Report - attitudesinreverse.org/

Report Overview

Submitted URL
attitudesinreverse.org/
IP
72.167.78.206
ASN
#398101 GO-DADDY-COM-LLC
Submitted
2023-02-04 06:37:27
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
10
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
abs.twimg.com	1724	2013-04-11T00:09:30Z	2023-03-13T06:06:42Z	423 B	2.7 kB	152.199.21.141
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	1.6 kB	2.5 kB	216.58.207.194
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.227.109.32
cdn.sucuri.net	107164	2017-01-29T12:44:08Z	2023-03-13T08:02:40Z	765 B	15 kB	192.124.249.16
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	683 B	52 kB	142.250.74.40
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	913 B	62 kB	216.58.207.227
www.host.air.ngo	unknown	2022-12-21T13:56:25Z	2022-12-21T13:56:25Z	13 kB	1.1 MB	72.167.78.206
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	311 B	35 kB	142.250.74.74
pbs.twimg.com	624	2012-09-06T02:07:06Z	2023-03-13T05:16:16Z	6.2 kB	153 kB	151.101.244.159
attitudesinreverse.org	unknown	2014-05-19T04:51:26Z	2023-01-29T12:02:27Z	726 B	78 kB	72.167.78.206
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	5.8 kB	12 kB	142.250.74.131
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	1.8 kB	59 kB	216.239.36.178
i.ytimg.com	109	2012-10-03T19:11:04Z	2023-03-13T08:43:01Z	396 B	17 kB	216.58.207.246
syndication.twitter.com	833	2013-09-20T03:46:47Z	2023-03-13T05:26:52Z	5.3 kB	18 kB	104.244.42.200
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
platform.twitter.com	597	2012-05-21T05:34:05Z	2023-03-13T05:09:29Z	8.8 kB	593 kB	93.184.220.66
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	61 kB	34.120.237.76
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	1.6 kB	1.4 kB	142.250.74.163
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	605 B	594 B	64.233.165.154
abs-0.twimg.com	2460	2014-05-10T11:28:05Z	2023-03-13T05:16:15Z	2.1 kB	5.7 kB	104.244.43.131
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	799 B	1.3 kB	142.250.74.164
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	579 B	93.184.220.29
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-13T05:12:19Z	340 B	2.3 kB	192.124.249.36
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	747 B	11 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 06:37:54	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-04 06:37:54	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	attitudesinreverse.org/	Phishing
2023-02-04	medium	www.host.air.ngo/	Phishing
2023-02-04	medium	www.host.air.ngo/wp-includes/js/wp-emoji-release.min.js	Phishing
2023-02-04	medium	www.host.air.ngo/wp-content/mmr/9c072bdd-1645851486.min.js	Phishing
2023-02-04	medium	www.host.air.ngo/wp-content/mmr/4bbf2d7f-1645851486.min.js	Phishing
2023-02-04	medium	www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js	Phishing
2023-02-04	medium	www.host.air.ngo/wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (56)

	URL	Size	First Seen	Last Seen
	platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js	322 kB	2023-03-09	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:11:05 Last Seen2023-05-05 19:49:06 Times Seen557 Hash 145185fec2c06c3409682e5df48acdf8 5c0fe4d1df1ec4cb50ae3a09e375b8fdb7900deb 5bccb3d79dd85afc5c9d3a008ed9a9af4353560cb21084e755b313dbe5eec75b Loading...

	www.googletagmanager.com/gtag/js?id=UA-118313524-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-118313524-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:55 Last Seen2023-03-13 16:28:55 Times Seen1 Hash ad66714acdb61ac229e97da19058fcb7 ec3bec59ff5d3a1b05980b086fb53d26fa162c59 00031ab5ea07c075509f7b384d7431a4771ebbdc26244ca7d89df87b095fe99b Loading...

	platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js	23 kB	2023-03-07	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-05-05 19:49:06 Times Seen668 Hash 942b5b928a24465d1906b4716131d896 1eadaf7d813991cc042e710ac8c74a7160830d72 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67 Loading...

	www.googletagmanager.com/gtag/js?id=UA-118313524-1&l=dataLayer&cx=c	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-118313524-1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:55 Last Seen2023-03-13 16:28:55 Times Seen1 Hash 63850d497762e0eaf89165d2d8eeeb1c 7fbe3b77c40d31f7ec34a412222ae88f0af62e04 1ad8f756828f6bda6635d698db2a65ec1dc1498f5c6b2727420ca8533a20ff01 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 08:58:10 Times Seen118743 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	platform.twitter.com/widgets.js	93 kB	2023-03-13	2024-04-18
Pretty URL platform.twitter.com/widgets.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:53:34 Last Seen2024-04-18 11:27:49 Times Seen3883 Hash 9e99725b7a4cd730a934afba2a438bb5 cca18cd298b243e672b37ba6e6927bec865dd742 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b Loading...

	www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173	436 B	2023-03-07	2024-04-12
Pretty URL www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173 IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:33 Last Seen2024-04-12 16:11:58 Times Seen63 Hash e047f17e50fb88c7d92891ba61e86cd3 c6ac9979f141d5a9ea603e729e34ccb3bb0c31f0 de6f5a9e2c764c65a8939f9d22f436d733a966b002614564ae38dd41f5aeecfa Loading...

	www.host.air.ngo/wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js	250 kB	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:55 Last Seen2023-03-13 16:28:55 Times Seen1 Hash 0b4957bec5c2d5547a80565126ae7d8f 719a05f61ad720b6e16f892583175872aba243fd 7e1fe1e795d6ab323b156424c46a14c4f5eac036ccba53b8068c925c99149749 Loading...

	platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js	152 kB	2023-03-12	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:45:22 Last Seen2023-05-05 19:49:06 Times Seen617 Hash 5e006b62c5bde14eb6fa194e2cee465c 2bb1a4a1358b56238c9c92b27480f6842c6fa49d ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:54:32 Times Seen37089025 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.host.air.ngo/	1.5 kB	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:55 Last Seen2023-03-13 16:28:55 Times Seen1 Hash 6f1a1545339bbc0b7603fc3359517d32 d891ad29cd917c45910c6659d8c9031844b31377 590858039e60c8891956d61112b43b0d5ca68d51c3246f82091f4beb1b7f79d1 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:55 Last Seen2023-03-13 16:28:55 Times Seen1 Hash f7f407f6de1a85422f2e2f097ba982ad f331d3cd5eb7036569d4e4194fa77195cdfd7662 81dc1896eebe18956af7984a337c3a3837b680ee18b0cc15bcc21f6a088c946c Loading...

