r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11332
Expires: Sat, 04 Feb 2023 09:46:06 GMT
Date: Sat, 04 Feb 2023 06:37:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9161
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 06:37:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10989
Expires: Sat, 04 Feb 2023 09:40:23 GMT
Date: Sat, 04 Feb 2023 06:37:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:43:35 GMT
content-type: application/json
age: 3219
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 33e1V+QaQ8digOwfyevs7A+/r6IfWM/aeTLRIM6fe+4aE/tS8kYwiASROoxruiO/rMhLJQEDB9vVjPKQos7gCg==
x-amz-request-id: YY9TRC8DVXN39M3X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 06:23:53 GMT
age: 801
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:37:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
attitudesinreverse.org/
72.167.78.206301 Moved Permanently 0 B IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: attitudesinreverse.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 06:37:14 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.host.air.ngo/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:07:19 GMT
age: 1796
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9917
Expires: Sat, 04 Feb 2023 09:22:32 GMT
Date: Sat, 04 Feb 2023 06:37:15 GMT
Connection: keep-alive
push.services.mozilla.com/
44.227.109.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.109.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q4Yu5mFo54wX1tcjHvH2pQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z4aUZyfEAc3NUj8drGvL6zytFfw=
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.9.20
142.250.74.106200 OK 639 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.9.20
IP 142.250.74.106:0
Hash 8ff9bf0da080c656b619be4929a8437f
296c9051db5e3ae848ea6d805738f31a7ace5059
9a63cb1251a9d76eb31d20b0e02bbd97ef14c9c8006c251e008d64933f68c160
GET /css?family=Open+Sans%3A400%2C600&ver=4.9.20 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 04 Feb 2023 06:37:16 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.host.air.ngo/
72.167.78.206200 OK 20 kB IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8017), with CRLF, LF line terminators
Hash c422c6c45d0afe8097368a5444160bef
43682bc213a8ac0421bdfa0a450f3024d4144d60
c5b710fec9861f077d4352c255a96a3b29c27c6512fca9102989d13aa347589c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:15 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Link: <http://www.host.air.ngo/wp-json/>; rel="https://api.w.org/", <http://www.host.air.ngo/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19721
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-845910069
142.250.74.40200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-845910069
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 1098b1152eab401812a4ee39721b9144
ec82b455ea78a7d7ffbdf37780217dc9fbf38ab5
d6832fb44715069d39e42a898161f0c5367ecc77eeced4db00ec02845f414e9c
GET /gtag/js?id=AW-845910069 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 06:37:16 GMT
expires: Sat, 04 Feb 2023 06:37:16 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.host.air.ngo/wp-includes/js/wp-emoji-release.min.js
72.167.78.206200 OK 4.3 kB URL HTTP/1.1 www.host.air.ngo/wp-includes/js/wp-emoji-release.min.js
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (9063)
Hash bc89387b6a6f886f99511cca233b5071
77c1103c6d84263a73bff007bd635750d5b26296
baf8e3410e57e5650ad72f25eb93d82ea36ac8bd51904948e3d2f2a05faa3e78
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 26 Feb 2022 04:58:06 GMT
ETag: "12807af-2ea7-5d8e4a930375b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4347
Keep-Alive: timeout=5
Content-Type: application/javascript
www.host.air.ngo/wp-content/mmr/cc4312d6-1443645735.min.css
72.167.78.206200 OK 10 kB URL HTTP/1.1 www.host.air.ngo/wp-content/mmr/cc4312d6-1443645735.min.css
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (50549), with no line terminators
Hash d5d5918ffb7c0957848a5edc2d0eb573
6a4e16a1a81c6ecf1e628824e38ea14ae563ddef
81f28c7e0d00a59aad711bc9572da18bc28d36004cd09fa1f51abca4e1926de2
GET /wp-content/mmr/cc4312d6-1443645735.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 04:26:25 GMT
ETag: "128026c-c575-5e4491edce690-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10331
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.host.air.ngo/wp-content/mmr/9c072bdd-1645851486.min.js
72.167.78.206200 OK 92 kB URL HTTP/1.1 www.host.air.ngo/wp-content/mmr/9c072bdd-1645851486.min.js
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash f8339b9ffdd178712677fbe8f5c9e5fd
1fc0061375faf9cf8f4fc1b8714f74aa5b9868a0
770bd578abd980441ad92b3163f755bbddf90c36fa1a62f2d651acac210a48e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mmr/9c072bdd-1645851486.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 04:26:26 GMT
ETag: "1280288-5551d-5e4491eed74f5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
attitudesinreverse.org/wp-content/plugins/all-in-one-event-calendar/cache/de1bb79a_ai1ec_parsed_css.css
72.167.78.206200 OK 78 kB URL HTTP/1.1 attitudesinreverse.org/wp-content/plugins/all-in-one-event-calendar/cache/de1bb79a_ai1ec_parsed_css.css
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4664b4d01a2be8e2f6a684d38f1abd97
c802d98681ba62504359f8bed35e14f18765a9b5
02c0d23592d2cb7a637f64639a7748f3255ad5ebbf984ba073942b209f1aa475
GET /wp-content/plugins/all-in-one-event-calendar/cache/de1bb79a_ai1ec_parsed_css.css HTTP/1.1
Host: attitudesinreverse.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 06 Jul 2018 23:09:08 GMT
ETag: "1a61964-41d49-5705cc03bcd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/css
www.host.air.ngo/wp-content/mmr/454e0fba-1506553112.min.css
72.167.78.206200 OK 45 kB URL HTTP/1.1 www.host.air.ngo/wp-content/mmr/454e0fba-1506553112.min.css
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 71d47421fa100e29207c6c4ee5aa50ed
31ea81f2eed926b0c066c98ac4b21dd31cf249bf
7edc3d6e156b04060ed6c6c6b1b1a8be0d17cffd7dbdacdc43293c1377fd51dd
GET /wp-content/mmr/454e0fba-1506553112.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:44 GMT
ETag: "128038c-6898b-5e449200bf2cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 44814
Keep-Alive: timeout=5
Content-Type: text/css
www.host.air.ngo/wp-content/mmr/aa0c1e55-1553871245.min.css
72.167.78.206200 OK 73 kB URL HTTP/1.1 www.host.air.ngo/wp-content/mmr/aa0c1e55-1553871245.min.css
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash a945078916a4f94621e188f1205bebb3
528c5cee4484519e51fcfc69a867f05518bd3e77
d2ffa725cd94f11bc6e6b40ba4578f6c5cc16d010c4004add117bb22769e36d8
