F&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 13
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 1284
X-XSS-Protection: 1; mode=block

GET
H2 200 2679044947-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 1239 116 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2679044947-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f325616ea3aa279c3c24a7116c6546f9ce4e1f485c7d77739c771fecea458158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 10:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40448
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 14:32:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 10:50:32 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 1239 14 B
58 B 26ms
25ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/2679044947-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Fri, 16 Jul 2021 17:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 16 Jul 2021 18:35:47 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 3566 2 KB
2 KB 7ms
7ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1624570071/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.2a32e5c6479e46af458ecd884be3a615.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 17:35:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 18:53:57 GMT
server: nginx
age: 1547477
etag: "60d4d4c5-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CuKOWug1Tl31GITn7e6Q8TK4A8JwMtpFSCR3qynTLsqqsWnjs1SaoQ==
expires: Wed, 28 Jul 2021 19:44:30 GMT

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
295 B 115ms
98ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=failed_recommendations.server.undefined

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 3566 43 B
295 B 111ms
98ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=460&event=init_embed&thread=8140742174&forum=idafchev&forum_id=5176452&imp=5v1s6s112hcqgi&prev_imp&thread_slug=home_ring_0x00_75&user_type=anon&referrer=https%3A%2F%2Fidafchev.github.io%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=idafchev&t_i=%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_u=https%3A%2F%2Fidafchev.github.io%2Fmalware_analysis%2F2020%2F07%2F24%2FEKANS_analysis.html&t_d=Home%20%7C%20Ring%200x00&t_t=Home%20%7C%20Ring%200x00&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 17:35:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 300 B
736 B 128ms
110ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: ef33940c8a85da8a014ac1069019e5b6a9cf927b8496fe7f8d41feb219f3df4e

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 17:35:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://idafchev.github.io
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 300
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 35ms
35ms Image
image/gif 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 17:35:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
476 B 55ms
41ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 94c8a36e2d5893f474540f5e88dd5a2a32f4445d2d07ff31dddf0d507e9aa699