	www.host.air.ngo/wp-includes/js/wp-emoji-release.min.js	12 kB	2023-03-07	2024-04-25
Pretty URL www.host.air.ngo/wp-includes/js/wp-emoji-release.min.js IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-25 16:04:38 Times Seen6776 Hash fe0575b66568074463f12485d90f6d4c aeedd9ab3b7874e63f647042963cb1301a38b391 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7 Loading...

	cdn.sucuri.net/badge/badge.js	3.3 kB	2023-03-07	2024-03-27
Pretty URL cdn.sucuri.net/badge/badge.js IP 192.124.249.16 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:52 Last Seen2024-03-27 15:41:09 Times Seen643 Hash 25db683a54bb4440d466bf9aed8ee510 c322fae782f73039dfe5edd8987dfb60daccf91e 2a116fbb01adc832de9e40d83751f068237ee3a4f6f5637e60afa0bd012b4f50 Loading...

	platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js	293 kB	2023-03-09	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:59:27 Last Seen2023-05-05 19:49:06 Times Seen570 Hash 1c54378254eefb52fea75b3c31dfe51d ccec224b0acf07fa8421da159dd66c77ba8ded56 9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723 Loading...

	platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js	8.3 kB	2023-03-13	2023-05-05
Pretty URL platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:53:34 Last Seen2023-05-05 19:49:06 Times Seen621 Hash 569768187d20181e1cdea6aa19f3a4b4 abe4c832d3a4474e23660ddbf6194570761ff6df 7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af Loading...

	www.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL www.google-analytics.com/ga.js IP 216.239.36.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.239.36.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.host.air.ngo/	82 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:55 Last Seen2023-03-13 16:28:55 Times Seen1 Hash 559790554c76d830b32d58b090dec1ea b88ed2972543d63c287d01fb04669e203872d9bf c3216dbe092487cf365d0504bdac77a227cfcfe0db5875427df0cf3f90cd3d6d Loading...

	www.host.air.ngo/	768 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 321310cbf754c078b2e10bfcb6481835 e3c41bbbdf2f87347e4fed15b0d6c905a3284710 3af5308825e9e41cd298568936dd25bd28bade6a7df8479874808cb71b5f68b1 Loading...

	www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js	4.1 kB	2023-03-07	2024-02-05
Pretty URL www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:22 Last Seen2024-02-05 05:49:06 Times Seen120 Hash 5e45763aea8c147b1061c888351b992e d5ee5230a8c3462737998ea41a9f271682b1f630 09200cde8656d4bc2ddfaf543bf73c99c43b10b974b5ef6cb5de63360204a6d9 Loading...

	www.google.com/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-20
Pretty URL www.google.com/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-20 17:48:03 Times Seen63949 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173	6.5 kB	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173 IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 3b9dead88a5aa01f5bf5866ffe7b0c8f 812acef34c6fa3b8b1f7e57741f71d57819da021 14ee2122aa7e19e258d8169f4a3b597658dce4d43668455612c5811c8ceb5e3a Loading...

	www.host.air.ngo/	94 B	2023-03-07	2024-04-25
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-25 10:34:43 Times Seen650 Hash 7df51f7b185195c7d9e98e3d35937eab 62611cfee30316cf9a4a6edd9728771d656f23e5 93067a8066066c24d32de18140693cd555c01af06ebdf87c98bceba48304ddc7 Loading...

	www.host.air.ngo/	356 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 5c8c5abec0bf29f4c5971b63ba83df44 2cb5adfa7542fb29bfba34c5565e869c03ae48e2 5c1a58a62aec5177efed87996bc6343103866d38331a1d3c7778b470717c0094 Loading...

	www.host.air.ngo/	283 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash a549b38e44d995f60e8b99b6daf5d226 ab1eb3de2b707d78945d3ed94e64cf98890c9273 177a1c4c54ee953b5c3159e2578a4811fe14fd4c85df24fd1fd844879062ce77 Loading...

	platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js	7.3 kB	2023-03-12	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:51:08 Last Seen2023-05-05 19:49:06 Times Seen606 Hash ee85bb78f0eb1080fd5fc8c4d4cddbb8 cdc42805186e7b524876491deb742f89b5e0cf3a 1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba Loading...

	www.host.air.ngo/	92 B	2023-03-07	2024-04-24
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:28 Last Seen2024-04-24 19:39:32 Times Seen894 Hash a3c8c48eaadcfabf66b06db1e61e6f8a 78015de065ac125cf8c0d61d8040c304b155aee2 1394acf2f28aeb687914dcebbed812b6645ae4eb0139294b2f51d5f0c20ad720 Loading...

	platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js	1.3 kB	2023-03-12	2023-05-05
Pretty URL platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:29:31 Last Seen2023-05-05 19:49:06 Times Seen610 Hash bd9a3afe8a64146469f036be13628170 fde5ef7ce3475c2f91c73d51d23daa041b214efc 7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f Loading...

	www.host.air.ngo/wp-content/mmr/4bbf2d7f-1645851486.min.js	550 kB	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/wp-content/mmr/4bbf2d7f-1645851486.min.js IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 1720266807b583bb2cad5167bed14b35 edd838d5ec9f5622517238ae57872720e0c121d5 d6235afb80c8327487d0a2ca87cf2b3a710252c1c855e557454cab08bf2c11ee Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44	117 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 037d06916ab4023dab40a4e531a04367 e34d9e8feff0451ec046e1741462292cdb845058 24dcea72870761ccaa3e218add9db760ef4aafa0dee7be77e0a27b134762ff56 Loading...

	platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js	76 B	2023-03-07	2024-04-26
Pretty URL platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 05:50:27 Times Seen3370 Hash abee47769bf307639ace4945f9cfd4ff c0a0dc51ee8a2852baf5ff30c33b1478ff302585 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479 Loading...

	www.host.air.ngo/	434 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash d73cca696ca2dcf94f6f3de731f3a6e7 48adc203bcf5ae13d194d2b50aa557c0d1983a94 886fe01ea53cf0007c55e02461d7dcc44a84e69f93f0f6c8925055623b857c39 Loading...

	www.host.air.ngo/	847 B	2023-03-07	2023-12-11
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:00:18 Last Seen2023-12-11 17:31:44 Times Seen18 Hash 89b01779c2f8e87d436a12a351152d81 546436f0d55ac6ed8f8c0e980c9dee83e4c8b535 228e1bdde952a8d0988382d6a10dd7fc2a888f3148a5f0964cd0a24e4be4eacf Loading...

	platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js	1.3 kB	2023-03-09	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:59:27 Last Seen2023-05-05 19:49:06 Times Seen607 Hash 2856f57c62c238a564ef576bbc50ca4a a840a98734b3e8c158868687ffaa833ad722324e 729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326 Loading...

	www.host.air.ngo/	127 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 1076593cbc2821ad75b0fa421b962873 b56e6fa92b6503e3c9638130dc02ccc69eff6d19 e7a1637f7eb177f3fe9949b7c32e1412417f4b2f0673c9ae262b250ac00c84be Loading...

	www.host.air.ngo/	155 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 1c17abf616f521fc3a4eedd9e91b3244 6e3cfdad92f9179d32f12586cdfa5b247134b9a1 d72825a655ccba3200564195f1b3ccb83164f7cb134caaf7c56289ac653c8d4f Loading...

	platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js	4.2 kB	2023-03-13	2023-03-13
Pretty URL platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:31:54 Last Seen2023-03-13 18:50:20 Times Seen1 Hash 3c59d8987afc673c8c0655b21a2e0858 f82ee6fd0b6cc642984efebc68045f73ebd62837 9154ab18054cafe6d5747632faa1dcad8873354a76a431e5c69b00d43d8358f6 Loading...

	platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js	14 kB	2023-03-09	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:59:28 Last Seen2023-05-05 19:49:06 Times Seen669 Hash e78034c651c8a81b2acd83dc7e7ad407 27b6c81f88ff3f8e34d9c765a2aa4da57af1ff85 bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef Loading...

	www.host.air.ngo/	153 B	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 726ae8947880f37b16ccbd8a8076630a 939cf55e51b3ccaaa18157a6495275f13866bf64 89db412224b01510991a8f09a59b4f630f2d8fde699081f4c94efa9a01ed4d77 Loading...

	www.host.air.ngo/	771 B	2023-03-07	2024-02-06
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:48 Last Seen2024-02-06 01:33:34 Times Seen128 Hash ff5f5b72ccf8fc10916a0823557890de 7722a09344092b454ca3f0871a5cf215a6f05be0 18e3e0f8af5e19fe3bf34093574aff6aac112d6269d8558c54cca39f4413442a Loading...

	www.host.air.ngo/wp-content/mmr/9c072bdd-1645851486.min.js	350 kB	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/wp-content/mmr/9c072bdd-1645851486.min.js IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 48153ac7ff99ae25c2d3b6bc24700891 59f9d5c7b206fe385d497d62d507faec965cb0c0 b8d4db152542d4f9fa127f21e61a1757c602e73204f64b69100037b48b1a3df4 Loading...

	platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js	148 kB	2023-03-13	2023-03-13
Pretty URL platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:31:54 Last Seen2023-03-13 18:48:18 Times Seen1 Hash eede84fca518a97ffc0d7f8a062820b9 10055d0e57f8818915c9a9ae2c0a5c19c3e9f01d bf49c8410f74bb6d1ee0e09cababd66afa67d73f36262486e9bd3f4aa954f941 Loading...

	platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js	24 kB	2023-03-12	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:45:21 Last Seen2023-05-05 19:49:06 Times Seen375 Hash 795a024b9fe49518f14d917058dbd4e5 071f4ec0ffb26b58d9da285ba76611d735b7449a ded840a5f928bf7a6acf3284c66db9072ec9c5380f19c976d25e221f0ce389d8 Loading...

	platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js	263 kB	2023-03-12	2023-03-13
Pretty URL platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:45:22 Last Seen2023-03-13 18:48:19 Times Seen1 Hash 223819c131ed2e2b1f86bbabf99ac3a1 4668da4654e9565954247a8d8ba9e2b9b44bd2c9 4c5bdc59d81ed2f061bce22134bd7cfb1a140c957ec28a81604f76e22396defb Loading...

	www.host.air.ngo/	2.0 kB	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 3e51aec6acd586cc1d218467e8431947 0ad7f82b8881a4e8f205799caece0fa2059d1c88 e4fdb7053351edb80e97bb7ca6394c3e16f00f4887f1f0f700162eab179854ee Loading...

	www.host.air.ngo/	276 B	2023-03-07	2024-04-25
Pretty URL www.host.air.ngo/ IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-25 19:14:45 Times Seen1202 Hash 964a88133d1e4ed9a320c41af7da1091 c24f621fd6db3d4db5922c271f5ee01cb6485e50 274f2ba69eb1b2369d0bcc01969f290b644c7d22b84a99d4d13287f65bdc576a Loading...

	platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js	2.6 kB	2023-03-09	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:59:27 Last Seen2023-05-05 19:49:06 Times Seen598 Hash 0e9ca787dfdcbf5ffeb7df678ec8f6df 4df94a5394767bb620fdc4f66047981b6b055edb 713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45 Loading...

	www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173	2.7 kB	2023-03-13	2023-03-13
Pretty URL www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173 IP 72.167.78.206 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 0e89d2faa7b326ba6123df1abc0be15c 246ae48da31e896611bd0df3febed4e3a248c954 80d1bd62ce51e1c474670b22ce317fbed3db1ecfa6d9f2810c9ec1fd78be8637 Loading...

	platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo	327 kB	2023-03-13	2024-04-18
Pretty URL platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:53:42 Last Seen2024-04-18 11:27:49 Times Seen2170 Hash ddda7cfc08478ea11fab363ee004f38e e56b886f428cb955f3c594b3c82213cd422b82fd 74df0c960477a1e829b4e135295119fc6d3603d2fbdae3f87bc1854ec5ef0cc4 Loading...

	platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js	90 B	2023-03-09	2023-05-05
Pretty URL platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:59:27 Last Seen2023-05-05 19:49:06 Times Seen608 Hash 1d1fa0644a94523711b2bb99a8d652bc 7fe6c07d5f75c483662b7de1befae5284d7afc8e eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753 Loading...

	platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js	38 kB	2023-03-13	2023-03-13
Pretty URL platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:31:53 Last Seen2023-03-13 18:50:20 Times Seen1 Hash cc91d8b3ed42cb1fdceb72053c094b19 b7e2ec33f47fc99586a0d0b0d95ee1e5c2fe7c69 d7ba05acd758c03fa897a03c39de7f59737860a80b77c6e7e11816af56012a19 Loading...

	platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js	682 kB	2023-03-13	2023-03-13
Pretty URL platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:31:53 Last Seen2023-03-13 18:50:20 Times Seen1 Hash b504a1691341799c78aca542f5795340 c57215ffb4b7f678156e0e603d2913b06e2c0f2b 95ebabaa461d110002019726e4fb01bb282f1b4b8a31d3dbfccf00885973a965 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2c1bac5d0a37e3206aeb14221bcd74ab	1.5 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:28:56 Last Seen2023-03-13 16:28:56 Times Seen1 Hash 2c1bac5d0a37e3206aeb14221bcd74ab b56c801bea3901f8f8b346a7b3a5eb146f34a3e3 a468d747cafdc83b83d64c81d2dad751f825752e98204177c170f8e739d79467 Loading...