GET /wp-content/mmr/aa0c1e55-1553871245.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:44 GMT
ETag: "128038b-93803-5e4492009df8b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/css
www.host.air.ngo/wp-content/mmr/abfa0b30-1443645801.min.css
72.167.78.206200 OK 54 kB URL HTTP/1.1 www.host.air.ngo/wp-content/mmr/abfa0b30-1443645801.min.css
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 37dd997a8f250d0fbfde5bcc43f14632
62db26fa44a485f7739ef1455a5a237e66f7a98b
9b20caeec38b2d38c19e8e66b7f09c5a62673cafe2516138e52459b32016136f
GET /wp-content/mmr/abfa0b30-1443645801.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:25 GMT
ETag: "1280265-51e56-5e4491edc6d77-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 54446
Keep-Alive: timeout=5
Content-Type: text/css
www.host.air.ngo/wp-content/mmr/a9092a64-1537291471.min.css
72.167.78.206200 OK 66 kB URL HTTP/1.1 www.host.air.ngo/wp-content/mmr/a9092a64-1537291471.min.css
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 18c2c2f35b7fe7333600e9a5d85d43fa
65b04f25720dcd1bfbe8d8aa841e497d01ab3abe
51a58c7c98e3d89858bc58cdaf2e8360984c831719c8ebcd31e46fc3e21ec36b
GET /wp-content/mmr/a9092a64-1537291471.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:29 GMT
ETag: "1280339-be579-5e4491f1f916f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10585
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10585
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10585
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Connection: keep-alive
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Mobile.png
72.167.78.206200 OK 964 B URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Mobile.png
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 60 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash be7313a3e00cea1214b4e92ae8994ff5
82d84e512df1e6f57689b156baf6070e56bc05c0
a5c9e4880e53ab5c73949de24e90d5816e6a0fc62cd8b1f05377ef4afa8d238b
GET /wp-content/uploads/2015/09/AIR_Logo_Mobile.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:34 GMT
ETag: "1be063b-3c4-568a1b11c5280"
Accept-Ranges: bytes
Content-Length: 964
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.host.air.ngo/wp-content/uploads/2015/09/Air-Logo-Web-Versions-Wide_Mobile.png
72.167.78.206200 OK 1.6 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2015/09/Air-Logo-Web-Versions-Wide_Mobile.png
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 170 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e027bd01062608b402aeae842f5dcd3
e6317d91660e7efeec297c1a00fc6da60400c27c
9627db9cc6b66c7c2886bf7cd6c03acc947cd5ba321f73259fc61116127f2e9b
GET /wp-content/uploads/2015/09/Air-Logo-Web-Versions-Wide_Mobile.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:31 GMT
ETag: "1be0640-650-568a1b0ee8bc0"
Accept-Ranges: bytes
Content-Length: 1616
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop.png
72.167.78.206200 OK 2.6 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop.png
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 144 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash 8db14987833ca79bfe9871cb55f6fa78
ab7e02d8c04a1eadea10ff14d8c11ba4f223bc38
b7912d342c9d8cc5d995572084ee1ab2efda5c525df398601e9713a193d08784
GET /wp-content/uploads/2015/09/AIR_Logo_Desktop.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:37 GMT
ETag: "1be0639-a07-568a1b14a1940"
Accept-Ranges: bytes
Content-Length: 2567
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 30415
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 30517
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 30403
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3Aregular%2C500&ver=3.13.4
142.250.74.106200 OK 8.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2C500&ver=3.13.4
IP 142.250.74.106:0
Hash adad52fa71b1bf340d1dfd3cbe9a6c24
22317e3a208d4de081d6390705a1fa4ab7a6e986
d142290587eba2a60d8d4ad8198a6d6a63e496f0553d043968fda1a21a7f0a86
GET /css?family=Roboto%3Aregular%2C500&ver=3.13.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 06:37:16 GMT
date: Sat, 04 Feb 2023 06:37:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 30226
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 31752
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44
142.250.74.40302 Found 251 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 14d579177a5cecc7be9e1477607323c8
25f95d742456fadc3c583e16b2483861d5dedafe
254a9d462ca1dc2a5bca6e363d2bc4bf346f9b36d51931cd3ab80c9edd0f2850
GET /gtm.js?id=GTM-KQ4BV44 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 04 Feb 2023 06:37:16 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.host.air.ngo
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:41:24 GMT
Expires: Fri, 02 Feb 2024 00:41:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
Age: 194152
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.host.air.ngo
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 254718
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.host.air.ngo/wp-content/mmr/4bbf2d7f-1645851486.min.js
72.167.78.206200 OK 137 kB URL HTTP/1.1 www.host.air.ngo/wp-content/mmr/4bbf2d7f-1645851486.min.js
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (137267 bytes)
Hash fbfcd42c360992732761ecc16ab13458
6e5ed57a9ee25aaa6c8652d47851f388e468d5b2
d730a8e4663bb266960024b6d91ccc4421cb83928edc7f40c163c2abd63035f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mmr/4bbf2d7f-1645851486.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 04:26:27 GMT
ETag: "128028b-8659f-5e4491eff0145-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
cdn.sucuri.net/badge/badge.js
192.124.249.16200 OK 3.3 kB URL HTTP/2 cdn.sucuri.net/badge/badge.js
IP 192.124.249.16:0
Hash 25db683a54bb4440d466bf9aed8ee510
c322fae782f73039dfe5edd8987dfb60daccf91e
2a116fbb01adc832de9e40d83751f068237ee3a4f6f5637e60afa0bd012b4f50
GET /badge/badge.js HTTP/1.1
Host: cdn.sucuri.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:37:17 GMT
content-type: application/javascript
content-length: 3313
x-sucuri-id: 19016
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 31 May 2017 03:54:14 GMT
etag: "cf1-550c9df9fe580"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
72.167.78.206200 OK 10 kB URL HTTP/1.1 www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21405), with CRLF, LF line terminators
Hash f5c76bfb81f5424f88133499db361034
a6d6846c71b8a992b87e52b0675ac0062486ebbc
d5acc9c3dfa699be369b713d462ddac66611636ac2b6a8f189ba0ad4ace0ab5d
GET /?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173 HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10246
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
platform.twitter.com/widgets.js