Request headers

Referer: https://idafchev.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 17:35:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://idafchev.github.io
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			disqus.com/	1970-01-19 19:47:38	Name: __jid Value: 5v1s6s112hcqgi
			.disqus.com/	1970-01-20 04:33:12	Name: disqus_unique Value: 5v01k1g34bg9l6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
accounts.google.com
ajax.googleapis.com
apis.google.com
c.disquscdn.com
cdn.viglink.com
connect.facebook.net
disqus.com
idafchev.disqus.com
idafchev.github.io
links.services.disqus.com
referrer.disqus.com
ssl.gstatic.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
151.101.12.134
151.101.12.64
151.101.128.134
151.101.14.49
185.199.108.153
2600:9000:2190:4200:6:8656:f5c0:93a1
2606:4700::6810:a40d
2a00:1450:4001:80e::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0196e0feae010a2bceaff2416629b178eb65732cb2dd5686a70cd07b512666fd
0b49749f51cfa4491c9db20fbe920e73bed24c8d9b277b8736395bfee4d8fe52
180eb19b09ca79b99c0c02545d3cb259486c15e100eb331f26cda0ac93021703
1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
22c2dc7ff4bb9cacbe25f57dd71782129aec8bdc8870c3e2cfae9e9c5bd796d2
2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51
2ea01f8fab21f72eb66298d5beeb837b40e55833e4937b9658e1dd4ea2afb0ee
3082ef0ff78b193e8f9f9731c8eb0fb832875cd7f8b972cbf628d15d51c3fd82
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3b226850bc42f1b18c9689bb2b502dea3693cd4926a438992b7d1008e2211746
4119ae26da3a9d40132638f09b38c5752338c865aeb2ef5647fec1d29512d10e
423b400e91438ba5b4136cd2dd5fe2f56648ea5beaac5c82b32e475ac724303d
434a4b8125a48bbd77e6dd64bb0ee642cc22e3c9bb525034d1532fb87632be2b
440377acc20a60091a68181a7869aa3a4b0e10c1b197a67723e364b52f866e6c
485d0df7e4cfd91ae2342f3617a0f121b21b27c1bf609e32f2a2bd1f259cabf1
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
51d50141231c04bc95d1fec719117c5c0eb753231c67d717b3deaaa3d22dedb8
52dbef08a9012cd4ee6fa236c834bf988e766217017a4de3a90f977c98030b6c
5980acaa48bc28ae354b76b71297b24d90dfcf43f5dc9fdbe494b4926dbadefb
5a96168921299cd5912dfd064f3740ab03969885722fde550d400bdc26ef3736
61e5aaad8460d4c269df937286ddadb22330eb502491ea6a9fa0309ab6b95222
66dc84eff4279521a92d581a7d875df3382a15620944aee348c0fac4b87646f1
68bb9bddc24bcc3ede8bede6448af2cebe335c2eafc58f6050a396ad3a37277b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
769886ed07e27ca33207d9132b341e33a6763b4d210af26e6f5fdb8a54b50c07
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7eea60e1ff17305ff494bda5655c80fd694e33c2548a2df2023e10552cd62c0f
8359fa1d7d9fe721eab498bd3da15fd627345deed221770261c35850e214a900
8560d2f34792426340aa3375a67eec4d07388433aec166c0c860a68e1096d4e1
85cff94ab46d88b50ef23165092180c2e77d7892e9484a97d9cb48ea92825d8f
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8956b2b57e667404fc8db9ea546592d3f1abf4462c8f321dd3cd4a1f67bf2d42
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a40fed2b6d4ab251ec8748f56c001bc9a9e1412442f914b4de687452e50a622
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
922f390e4a57640ef5eef814166ea4b04eef303a2d2cf71f8c98d5f5be494e76
93a42499e8851cae1d19dd78ab5d9f17fa26a783ab7d85a9db7ccb5bc962cf37
94c8a36e2d5893f474540f5e88dd5a2a32f4445d2d07ff31dddf0d507e9aa699
983f0dab251298a43a44a5fd10930aa94323855b91eca084780e117f6885cb9a
992caeeef5c8ce8d12cd5bfa0aef3922f4013d082f147e886d847ac071991a9e
9aabf547782a842f5326e154349065808112493d221445a094ef6168bdc7ca7a
9d94a3f224f6f4b40fbb6b778570ea9097a5490e651bf627ba549b3d9223112f
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a63f86368b767d22792722e142e8049a7d3d4715b51a9d565e6eb3cd4688b87f
ac414d4843b7d3e4d118bfdd2b7dfe6900d4a5c5961e53ae42aa52a1da63fbf1
b35b2b1619023c11ca83bd55dfdd9f8b88ee8d53300e6559f7de98077ded7ef4
b724464333517b3c642de650e4737666c6f638e27df9a2ace34a8fc239037584
b72cd9cbad689d6645c69684f770e93b55d46a8df4997d43a8b6d439f08e2ef9
b80955d55cce69b4e3569cc920f1c3cb11aaf669adebf3b8e57c4face19ffc19
bef746df93dd761ad98d23c0d493e2b76403171dae3bba329100b26a24c35b05
bfb57d60be4c60d7edad85ef251ef2aafccd0deb849b8920f15b0a1258c994fa
c10ae101338ed09194a9a6b1a5000f7878e89fa883579bc43cce572dfcb48ef0
c1e8fc151838c333303803f181fb7f22a3e4b012034991a82097d971fd1a4f20
c6d728bc13fcb7b35a507dbec546a2321bf19e47ffcf038bcbb0fecd1a32e1b9
cd22afec80df6cd11a6ec223dd2edba47ff5155ab583e34b8dbea33ed8e89307
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cec955ed0f3ee60c8f10c4e70dcadaab99e0235db990e7fc25f0351bf78e7ac5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7dfe73fbb5bbad33e6f6bf2c94444eec29986bbc601309e340e7a326dbd1bc9
da20142e5f9f33e49f2a7d4e976e2be8f49402f889e82a8510e9791f08cb6824
df1ff862d8abb2b126d8e092d1ec291efdbfcb9018230ab8f91f2428abea2dff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb316349447a72ef22c5f2c49cc755bb6d21819371371254e4abbb7b8217211b
ef33940c8a85da8a014ac1069019e5b6a9cf927b8496fe7f8d41feb219f3df4e
f04f89ad9d4d1a4e84531986d45ecff9d2a46395f8732e29f203d915eb25310b
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3175494b707b2e703bb39a14a19cd62944c4abf7a7199e793bf608fdb9c717d
f325616ea3aa279c3c24a7116c6546f9ce4e1f485c7d77739c771fecea458158
f86b4c252d6a08b7108929dd5a1227937e4878cb0ec0bffa637ad5061fafbd42
ff08ad4ae805a2e7afc7f89bc42436f80dbec77db3c0c2aeb6f446ece00d0ffa

idafchev.github.io Open in urlscan Pro 185.199.108.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

71 %IPv6

11 Domains

16 Subdomains

17 IPs

2 Countries

2237 kBTransfer

3500 kBSize

2 Cookies

16 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

idafchev.github.io Open in urlscan Pro
185.199.108.153 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

16
Subdomains

17
IPs

2
Countries

2237 kB
Transfer

3500 kB
Size

2
Cookies

95 HTTP transactions
0 data transactions