	#2 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:54:32 Times Seen37089025 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#3 Eval - fd9a819e0d29b1ca24c44e328ef44cbb	4 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 12:07:33 Last Seen2024-04-24 18:24:17 Times Seen200 Hash fd9a819e0d29b1ca24c44e328ef44cbb a0283a0e72895eb8eb95dfa6fd64d6c5e9d98615 eb944d002e80b8a3858a97358e03a6286ab70be6b6edac59e46ab69b5bf96d16 Loading...

HTTP Transactions (129)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11332
Expires: Sat, 04 Feb 2023 09:46:06 GMT
Date: Sat, 04 Feb 2023 06:37:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9161
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 06:37:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10989
Expires: Sat, 04 Feb 2023 09:40:23 GMT
Date: Sat, 04 Feb 2023 06:37:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:43:35 GMT
content-type: application/json
age: 3219
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 33e1V+QaQ8digOwfyevs7A+/r6IfWM/aeTLRIM6fe+4aE/tS8kYwiASROoxruiO/rMhLJQEDB9vVjPKQos7gCg==
x-amz-request-id: YY9TRC8DVXN39M3X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 06:23:53 GMT
age: 801
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:37:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

attitudesinreverse.org/

72.167.78.206

301 Moved Permanently

0 B

URL HTTP/1.1
attitudesinreverse.org/
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: attitudesinreverse.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 06:37:14 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.host.air.ngo/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:07:19 GMT
age: 1796
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9917
Expires: Sat, 04 Feb 2023 09:22:32 GMT
Date: Sat, 04 Feb 2023 06:37:15 GMT
Connection: keep-alive

push.services.mozilla.com/

44.227.109.32

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.227.109.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q4Yu5mFo54wX1tcjHvH2pQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z4aUZyfEAc3NUj8drGvL6zytFfw=

fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.9.20

142.250.74.106

200 OK

639 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.9.20
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
639 B (639 bytes)
Hash
8ff9bf0da080c656b619be4929a8437f
296c9051db5e3ae848ea6d805738f31a7ace5059
9a63cb1251a9d76eb31d20b0e02bbd97ef14c9c8006c251e008d64933f68c160

HTTP Headers

GET /css?family=Open+Sans%3A400%2C600&ver=4.9.20 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 04 Feb 2023 06:37:16 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.host.air.ngo/

72.167.78.206

200 OK

20 kB

URL HTTP/1.1
www.host.air.ngo/
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8017), with CRLF, LF line terminators
Size
20 kB (19721 bytes)
Hash
c422c6c45d0afe8097368a5444160bef
43682bc213a8ac0421bdfa0a450f3024d4144d60
c5b710fec9861f077d4352c255a96a3b29c27c6512fca9102989d13aa347589c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:15 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Link: <http://www.host.air.ngo/wp-json/>; rel="https://api.w.org/", <http://www.host.air.ngo/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19721
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-845910069

142.250.74.40

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-845910069
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
51 kB (50679 bytes)
Hash
1098b1152eab401812a4ee39721b9144
ec82b455ea78a7d7ffbdf37780217dc9fbf38ab5
d6832fb44715069d39e42a898161f0c5367ecc77eeced4db00ec02845f414e9c

HTTP Headers

GET /gtag/js?id=AW-845910069 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 06:37:16 GMT
expires: Sat, 04 Feb 2023 06:37:16 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.host.air.ngo/wp-includes/js/wp-emoji-release.min.js

72.167.78.206

200 OK

4.3 kB

URL HTTP/1.1
www.host.air.ngo/wp-includes/js/wp-emoji-release.min.js
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (9063)
Size
4.3 kB (4347 bytes)
Hash
bc89387b6a6f886f99511cca233b5071
77c1103c6d84263a73bff007bd635750d5b26296
baf8e3410e57e5650ad72f25eb93d82ea36ac8bd51904948e3d2f2a05faa3e78

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 26 Feb 2022 04:58:06 GMT
ETag: "12807af-2ea7-5d8e4a930375b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4347
Keep-Alive: timeout=5
Content-Type: application/javascript

www.host.air.ngo/wp-content/mmr/cc4312d6-1443645735.min.css

72.167.78.206

200 OK

10 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/mmr/cc4312d6-1443645735.min.css
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (50549), with no line terminators
Size
10 kB (10331 bytes)
Hash
d5d5918ffb7c0957848a5edc2d0eb573
6a4e16a1a81c6ecf1e628824e38ea14ae563ddef
81f28c7e0d00a59aad711bc9572da18bc28d36004cd09fa1f51abca4e1926de2

HTTP Headers

GET /wp-content/mmr/cc4312d6-1443645735.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 04:26:25 GMT
ETag: "128026c-c575-5e4491edce690-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10331
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

www.host.air.ngo/wp-content/mmr/9c072bdd-1645851486.min.js

72.167.78.206

200 OK

92 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/mmr/9c072bdd-1645851486.min.js
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
92 kB (91533 bytes)
Hash
f8339b9ffdd178712677fbe8f5c9e5fd
1fc0061375faf9cf8f4fc1b8714f74aa5b9868a0
770bd578abd980441ad92b3163f755bbddf90c36fa1a62f2d651acac210a48e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/mmr/9c072bdd-1645851486.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 04:26:26 GMT
ETag: "1280288-5551d-5e4491eed74f5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

attitudesinreverse.org/wp-content/plugins/all-in-one-event-calendar/cache/de1bb79a_ai1ec_parsed_css.css

72.167.78.206

200 OK

78 kB

URL HTTP/1.1
attitudesinreverse.org/wp-content/plugins/all-in-one-event-calendar/cache/de1bb79a_ai1ec_parsed_css.css
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
78 kB (77573 bytes)
Hash
4664b4d01a2be8e2f6a684d38f1abd97
c802d98681ba62504359f8bed35e14f18765a9b5
02c0d23592d2cb7a637f64639a7748f3255ad5ebbf984ba073942b209f1aa475