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 412
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:17 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F715)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
www.google-analytics.com/ga.js
216.239.36.178200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sat, 04 Feb 2023 05:08:15 GMT
Expires: Sat, 04 Feb 2023 07:08:15 GMT
Cache-Control: public, max-age=7200
Age: 5342
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sat, 04 Feb 2023 06:03:19 GMT
Expires: Sat, 04 Feb 2023 08:03:19 GMT
Cache-Control: public, max-age=7200
Age: 2038
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js
72.167.78.206200 OK 1.7 kB URL HTTP/1.1 www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4058), with no line terminators
Hash 8273dccfc6f9a92621d3511e27be7e17
9dacf494138157d6b5dcb1db3d4430c7eeef9cd0
3cac694b342a69d842510c68cab812b65b6640873710c52d4a496754fa0ee440
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 00:43:46 GMT
ETag: "1aa16df-fda-5735a80a37480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1654
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 05:44:08 GMT
expires: Sat, 04 Feb 2023 07:44:08 GMT
cache-control: public, max-age=7200
age: 3189
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.194200 OK 935 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2033), with no line terminators
Hash edffee978a75f9de2b575749d2189d97
de942600a4f8d78e65b797b4d568a3b6928f193a
b8bc37c8e378a70a992fa0aaabeaf97b8fa4c1775f84e3a1efc10dd615932d59
GET /pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 935
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 06:52:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&ct_cookie_present=1
216.58.207.194200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 06:52:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X.png
72.167.78.206200 OK 5.8 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X.png
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 288 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash eed5881179a496ea3b067417c06392ec
52060f6dd3e6f6cc4d6bafb337df7431f27b042d
58e33c3551e530eb92d097afbea9ffcd60f0b0fa2d2ccbe5f63af630a28a50d8
GET /wp-content/uploads/2015/09/AIR_Logo_Desktop-2X.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:38 GMT
ETag: "1be0638-1683-568a1b1595b80"
Accept-Ranges: bytes
Content-Length: 5763
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X-150x150.png
72.167.78.206200 OK 9.1 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X-150x150.png
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 915cbe795fc5afd47b8bb444f1ca91ec
e5135a2e8f584f5e4eb451e1da72bfa443d78e9c
abb0164e062a57e5358c0db8ed0b5d7879eb598ebfb77c679e49aa70f00bbd8d
GET /wp-content/uploads/2015/09/AIR_Logo_Desktop-2X-150x150.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:38 GMT
ETag: "1be0637-2371-568a1b1595b80"
Accept-Ranges: bytes
Content-Length: 9073
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e16924e677b1cf77abc2c90c36b01b58
7608b4371357596c60d3ff2aed7fa181a3e8fefc
485a64335baac7fd3bfcc0063493c27ab58a8fe46e0873fc64f619c19cd8c59b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/aGHrcfXNF5k/hqdefault.jpg
216.58.207.246200 OK 16 kB URL HTTP/2 i.ytimg.com/vi/aGHrcfXNF5k/hqdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 8b4daac142e3393e9226bf3bd2c4a6c5
791c3817141265a5470c22bf1d3b44e4fe331b4a
bba2e185fe65310a4a946deb19729b2db7ddda729fafaaeb2364f33884039147
GET /vi/aGHrcfXNF5k/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 16306
date: Sat, 04 Feb 2023 06:37:17 GMT
expires: Sat, 04 Feb 2023 08:37:17 GMT
cache-control: public, max-age=7200
etag: "1393453524"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896042
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:17 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/img/youtube.png
72.167.78.206200 OK 42 kB URL HTTP/1.1 www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/img/youtube.png
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 64 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 57c754062bf0068582dffb5e2a35a736
ce111a1b92561189a8c4526df1160c93babee089
e80b8c98ec2670982044c7f67688e82e59aebce59360cb7e03f973f3ef3341d7
GET /wp-content/plugins/rocket-lazy-load/assets/img/youtube.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 00:43:46 GMT
ETag: "1a82685-a5d1-5735a80a37480"
Accept-Ranges: bytes
Content-Length: 42449
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e16924e677b1cf77abc2c90c36b01b58
7608b4371357596c60d3ff2aed7fa181a3e8fefc
485a64335baac7fd3bfcc0063493c27ab58a8fe46e0873fc64f619c19cd8c59b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.host.air.ngo/wp-content/uploads/2018/03/dark-1.png
72.167.78.206200 OK 149 B URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2018/03/dark-1.png
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 1200 x 2, 8-bit/color RGBA, non-interlaced\012- data
Hash f8b111fcabf67d202ef38ab060af2168
e7b658309990845c2303f9194af69089e0cad3e7
7793010be642a25943ac112b45bc9ec14a6e845ef6d940d41b15f1f32423a9f5
GET /wp-content/uploads/2018/03/dark-1.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Sat, 17 Mar 2018 06:18:29 GMT
ETag: "1be08a0-95-56795b17b7740"
Accept-Ranges: bytes
Content-Length: 149
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=769490249&utmhn=www.host.air.ngo&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&utmhid=45572740&utmr=-&utmp=%2F&utmht=1675492672069&utmac=UA-29493171-1&utmcc=__utma%3D68077320.315079370.1675492672.1675492672.1675492672.1%3B%2B__utmz%3D68077320.1675492672.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412474969&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
216.239.36.178200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=769490249&utmhn=www.host.air.ngo&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&utmhid=45572740&utmr=-&utmp=%2F&utmht=1675492672069&utmac=UA-29493171-1&utmcc=__utma%3D68077320.315079370.1675492672.1675492672.1675492672.1%3B%2B__utmz%3D68077320.1675492672.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412474969&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
IP 216.239.36.178:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=769490249&utmhn=www.host.air.ngo&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&utmhid=45572740&utmr=-&utmp=%2F&utmht=1675492672069&utmac=UA-29493171-1&utmcc=__utma%3D68077320.315079370.1675492672.1675492672.1675492672.1%3B%2B__utmz%3D68077320.1675492672.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412474969&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:37:17 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 47596e29084bc770512471731d8627f1
ff10d540287425c2476aaffd4e321679cdef048c
015c3fbcf2992381d1e027318a028058b1d4ff44f32a7b8f7ad1d3d9d82b2c82
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1701
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Last-Modified: Sat, 04 Feb 2023 06:08:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!>m_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.host.air.ngo/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/845910069/?random=1675492670590&cv=11&fst=1675490400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=869811340&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/845910069/?random=1675492670590&cv=11&fst=1675490400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=869811340&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/845910069/?random=1675492670590&cv=11&fst=1675490400000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=869811340&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.twitter.com/settings?session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f
104.244.42.200200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f
IP 104.244.42.200:0
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:37:17 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sat, 04 Feb 2023 06:37:18 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 47b734169210df7d
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 104
x-connection-hash: b5f74fb4298f8dca0cd965547de1250a4bf71c90b866b2b867da0c8e5280d251
X-Firefox-Spdy: h2
www.host.air.ngo/wp-content/uploads/2019/04/Miki-Open-AIR.jpg
72.167.78.206200 OK 85 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2019/04/Miki-Open-AIR.jpg
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 619x960, components 3\012- data
Hash db6954d418dfbcdceea0ddc678beed58
8ebe22a6be3d863b4a43d145173ab9e7bf469186
c88f82293e015af58269d95fd70e372d0ea9521e5b61d6192facea46b267b8f8
GET /wp-content/uploads/2019/04/Miki-Open-AIR.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Sat, 06 Apr 2019 01:24:55 GMT
ETag: "1be0d5c-14d16-585d2788287c0"
Accept-Ranges: bytes
Content-Length: 85270
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
72.167.78.206200 OK 10 kB URL HTTP/1.1 www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21405), with CRLF, LF line terminators
Hash f5c76bfb81f5424f88133499db361034
a6d6846c71b8a992b87e52b0675ac0062486ebbc
d5acc9c3dfa699be369b713d462ddac66611636ac2b6a8f189ba0ad4ace0ab5d
GET /?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173 HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10246
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.host.air.ngo/wp-content/uploads/resized/775b07c75b4ec6c4c756504e3793be3c/walk_for_air_2013.jpg
72.167.78.206200 OK 32 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/resized/775b07c75b4ec6c4c756504e3793be3c/walk_for_air_2013.jpg
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 376x160, components 3\012- data
Hash d3324767003c2fbb9525e1b66b7017a5
bb9dd578561485da8ffdd06ba68537a2c9e773e7
0bb61d286d22336294c32fe317220e5adf808f70af865951ef88edc32e31ecce
GET /wp-content/uploads/resized/775b07c75b4ec6c4c756504e3793be3c/walk_for_air_2013.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Thu, 02 Aug 2018 09:52:10 GMT
ETag: "1be0d7a-7d98-57270c3c62680"
Accept-Ranges: bytes
Content-Length: 32152
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.host.air.ngo/wp-content/uploads/2018/04/Kurt-Tricia-and-Katelyn-Attitudes-in-Reverse-compressor.jpg
72.167.78.206200 OK 18 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2018/04/Kurt-Tricia-and-Katelyn-Attitudes-in-Reverse-compressor.jpg
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 325x217, components 3\012- data
Hash 7b6c465e1c0f410c7e0b2de52eb4cd96
f87dc7eaca8cf4820e8bbaf6a37be04b6381de9a
c8efcfe7fd916e3529fa111ef6682ec2059e3dbb4cac98ecb4cf6df16a973d74
GET /wp-content/uploads/2018/04/Kurt-Tricia-and-Katelyn-Attitudes-in-Reverse-compressor.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Sun, 01 Apr 2018 10:39:09 GMT
ETag: "1be09df-46f2-568c715518d40"
Accept-Ranges: bytes
Content-Length: 18162
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.host.air.ngo/wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js
72.167.78.206200 OK 64 kB URL HTTP/1.1 www.host.air.ngo/wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (35602)
Hash dff245a3d1f86d167418636d6106e1d5
baf1723c3bde8cbcbaa3f09a666473788d8feee3
a1119d3b41818e2dd1ada5fe606ca6d2c9c8a2158603d1cdb57ea3c46225b867
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Thu, 20 Dec 2018 03:10:35 GMT
ETag: "13e0fad-3cfdf-57d6b796220c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.host.air.ngo/wp-content/uploads/2018/03/Kurt-compressor-resize.gif
72.167.78.206200 OK 64 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/2018/03/Kurt-compressor-resize.gif
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 224 x 320\012- data
Hash c40ce764c0859f45236da5fce137066d
410c207d9649593621918f80bed9f778f42b8320
5a89f4accf6fb4e6da07e90611fed6792942a093223a25487859b1979db7c87f
GET /wp-content/uploads/2018/03/Kurt-compressor-resize.gif HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Sun, 01 Apr 2018 10:40:15 GMT
ETag: "1be0888-fb50-568c71940a1c0"
Accept-Ranges: bytes
Content-Length: 64336
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 56c9fb1b7dfda5ddcf0b6cd7ca444606
d38ff1afe1ed9a44a873dfb0e9a2ef2b67c50851
1d661bfe5859e44e12881da67255b563459ad924e4e3185c7e4cf7da99a5a02a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 06:37:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 01:20:32 GMT
Expires: Sun, 05 Feb 2023 01:20:32 GMT
ETag: "d38ff1afe1ed9a44a873dfb0e9a2ef2b67c50851"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.host.air.ngo/wp-content/uploads/resized/1ed1c9913af6a5c40e3b2687e0668f14/Fist-Annual-Miki-Friends-Walk-Run-for-A.I.R.960x352.jpg
72.167.78.206200 OK 287 kB URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/resized/1ed1c9913af6a5c40e3b2687e0668f14/Fist-Annual-Miki-Friends-Walk-Run-for-A.I.R.960x352.jpg
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 960x352, components 3\012- data
Size 287 kB (287277 bytes)
Hash 01c1248eb7e418a3ef40afdb790a0e8a
9c7b5a64551e17ffbf5f4bdb0c102818d7f33414
75ac6caa31ecd74d691f270e31547d640a4dec5fb94bb41597fafd0513751be8
GET /wp-content/uploads/resized/1ed1c9913af6a5c40e3b2687e0668f14/Fist-Annual-Miki-Friends-Walk-Run-for-A.I.R.960x352.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Wed, 09 Jan 2019 07:21:22 GMT
ETag: "1be0d72-4622d-57f014f14a080"
Accept-Ranges: bytes
Content-Length: 287277