HTTP Headers

GET /wp-content/plugins/all-in-one-event-calendar/cache/de1bb79a_ai1ec_parsed_css.css HTTP/1.1
Host: attitudesinreverse.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 06 Jul 2018 23:09:08 GMT
ETag: "1a61964-41d49-5705cc03bcd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/css

www.host.air.ngo/wp-content/mmr/454e0fba-1506553112.min.css

72.167.78.206

200 OK

45 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/mmr/454e0fba-1506553112.min.css
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
45 kB (44814 bytes)
Hash
71d47421fa100e29207c6c4ee5aa50ed
31ea81f2eed926b0c066c98ac4b21dd31cf249bf
7edc3d6e156b04060ed6c6c6b1b1a8be0d17cffd7dbdacdc43293c1377fd51dd

HTTP Headers

GET /wp-content/mmr/454e0fba-1506553112.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:44 GMT
ETag: "128038c-6898b-5e449200bf2cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 44814
Keep-Alive: timeout=5
Content-Type: text/css

www.host.air.ngo/wp-content/mmr/aa0c1e55-1553871245.min.css

72.167.78.206

200 OK

73 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/mmr/aa0c1e55-1553871245.min.css
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
73 kB (73333 bytes)
Hash
a945078916a4f94621e188f1205bebb3
528c5cee4484519e51fcfc69a867f05518bd3e77
d2ffa725cd94f11bc6e6b40ba4578f6c5cc16d010c4004add117bb22769e36d8

HTTP Headers

GET /wp-content/mmr/aa0c1e55-1553871245.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:44 GMT
ETag: "128038b-93803-5e4492009df8b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/css

www.host.air.ngo/wp-content/mmr/abfa0b30-1443645801.min.css

72.167.78.206

200 OK

54 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/mmr/abfa0b30-1443645801.min.css
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
54 kB (54446 bytes)
Hash
37dd997a8f250d0fbfde5bcc43f14632
62db26fa44a485f7739ef1455a5a237e66f7a98b
9b20caeec38b2d38c19e8e66b7f09c5a62673cafe2516138e52459b32016136f

HTTP Headers

GET /wp-content/mmr/abfa0b30-1443645801.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:25 GMT
ETag: "1280265-51e56-5e4491edc6d77-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 54446
Keep-Alive: timeout=5
Content-Type: text/css

www.host.air.ngo/wp-content/mmr/a9092a64-1537291471.min.css

72.167.78.206

200 OK

66 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/mmr/a9092a64-1537291471.min.css
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66526 bytes)
Hash
18c2c2f35b7fe7333600e9a5d85d43fa
65b04f25720dcd1bfbe8d8aa841e497d01ab3abe
51a58c7c98e3d89858bc58cdaf2e8360984c831719c8ebcd31e46fc3e21ec36b

HTTP Headers

GET /wp-content/mmr/a9092a64-1537291471.min.css HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 21 Jul 2022 04:26:29 GMT
ETag: "1280339-be579-5e4491f1f916f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/css

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10585
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10585
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10585
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 06:37:16 GMT
Connection: keep-alive

www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Mobile.png

72.167.78.206

200 OK

964 B

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Mobile.png
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 60 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
964 B (964 bytes)
Hash
be7313a3e00cea1214b4e92ae8994ff5
82d84e512df1e6f57689b156baf6070e56bc05c0
a5c9e4880e53ab5c73949de24e90d5816e6a0fc62cd8b1f05377ef4afa8d238b

HTTP Headers

GET /wp-content/uploads/2015/09/AIR_Logo_Mobile.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:34 GMT
ETag: "1be063b-3c4-568a1b11c5280"
Accept-Ranges: bytes
Content-Length: 964
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

www.host.air.ngo/wp-content/uploads/2015/09/Air-Logo-Web-Versions-Wide_Mobile.png

72.167.78.206

200 OK

1.6 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2015/09/Air-Logo-Web-Versions-Wide_Mobile.png
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 170 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1616 bytes)
Hash
4e027bd01062608b402aeae842f5dcd3
e6317d91660e7efeec297c1a00fc6da60400c27c
9627db9cc6b66c7c2886bf7cd6c03acc947cd5ba321f73259fc61116127f2e9b

HTTP Headers

GET /wp-content/uploads/2015/09/Air-Logo-Web-Versions-Wide_Mobile.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:31 GMT
ETag: "1be0640-650-568a1b0ee8bc0"
Accept-Ranges: bytes
Content-Length: 1616
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop.png

72.167.78.206

200 OK

2.6 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop.png
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 144 x 111, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2567 bytes)
Hash
8db14987833ca79bfe9871cb55f6fa78
ab7e02d8c04a1eadea10ff14d8c11ba4f223bc38
b7912d342c9d8cc5d995572084ee1ab2efda5c525df398601e9713a193d08784

HTTP Headers

GET /wp-content/uploads/2015/09/AIR_Logo_Desktop.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:37 GMT
ETag: "1be0639-a07-568a1b14a1940"
Accept-Ranges: bytes
Content-Length: 2567
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 30415
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14221 bytes)
Hash
83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 30517
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 30403
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3Aregular%2C500&ver=3.13.4

142.250.74.106

200 OK

8.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3Aregular%2C500&ver=3.13.4
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
8.9 kB (8860 bytes)
Hash
adad52fa71b1bf340d1dfd3cbe9a6c24
22317e3a208d4de081d6390705a1fa4ab7a6e986
d142290587eba2a60d8d4ad8198a6d6a63e496f0553d043968fda1a21a7f0a86

HTTP Headers

GET /css?family=Roboto%3Aregular%2C500&ver=3.13.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 06:37:16 GMT
date: Sat, 04 Feb 2023 06:37:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9141 bytes)
Hash
f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 30226
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 31752
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44

142.250.74.40

302 Found

251 B

URL HTTP/1.1
www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
251 B (251 bytes)
Hash
14d579177a5cecc7be9e1477607323c8
25f95d742456fadc3c583e16b2483861d5dedafe
254a9d462ca1dc2a5bca6e363d2bc4bf346f9b36d51931cd3ab80c9edd0f2850

HTTP Headers

GET /gtm.js?id=GTM-KQ4BV44 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-KQ4BV44
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 04 Feb 2023 06:37:16 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/1.1
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.host.air.ngo
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:41:24 GMT
Expires: Fri, 02 Feb 2024 00:41:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
Age: 194152