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.sucuri.net/badge/badge-godaddy.css
192.124.249.16200 OK 11 kB URL HTTP/2 cdn.sucuri.net/badge/badge-godaddy.css
IP 192.124.249.16:0
File type ASCII text, with very long lines (4986)
Hash 9cd95fdcc55854a6ad15140582d76f2a
7cebe06e382e486b922eb844abcbbac1d90ae468
97f5e5c65f87533b941317231fcb0901de1f6d410a9fc5ce12a9c0ceb4dc81a1
GET /badge/badge-godaddy.css HTTP/1.1
Host: cdn.sucuri.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:37:18 GMT
content-type: text/css
content-length: 10693
x-sucuri-id: 19016
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 May 2017 17:41:13 GMT
etag: "29c5-55070d7f0e040"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
93.184.220.66200 OK 3.0 kB URL HTTP/1.1 platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (8260), with no line terminators
Hash 289f70783495bd412699d3080161a29c
c9c5efdabe8101011e0dc60cc8b653653d7daf1f
67be101c65d59fa643c74d21dadc929eef0b79421a1e5f4622dbb1c3284b4631
GET /js/timeline.16b53cc33aaa562f8f41a495bf720289.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896041
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:19 GMT
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2964
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-118313524-1&cid=315079370.1675492672&jid=1127726081&gjid=97625966&_gid=1422018058.1675492672&_u=YEBAAUAAAAAAACAAI~&z=1110760584
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-118313524-1&cid=315079370.1675492672&jid=1127726081&gjid=97625966&_gid=1422018058.1675492672&_u=YEBAAUAAAAAAACAAI~&z=1110760584
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-118313524-1&cid=315079370.1675492672&jid=1127726081&gjid=97625966&_gid=1422018058.1675492672&_u=YEBAAUAAAAAAACAAI~&z=1110760584 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.host.air.ngo
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.host.air.ngo
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 06:37:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33951
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 03:27:57 GMT
Expires: Sat, 03 Feb 2024 03:27:57 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 97762
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
syndication.twitter.com/srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
104.244.42.200200 OK 16 kB URL HTTP/2 syndication.twitter.com/srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
IP 104.244.42.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65296), with no line terminators
Hash e2fe6225dc8198b7260a354808032f57
a93b68dd49024cdeda3d3df237868a5c7e7428b5
4c84bafcaa7ea3795ce69a31e8115d5be86514b4fc267b6b432ebaa54120bde8
GET /srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:37:19 GMT
etag: "24c7a-qlM5q0I+8tzElG6MiQVSFYotw78"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: e569eb64acf53270
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 16099
x-response-time: 830
x-connection-hash: b5f74fb4298f8dca0cd965547de1250a4bf71c90b866b2b867da0c8e5280d251
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js
93.184.220.66200 OK 2.2 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (4155), with no line terminators
Hash 48a927c41072f5796731387d71328bce
17ea7ef4f55d98a091d4f1d2951003ca69c75fc4
5ed9748db26cb54cc994c0ea96bc05aa96b5b8cc23cdfae6fc169743a729c1c3
GET /_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199664
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "3c59d8987afc673c8c0655b21a2e0858+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2234
platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
93.184.220.66200 OK 96 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 869fd45e2b95e749fda642bd000a7c35
ccc71357b3b6190d935437ef9ce72a7eb7abc7fe
520f12b3f009d368f69b2910367e2182e69a4eba3fed134331603abf3549d2ed
GET /_next/static/chunks/modules.20f98d7498a59035a762.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 95842
platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
93.184.220.66200 OK 90 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash 1d1fa0644a94523711b2bb99a8d652bc
7fe6c07d5f75c483662b7de1befae5284d7afc8e
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
GET /_next/static/chunks/main-fd9ef5eb169057cda26d.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90
platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
93.184.220.66200 OK 668 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1338), with no line terminators
Hash a89c7430b892cb0e48c80509386cce38
2db0ffe7707d4ea752666b85d613b19ac3e32e29
06f314d281c0480b56cccf3fadc95acf6e6a95c7b0bb5860923d32fda9c88b37
GET /_next/static/chunks/pages/_app-88bf420a57d49e33be53.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (13508), with no line terminators
Hash ceaefa8dbb25d1fcdcc03eb51b3bad58
31a55bb25041e12c5baf5e3c10c1ca9f1224d2c2
b20cdf2d284b3138299ad84c4840bb787d204faa201049a7ea417bdadbf76d98
GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1290
platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js
93.184.220.66200 OK 451 B URL HTTP/1.1 platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1325), with no line terminators
Hash 7fd2849742282ee323e46e5068b5d59f
aaa75f6f3cdcd73e3fad4cf5dfafe67283b2fcea
ef5371b79b0be51f24f7ccba4abbf57ff5a16745ca7303cd4f958180a302fc02
GET /_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 451
platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js
93.184.220.66200 OK 76 B URL HTTP/1.1 platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
GET /_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199663
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js
93.184.220.66200 OK 12 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (38311), with no line terminators
Hash e9152435e6cbecaad6c1606afd0edf57
a396f1f0a5615066aabab74644fedd50ec360fe5
17e23603b958fb3c95f0783f6305781d16a4dd966a9592d2facd56d4f9678398
GET /_next/static/chunks/16.83edf0a92864b221c4c2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "cc91d8b3ed42cb1fdceb72053c094b19+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12051
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
93.184.220.66200 OK 7.7 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (23122), with no line terminators
Hash 73baa3debbf84cb65f7e594ac3fba515
e78e5f5502aa0699efa7946012a52918d4dbff57
9fd4a9285078cb2898430bf965b39ca27b98fb48f0a97f52746ccad0f87e73fc
GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (2558), with no line terminators
Hash fbfe9c7bbfc4a737388d8eaf1fbcf291
5fa25c339b216d7f437a9ab355f9f64372b1a1c2
7fe34550767b1cffdba1f955cfc374520ec909fe76799eb43a1daed3e5f681a9
GET /_next/static/chunks/6.23c33d3dbf51f67f2970.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199712
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276
platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js
93.184.220.66200 OK 39 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 298a7dfda72b1dc8e83328c282f202a4
348d741871e8c92950faf30fc5bf6a60adb02ee0
99654e867ed549caf1f6dcdba8afa1bd0ea2f3c089f7daded0a49fdf5af34e08
GET /_next/static/chunks/1.33d5194e3e24fe3f42e2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199712
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "eede84fca518a97ffc0d7f8a062820b9+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 39063
platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
93.184.220.66200 OK 67 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6daaa66e067adf091d7d7417f8ba56dd
fa37d93fa118af2d2be630e6a0044f58b6a4fda1
655fef49b15129489c6375f65bcc70a9cc7e0f15e03f79208ad34100d6805715
GET /_next/static/chunks/4.c99a76747fd916e95958.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896045
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "813fe12fe49871b42d9cd17b5f80c663+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 66820
platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
93.184.220.66200 OK 106 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106305 bytes)
Hash c6c50729484946cb7fb6a8bb5954ad36
24ff6dfd5c1934ce93e245c19a4f3efe6c0b0ddd
db4627b96900954722287c501edb87b454f83401556eb77fb497d17c7f25938f
GET /_next/static/chunks/0.12059cc9aae4f779ab68.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896045
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "145185fec2c06c3409682e5df48acdf8+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 106305
platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js
93.184.220.66200 OK 2.8 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7266), with no line terminators
Hash 8be16d98914bca0c28d6ca4ff70da965
482e130207a08ea6477aae9e0e7cff18e43b1a99
d4780fd20a4b9f4ab4e00778ea83cdd250fe047735485b0b5fb782fc872dd3a3
GET /_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199662
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2822
abs-0.twimg.com/emoji/v2/svg/1f49a.svg
104.244.43.131200 OK 266 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f49a.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 61a3f7c83e8eebd89c1827841eeafc33
a015e348efd54902d14ee99f7638456d0b5afab3
61d3e6712403767dda53b10a374f6f74ebc751ba00503a59135fc5bfe9c69901
GET /emoji/v2/svg/1f49a.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "NSIUY+Is9owosjtkeaQ2Ew=="
expires: Thu, 16 Mar 2023 06:25:07 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:04 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:20 GMT
x-served-by: cache-fty21343-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 266
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f499.svg
104.244.43.131200 OK 269 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f499.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 447e7ceb235c75a10156ee9d4101dd82
014a10acd3cbcdf3d4b970e6e0ebc23ac017151a
d1f62abb7b3ef3db9f0c15144b31916d5904f8fe95e8bc432d2c47694bca11e3
GET /emoji/v2/svg/1f499.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "43yYXt2ga31fRVm8g4wb3g=="
expires: Fri, 10 Jun 2022 07:37:35 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:04 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:20 GMT
x-served-by: cache-fty21358-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 269
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js
93.184.220.66200 OK 6.2 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (24067), with no line terminators
Hash f1b93cfe355af74f3daee1f14f07e022
eefb466022541b8abe13275b16e3522e52b70837
28991370e4b80e2428d2a5a7be03036f284ced278dc821ad152baff6d92ab560
GET /_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "795a024b9fe49518f14d917058dbd4e5+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6183
platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js
93.184.220.66200 OK 60 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 014a3d9faba09140b4ae58971d7605e1
b81798cc7985ba39e48184ea5e0d2f207a8b3acc
245fe3f3d8020aa29e07b49aec71e0e2b7d45059a30279e601864f0a88d10744
GET /_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199711
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "223819c131ed2e2b1f86bbabf99ac3a1+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 60079
abs-0.twimg.com/emoji/v2/svg/1f64f-1f3fc.svg
104.244.43.131200 OK 694 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f64f-1f3fc.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1511), with no line terminators
Hash 8a02cfbd2cd9aaad4fa1100abddfc78e
71736093735f7dcc80a98939b5a35c4f7bd5c45b
f9cf55addc74cc356f9916d7c945335addf8a87c94dcb7a25157ac55dd03315b
GET /emoji/v2/svg/1f64f-1f3fc.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "fr/k4bLC5hcrreGWCDj+LQ=="
expires: Wed, 08 Jun 2022 09:51:27 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:11 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:20 GMT
x-served-by: cache-fty21338-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 694
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/2764.svg
104.244.43.131200 OK 268 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/2764.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 95e1d04b43b41695bcabf7c8f4b121cf
785b7a4f7b0819f76b228ee74e2bc209d7a32d57
398e85423b6964eb4dbd3581bfb4eacfa5c7db0eabb8506cd9ee1838ab8f26af
GET /emoji/v2/svg/2764.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "BIPytkjcyYbQE4UGIFKuHA=="
expires: Thu, 09 Jun 2022 07:29:22 GMT
last-modified: Fri, 10 Aug 2018 17:46:01 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:21 GMT
x-served-by: cache-fty21366-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 268
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f384.svg
104.244.43.131200 OK 1.0 kB URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f384.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2576), with no line terminators
Hash 9f5b1758f8f3a64d237660dff80ed683
aba4eb695abefc7d1b63be2bb4ba5abd35fa26e0
b8ed4b18992de2972b772f5f860812defa25c9bd9a505bb00cc18a387e3e16f5
GET /emoji/v2/svg/1f384.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "L1MxRFpGR68rsxeGKzhQKg=="
expires: Fri, 30 Sep 2022 07:54:45 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:50 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:21 GMT
x-served-by: cache-fty21346-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1013
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
93.184.220.66200 OK 42 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 47d134ddc26f8303a63f5077210e691d