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.host.air.ngo
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 254718
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.host.air.ngo/wp-content/mmr/4bbf2d7f-1645851486.min.js

72.167.78.206

200 OK

137 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/mmr/4bbf2d7f-1645851486.min.js
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
137 kB (137267 bytes)
Hash
fbfcd42c360992732761ecc16ab13458
6e5ed57a9ee25aaa6c8652d47851f388e468d5b2
d730a8e4663bb266960024b6d91ccc4421cb83928edc7f40c163c2abd63035f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/mmr/4bbf2d7f-1645851486.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 04:26:27 GMT
ETag: "128028b-8659f-5e4491eff0145-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

cdn.sucuri.net/badge/badge.js

192.124.249.16

200 OK

3.3 kB

URL HTTP/2
cdn.sucuri.net/badge/badge.js
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text
Size
3.3 kB (3313 bytes)
Hash
25db683a54bb4440d466bf9aed8ee510
c322fae782f73039dfe5edd8987dfb60daccf91e
2a116fbb01adc832de9e40d83751f068237ee3a4f6f5637e60afa0bd012b4f50

HTTP Headers

GET /badge/badge.js HTTP/1.1
Host: cdn.sucuri.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:37:17 GMT
content-type: application/javascript
content-length: 3313
x-sucuri-id: 19016
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 31 May 2017 03:54:14 GMT
etag: "cf1-550c9df9fe580"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173

72.167.78.206

200 OK

10 kB

URL HTTP/1.1
www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21405), with CRLF, LF line terminators
Size
10 kB (10246 bytes)
Hash
f5c76bfb81f5424f88133499db361034
a6d6846c71b8a992b87e52b0675ac0062486ebbc
d5acc9c3dfa699be369b713d462ddac66611636ac2b6a8f189ba0ad4ace0ab5d

HTTP Headers

GET /?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173 HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:16 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10246
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

platform.twitter.com/widgets.js

93.184.220.66

200 OK

28 kB

URL HTTP/1.1
platform.twitter.com/widgets.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (38752)
Size
28 kB (27630 bytes)
Hash
8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368

HTTP Headers

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 412
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:17 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F715)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630

www.google-analytics.com/ga.js

216.239.36.178

200 OK

17 kB

URL HTTP/1.1
www.google-analytics.com/ga.js
IP
216.239.36.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sat, 04 Feb 2023 05:08:15 GMT
Expires: Sat, 04 Feb 2023 07:08:15 GMT
Cache-Control: public, max-age=7200
Age: 5342
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript

www.google-analytics.com/analytics.js

216.239.36.178

200 OK

20 kB

URL HTTP/1.1
www.google-analytics.com/analytics.js
IP
216.239.36.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sat, 04 Feb 2023 06:03:19 GMT
Expires: Sat, 04 Feb 2023 08:03:19 GMT
Cache-Control: public, max-age=7200
Age: 2038
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript

www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js

72.167.78.206

200 OK

1.7 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (4058), with no line terminators
Size
1.7 kB (1654 bytes)
Hash
8273dccfc6f9a92621d3511e27be7e17
9dacf494138157d6b5dcb1db3d4430c7eeef9cd0
3cac694b342a69d842510c68cab812b65b6640873710c52d4a496754fa0ee440

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 00:43:46 GMT
ETag: "1aa16df-fda-5735a80a37480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1654
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

216.239.36.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.36.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 05:44:08 GMT
expires: Sat, 04 Feb 2023 07:44:08 GMT
cache-control: public, max-age=7200
age: 3189
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4

216.58.207.194

200 OK

935 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2033), with no line terminators
Size
935 B (935 bytes)
Hash
edffee978a75f9de2b575749d2189d97
de942600a4f8d78e65b797b4d568a3b6928f193a
b8bc37c8e378a70a992fa0aaabeaf97b8fa4c1775f84e3a1efc10dd615932d59

HTTP Headers

GET /pagead/viewthroughconversion/845910069/?random=1675492670590&cv=11&fst=1675492670590&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&auid=847080542.1675492671&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 935
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 06:52:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4

142.250.74.164

302 Found

63 B

URL HTTP/2
www.google.com/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&ct_cookie_present=1

216.58.207.194

200 OK

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 06:52:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X.png

72.167.78.206

200 OK

5.8 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X.png
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 288 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5763 bytes)
Hash
eed5881179a496ea3b067417c06392ec
52060f6dd3e6f6cc4d6bafb337df7431f27b042d
58e33c3551e530eb92d097afbea9ffcd60f0b0fa2d2ccbe5f63af630a28a50d8

HTTP Headers

GET /wp-content/uploads/2015/09/AIR_Logo_Desktop-2X.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:38 GMT
ETag: "1be0638-1683-568a1b1595b80"
Accept-Ranges: bytes
Content-Length: 5763
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X-150x150.png

72.167.78.206

200 OK

9.1 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2015/09/AIR_Logo_Desktop-2X-150x150.png
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
9.1 kB (9073 bytes)
Hash
915cbe795fc5afd47b8bb444f1ca91ec
e5135a2e8f584f5e4eb451e1da72bfa443d78e9c
abb0164e062a57e5358c0db8ed0b5d7879eb598ebfb77c679e49aa70f00bbd8d

HTTP Headers

GET /wp-content/uploads/2015/09/AIR_Logo_Desktop-2X-150x150.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Fri, 30 Mar 2018 14:02:38 GMT
ETag: "1be0637-2371-568a1b1595b80"
Accept-Ranges: bytes
Content-Length: 9073
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e16924e677b1cf77abc2c90c36b01b58
7608b4371357596c60d3ff2aed7fa181a3e8fefc
485a64335baac7fd3bfcc0063493c27ab58a8fe46e0873fc64f619c19cd8c59b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.ytimg.com/vi/aGHrcfXNF5k/hqdefault.jpg

216.58.207.246

200 OK

16 kB

URL HTTP/2
i.ytimg.com/vi/aGHrcfXNF5k/hqdefault.jpg
IP
216.58.207.246:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
16 kB (16306 bytes)
Hash
8b4daac142e3393e9226bf3bd2c4a6c5
791c3817141265a5470c22bf1d3b44e4fe331b4a
bba2e185fe65310a4a946deb19729b2db7ddda729fafaaeb2364f33884039147

HTTP Headers

GET /vi/aGHrcfXNF5k/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 16306
date: Sat, 04 Feb 2023 06:37:17 GMT
expires: Sat, 04 Feb 2023 08:37:17 GMT
cache-control: public, max-age=7200
etag: "1393453524"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo

93.184.220.66

200 OK

105 kB

URL HTTP/1.1
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size
105 kB (105435 bytes)
Hash
58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789

HTTP Headers

GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fwww.host.air.ngo HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896042
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:17 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435

www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/img/youtube.png

72.167.78.206

200 OK

42 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/plugins/rocket-lazy-load/assets/img/youtube.png
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 64 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42449 bytes)
Hash
57c754062bf0068582dffb5e2a35a736
ce111a1b92561189a8c4526df1160c93babee089
e80b8c98ec2670982044c7f67688e82e59aebce59360cb7e03f973f3ef3341d7

HTTP Headers

GET /wp-content/plugins/rocket-lazy-load/assets/img/youtube.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 00:43:46 GMT
ETag: "1a82685-a5d1-5735a80a37480"
Accept-Ranges: bytes
Content-Length: 42449
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e16924e677b1cf77abc2c90c36b01b58
7608b4371357596c60d3ff2aed7fa181a3e8fefc
485a64335baac7fd3bfcc0063493c27ab58a8fe46e0873fc64f619c19cd8c59b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.host.air.ngo/wp-content/uploads/2018/03/dark-1.png

72.167.78.206

200 OK

149 B

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2018/03/dark-1.png
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 1200 x 2, 8-bit/color RGBA, non-interlaced\012- data
Size
149 B (149 bytes)
Hash
f8b111fcabf67d202ef38ab060af2168
e7b658309990845c2303f9194af69089e0cad3e7
7793010be642a25943ac112b45bc9ec14a6e845ef6d940d41b15f1f32423a9f5

HTTP Headers

GET /wp-content/uploads/2018/03/dark-1.png HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Sat, 17 Mar 2018 06:18:29 GMT
ETag: "1be08a0-95-56795b17b7740"
Accept-Ranges: bytes
Content-Length: 149
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=769490249&utmhn=www.host.air.ngo&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&utmhid=45572740&utmr=-&utmp=%2F&utmht=1675492672069&utmac=UA-29493171-1&utmcc=__utma%3D68077320.315079370.1675492672.1675492672.1675492672.1%3B%2B__utmz%3D68077320.1675492672.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412474969&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

216.239.36.178

200 OK

35 B

URL HTTP/1.1
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=769490249&utmhn=www.host.air.ngo&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&utmhid=45572740&utmr=-&utmp=%2F&utmht=1675492672069&utmac=UA-29493171-1&utmcc=__utma%3D68077320.315079370.1675492672.1675492672.1675492672.1%3B%2B__utmz%3D68077320.1675492672.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412474969&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
IP
216.239.36.178:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=769490249&utmhn=www.host.air.ngo&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&utmhid=45572740&utmr=-&utmp=%2F&utmht=1675492672069&utmac=UA-29493171-1&utmcc=__utma%3D68077320.315079370.1675492672.1675492672.1675492672.1%3B%2B__utmz%3D68077320.1675492672.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=412474969&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 06:37:17 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
47596e29084bc770512471731d8627f1
ff10d540287425c2476aaffd4e321679cdef048c
015c3fbcf2992381d1e027318a028058b1d4ff44f32a7b8f7ad1d3d9d82b2c82

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1701
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Last-Modified: Sat, 04 Feb 2023 06:08:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0

142.250.74.163

200 OK

63 B

URL HTTP/2
www.google.no/pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/845910069/?random=1675492670600&cv=11&fst=1675492670600&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=30UMCLCYhoABELWgrpMD&hn=www.google.com&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&gtm_ee=1&auid=847080542.1675492671&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.host.air.ngo/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/845910069/?random=1675492670590&cv=11&fst=1675490400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=869811340&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/845910069/?random=1675492670590&cv=11&fst=1675490400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=869811340&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/845910069/?random=1675492670590&cv=11&fst=1675490400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.host.air.ngo%2F&tiba=Attitudes%20In%20Reverse%20%E2%80%93%20Start%20THE%20Conversation%2C%20Reverse%20an%20Attitude%2C%20Save%20a%20Life!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=869811340&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:37:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

syndication.twitter.com/settings?session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f

104.244.42.200

200 OK

326 B

URL HTTP/2
syndication.twitter.com/settings?session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f
IP
104.244.42.200:0
ASN
#13414 TWITTER

File type
JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Size
326 B (326 bytes)
Hash
11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff

HTTP Headers

GET /settings?session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:37:17 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sat, 04 Feb 2023 06:37:18 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 47b734169210df7d
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 104
x-connection-hash: b5f74fb4298f8dca0cd965547de1250a4bf71c90b866b2b867da0c8e5280d251
X-Firefox-Spdy: h2

www.host.air.ngo/wp-content/uploads/2019/04/Miki-Open-AIR.jpg

72.167.78.206

200 OK

85 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2019/04/Miki-Open-AIR.jpg
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 619x960, components 3\012- data
Size
85 kB (85270 bytes)
Hash
db6954d418dfbcdceea0ddc678beed58
8ebe22a6be3d863b4a43d145173ab9e7bf469186
c88f82293e015af58269d95fd70e372d0ea9521e5b61d6192facea46b267b8f8

HTTP Headers

GET /wp-content/uploads/2019/04/Miki-Open-AIR.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
Last-Modified: Sat, 06 Apr 2019 01:24:55 GMT
ETag: "1be0d5c-14d16-585d2788287c0"
Accept-Ranges: bytes
Content-Length: 85270
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg

www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173

72.167.78.206

200 OK

10 kB

URL HTTP/1.1
www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21405), with CRLF, LF line terminators
Size
10 kB (10246 bytes)
Hash
f5c76bfb81f5424f88133499db361034
a6d6846c71b8a992b87e52b0675ac0062486ebbc
d5acc9c3dfa699be369b713d462ddac66611636ac2b6a8f189ba0ad4ace0ab5d

HTTP Headers

GET /?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173 HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:17 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10246
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.host.air.ngo/wp-content/uploads/resized/775b07c75b4ec6c4c756504e3793be3c/walk_for_air_2013.jpg

72.167.78.206

200 OK

32 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/resized/775b07c75b4ec6c4c756504e3793be3c/walk_for_air_2013.jpg
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 376x160, components 3\012- data
Size
32 kB (32152 bytes)
Hash
d3324767003c2fbb9525e1b66b7017a5
bb9dd578561485da8ffdd06ba68537a2c9e773e7
0bb61d286d22336294c32fe317220e5adf808f70af865951ef88edc32e31ecce