208e6b463d3f86f8d627c9cc9b4e8a0ba4dc3adf
a4b68569485df549adb77e2c5ba911661d62f141e65678b7523e685822e5a05f
GET /_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896047
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:21 GMT
Etag: "5e006b62c5bde14eb6fa194e2cee465c+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941
abs.twimg.com/sticky/animations/like.4.json
152.199.21.141200 OK 1.9 kB URL HTTP/2 abs.twimg.com/sticky/animations/like.4.json
IP 152.199.21.141:0
File type ASCII text, with very long lines (24291)
Hash c5203df5bd1440c2fdf4b44f0eb3116a
6b928e79e59b281eb5b9f5c2ad608f81078b5869
0b638ce107a37db0734fcd82af97d1dd575c246d737949c5414aa1dc549540e3
GET /sticky/animations/like.4.json HTTP/1.1
Host: abs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndication.twitter.com/
Origin: https://syndication.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 9207962
content-type: application/json
date: Sat, 04 Feb 2023 06:37:21 GMT
etag: "YKYmOkwIx9KztN7bQT7x8g=="
expires: Sun, 04 Feb 2024 06:37:21 GMT
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
perf: 7626143928
server: ECAcc (ska/F695)
strict-transport-security: max-age=631138519
surrogate-key: twitter-assets
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
vary: Accept-Encoding
x-cache: HIT
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
x-content-type-options: nosniff
x-response-time: 10
x-ton-expected-size: 24292
x-transaction-id: 80afab27525733bc
content-length: 1897
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675492675780%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.host.air.ngo%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AAttitudesInRev%22%7D&dnt=1&session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f
104.244.42.200200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675492675780%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.host.air.ngo%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AAttitudesInRev%22%7D&dnt=1&session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f
IP 104.244.42.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675492675780%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.host.air.ngo%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AAttitudesInRev%22%7D&dnt=1&session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:37:20 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sat, 04 Feb 2023 06:37:21 GMT
content-length: 43
x-transaction-id: bdaf22e7c86e43a6
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: b5f74fb4298f8dca0cd965547de1250a4bf71c90b866b2b867da0c8e5280d251
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1521117360085733377/EgDVw9py_normal.jpg
151.101.244.159200 OK 2.4 kB URL HTTP/2 pbs.twimg.com/profile_images/1521117360085733377/EgDVw9py_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 550b072b46c56104c53254161a309574
266e266345a7d7a912e80a57da209538a809ab1d
0f537d45eb85944c7d7f70cdc856724005ef4f645389c68bc56190b8206f9d04
GET /profile_images/1521117360085733377/EgDVw9py_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 02 May 2022 13:18:14 GMT
x-transaction-id: 25419f9819cceed0
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:21 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7372-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2415
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1613777470154588160/CCBdqSDr_normal.png
151.101.244.159200 OK 6.0 kB URL HTTP/2 pbs.twimg.com/profile_images/1613777470154588160/CCBdqSDr_normal.png
IP 151.101.244.159:0
File type PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash 39161d823b6f55fefb1f12558cdefb57
65f7affb07a99f666af18b05c6bfee09ddca42ca
178f4f67ebfe3c372ba63bbdc0b601cf83d8acd3fa0cc1d479ee03f03b071696
GET /profile_images/1613777470154588160/CCBdqSDr_normal.png HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 13 Jan 2023 05:56:26 GMT
x-transaction-id: 5a5d3e7001c28cf2
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/png
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7323-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 5987
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/653019595343708160/lcNBdDub_normal.jpg
151.101.244.159200 OK 1.7 kB URL HTTP/2 pbs.twimg.com/profile_images/653019595343708160/lcNBdDub_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 8d020d26f7c2e586358d41d9957bfae5
51d450f23fa5c03c7d4d8fe617125b800be024f4
b0468fda4d1e16fb5519f4f573bcfda1cdeca276d1b24ae116b7d416fd11974e
GET /profile_images/653019595343708160/lcNBdDub_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 11 Oct 2015 01:27:38 GMT
x-transaction-id: 700fae280f1032e5
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7375-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 1731
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1935042354/Twitter-Star-Ledger-Avatar-Logo_normal.gif
151.101.244.159200 OK 1.2 kB URL HTTP/2 pbs.twimg.com/profile_images/1935042354/Twitter-Star-Ledger-Avatar-Logo_normal.gif
IP 151.101.244.159:0
File type GIF image data, version 89a, 48 x 48\012- data
Hash b90ee6807a8c84f354230588bd72c624
e6eab019886dae8afd17fd27b5b4215e29a81c19
f351003a6cbdade7350607dd068bd3241f185a80ac6cfd6c45e493918b6e7929
GET /profile_images/1935042354/Twitter-Star-Ledger-Avatar-Logo_normal.gif HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
x-transaction-id: 897a786a940103c7
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/gif
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7331-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1241
X-Firefox-Spdy: h2
pbs.twimg.com/media/FLzQo95XoAgpN47?format=jpg&name=120x120
151.101.244.159200 OK 5.4 kB URL HTTP/2 pbs.twimg.com/media/FLzQo95XoAgpN47?format=jpg&name=120x120
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 119x120, components 3\012- data
Hash 12f4dc2e785bc945069f639bb5fb1e3f
caa0761b9d20bfe61c15a3d480996cc60c546f6a
a5662b4eba48a41e3ae15377d2bd5b44da97e08c10b985fe14a3e34f2e356f89
GET /media/FLzQo95XoAgpN47?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 17 Feb 2022 13:09:58 GMT
x-transaction-id: a53098e327acd80f
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7322-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 5357
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1294791914529619969/p7FIeaDi_normal.jpg
151.101.244.159200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/profile_images/1294791914529619969/p7FIeaDi_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash a5466f8de84cfedd1790ff4cef15e7dd
ae00458a96cbf081441f136bc0490e0591e42e40
03de3b0e00ec4b422cc4a56d0da283372c5a92eb744e253ebe88fce53985682e
GET /profile_images/1294791914529619969/p7FIeaDi_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 16 Aug 2020 00:21:43 GMT
x-transaction-id: 6e3fd56470afe22b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7356-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2339
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_normal.jpg
151.101.244.159200 OK 2.2 kB URL HTTP/2 pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash fc61b12a77366b8264c74bc901244898
c873fce5ffe13d9d430219198b9929ddb8b69d0b
17586c948ed343ad22306eab90c7445d1c58d5eb1cac754d2bf34f90cd2d478b
GET /profile_images/1341148539619962885/ePn3wjsr_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 21 Dec 2020 22:26:23 GMT
x-transaction-id: aefef4ab2c0c6eae
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7354-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2187
X-Firefox-Spdy: h2
pbs.twimg.com/media/FLzQo97XMAIvWm4?format=jpg&name=240x240
151.101.244.159200 OK 10 kB URL HTTP/2 pbs.twimg.com/media/FLzQo97XMAIvWm4?format=jpg&name=240x240
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 208x240, components 3\012- data
Hash a9229e3d2c0d1229d860d19ce0276f4e
1d2e607cb11c2abfa70814ee801f90681cb1593a
94a360d4312014d5f30d211f4dff0a7438c78a471f30ea9117c748c8c5d997fb
GET /media/FLzQo97XMAIvWm4?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 17 Feb 2022 13:09:58 GMT
x-transaction-id: 927a65fcfb573843
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7389-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 10102
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1460251482100576264/gyS9LMdQ_normal.jpg
151.101.244.159200 OK 2.1 kB URL HTTP/2 pbs.twimg.com/profile_images/1460251482100576264/gyS9LMdQ_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 0e676933b17ada4b2cdc0245420ff58f
ad9f65c2613bfd066e2dcc10d7396926de274e65
02aad68f4e4bfc867b96258c16527cd7623458eda2f83996e73e0d58efef0936
GET /profile_images/1460251482100576264/gyS9LMdQ_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 15 Nov 2021 14:18:58 GMT
x-transaction-id: c03b15ed17542bff
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7335-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2111
X-Firefox-Spdy: h2
pbs.twimg.com/media/FLzQo97XwAE03jA?format=jpg&name=240x240
151.101.244.159200 OK 16 kB URL HTTP/2 pbs.twimg.com/media/FLzQo97XwAE03jA?format=jpg&name=240x240
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Hash 0a1a223edeaec8c076f4c6b8a659a0e0
354b8307cf46ec1a8e08a0e88d1f66521aaa9b2f
62ed7aa471ae4a1de1dc970cb3b3f1d909a57b9364f7e3d41d5c1d5eab0530c9
GET /media/FLzQo97XwAE03jA?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 17 Feb 2022 13:09:58 GMT
x-transaction-id: c992c68920cbf886
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7374-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 16474
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1180492296657276929/P2doHiGm_normal.jpg
151.101.244.159200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/profile_images/1180492296657276929/P2doHiGm_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash e2155d095502a45c4fb44ac648dc6abe
f02ae6abd1c89a10246f06fcbcc28e93c01ad737
f7ca6288cf557701b12fa1c56c7828542e060762b22ca1bc3fe57963ee72a4cf
GET /profile_images/1180492296657276929/P2doHiGm_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 05 Oct 2019 14:35:50 GMT
x-transaction-id: 6c6f5c00c89573ea
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7357-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2
pbs.twimg.com/media/FJuIFQuXoAE9uGz?format=jpg&name=small
151.101.244.159200 OK 72 kB URL HTTP/2 pbs.twimg.com/media/FJuIFQuXoAE9uGz?format=jpg&name=small
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 514x680, components 3\012- data
Hash 6bb2141125798a09b44b875eaf86bf5f
8ed8c6663b079bb39b2b288ace61829d604c560c
5878d842570babbd5dbbd1765c9730e74c911bda3708360199a2df4754cde38a
GET /media/FJuIFQuXoAE9uGz?format=jpg&name=small HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 22 Jan 2022 16:43:05 GMT
x-transaction-id: e597adf42500a1cc
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7345-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 72451
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_mini.jpg
151.101.244.159200 OK 1.6 kB URL HTTP/2 pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_mini.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 24x24, components 3\012- data
Hash dce867fa0bffed40d38ce444ca3227e4
ac843ee79cbb993ed3e52be3e202d775827e016a
7e206d71975c3f7a572179a3e2a560f784f5ba208b6984cf8dd989333e59f647
GET /profile_images/1341148539619962885/ePn3wjsr_mini.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 21 Dec 2020 22:26:23 GMT
x-transaction-id: 2b719e18cb24ed40
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7338-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 1556
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 29981
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pbs.twimg.com/media/FHYSeLQWUAI2vGm?format=jpg&name=360x360
151.101.244.159200 OK 18 kB URL HTTP/2 pbs.twimg.com/media/FHYSeLQWUAI2vGm?format=jpg&name=360x360
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x274, components 3\012- data
Hash 2f13d167994122436f60ab25ef4c9085
1646d6d95c2691479a53d94962911a59c297328b
3990d63fd1477eea0c49909161c8f7ba04153ce694f275cedcea1bb7755c7134
GET /media/FHYSeLQWUAI2vGm?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 24 Dec 2021 14:25:26 GMT
x-transaction-id: 1a68cf3fd095a19b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7337-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 17720
X-Firefox-Spdy: h2
www.host.air.ngo/wp-content/uploads/resized/8ebf1c6127581d5d9c48701f294f9d83/2012-08-27_AIR_Awards_2012_401-e1383019049691.jpg
72.167.78.206200 OK 0 B URL HTTP/1.1 www.host.air.ngo/wp-content/uploads/resized/8ebf1c6127581d5d9c48701f294f9d83/2012-08-27_AIR_Awards_2012_401-e1383019049691.jpg
IP 72.167.78.206:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/uploads/resized/8ebf1c6127581d5d9c48701f294f9d83/2012-08-27_AIR_Awards_2012_401-e1383019049691.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2018 22:51:41 GMT
ETag: "1be0d7f-cf8b-57d67db7c1940"
Accept-Ranges: bytes
Content-Length: 53131
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js
93.184.220.66200 OK 0 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js
IP 93.184.220.66:0
GET /_next/static/chunks/3.9ea9198afb6f33351d13.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199712
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "b504a1691341799c78aca542f5795340+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 166211