HTTP Headers

GET /wp-content/uploads/resized/775b07c75b4ec6c4c756504e3793be3c/walk_for_air_2013.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Thu, 02 Aug 2018 09:52:10 GMT
ETag: "1be0d7a-7d98-57270c3c62680"
Accept-Ranges: bytes
Content-Length: 32152
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg

www.host.air.ngo/wp-content/uploads/2018/04/Kurt-Tricia-and-Katelyn-Attitudes-in-Reverse-compressor.jpg

72.167.78.206

200 OK

18 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2018/04/Kurt-Tricia-and-Katelyn-Attitudes-in-Reverse-compressor.jpg
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 325x217, components 3\012- data
Size
18 kB (18162 bytes)
Hash
7b6c465e1c0f410c7e0b2de52eb4cd96
f87dc7eaca8cf4820e8bbaf6a37be04b6381de9a
c8efcfe7fd916e3529fa111ef6682ec2059e3dbb4cac98ecb4cf6df16a973d74

HTTP Headers

GET /wp-content/uploads/2018/04/Kurt-Tricia-and-Katelyn-Attitudes-in-Reverse-compressor.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Sun, 01 Apr 2018 10:39:09 GMT
ETag: "1be09df-46f2-568c715518d40"
Accept-Ranges: bytes
Content-Length: 18162
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg

www.host.air.ngo/wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js

72.167.78.206

200 OK

64 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (35602)
Size
64 kB (64178 bytes)
Hash
dff245a3d1f86d167418636d6106e1d5
baf1723c3bde8cbcbaa3f09a666473788d8feee3
a1119d3b41818e2dd1ada5fe606ca6d2c9c8a2158603d1cdb57ea3c46225b867

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/cache/nextend/web/combined/a7f064d1f7719f694b8fdc5b74cc1a8d.js HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Thu, 20 Dec 2018 03:10:35 GMT
ETag: "13e0fad-3cfdf-57d6b796220c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.host.air.ngo/wp-content/uploads/2018/03/Kurt-compressor-resize.gif

72.167.78.206

200 OK

64 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/2018/03/Kurt-compressor-resize.gif
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
GIF image data, version 89a, 224 x 320\012- data
Size
64 kB (64336 bytes)
Hash
c40ce764c0859f45236da5fce137066d
410c207d9649593621918f80bed9f778f42b8320
5a89f4accf6fb4e6da07e90611fed6792942a093223a25487859b1979db7c87f

HTTP Headers

GET /wp-content/uploads/2018/03/Kurt-compressor-resize.gif HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Sun, 01 Apr 2018 10:40:15 GMT
ETag: "1be0888-fb50-568c71940a1c0"
Accept-Ranges: bytes
Content-Length: 64336
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
56c9fb1b7dfda5ddcf0b6cd7ca444606
d38ff1afe1ed9a44a873dfb0e9a2ef2b67c50851
1d661bfe5859e44e12881da67255b563459ad924e4e3185c7e4cf7da99a5a02a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 06:37:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 01:20:32 GMT
Expires: Sun, 05 Feb 2023 01:20:32 GMT
ETag: "d38ff1afe1ed9a44a873dfb0e9a2ef2b67c50851"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.host.air.ngo/wp-content/uploads/resized/1ed1c9913af6a5c40e3b2687e0668f14/Fist-Annual-Miki-Friends-Walk-Run-for-A.I.R.960x352.jpg

72.167.78.206

200 OK

287 kB

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/resized/1ed1c9913af6a5c40e3b2687e0668f14/Fist-Annual-Miki-Friends-Walk-Run-for-A.I.R.960x352.jpg
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 960x352, components 3\012- data
Size
287 kB (287277 bytes)
Hash
01c1248eb7e418a3ef40afdb790a0e8a
9c7b5a64551e17ffbf5f4bdb0c102818d7f33414
75ac6caa31ecd74d691f270e31547d640a4dec5fb94bb41597fafd0513751be8

HTTP Headers

GET /wp-content/uploads/resized/1ed1c9913af6a5c40e3b2687e0668f14/Fist-Annual-Miki-Friends-Walk-Run-for-A.I.R.960x352.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Wed, 09 Jan 2019 07:21:22 GMT
ETag: "1be0d72-4622d-57f014f14a080"
Accept-Ranges: bytes
Content-Length: 287277
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg

cdn.sucuri.net/badge/badge-godaddy.css

192.124.249.16

200 OK

11 kB

URL HTTP/2
cdn.sucuri.net/badge/badge-godaddy.css
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (4986)
Size
11 kB (10693 bytes)
Hash
9cd95fdcc55854a6ad15140582d76f2a
7cebe06e382e486b922eb844abcbbac1d90ae468
97f5e5c65f87533b941317231fcb0901de1f6d410a9fc5ce12a9c0ceb4dc81a1

HTTP Headers

GET /badge/badge-godaddy.css HTTP/1.1
Host: cdn.sucuri.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:37:18 GMT
content-type: text/css
content-length: 10693
x-sucuri-id: 19016
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 May 2017 17:41:13 GMT
etag: "29c5-55070d7f0e040"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js

93.184.220.66

200 OK

3.0 kB

URL HTTP/1.1
platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (8260), with no line terminators
Size
3.0 kB (2964 bytes)
Hash
289f70783495bd412699d3080161a29c
c9c5efdabe8101011e0dc60cc8b653653d7daf1f
67be101c65d59fa643c74d21dadc929eef0b79421a1e5f4622dbb1c3284b4631

HTTP Headers

GET /js/timeline.16b53cc33aaa562f8f41a495bf720289.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896041
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:19 GMT
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2964

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-118313524-1&cid=315079370.1675492672&jid=1127726081&gjid=97625966&_gid=1422018058.1675492672&_u=YEBAAUAAAAAAACAAI~&z=1110760584

64.233.165.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-118313524-1&cid=315079370.1675492672&jid=1127726081&gjid=97625966&_gid=1422018058.1675492672&_u=YEBAAUAAAAAAACAAI~&z=1110760584
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-118313524-1&cid=315079370.1675492672&jid=1127726081&gjid=97625966&_gid=1422018058.1675492672&_u=YEBAAUAAAAAAACAAI~&z=1110760584 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.host.air.ngo
Connection: keep-alive
Referer: http://www.host.air.ngo/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://www.host.air.ngo
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 06:37:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.74

200 OK

34 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33951
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 03:27:57 GMT
Expires: Sat, 03 Feb 2024 03:27:57 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 97762
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8

syndication.twitter.com/srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486

104.244.42.200

200 OK

16 kB

URL HTTP/2
syndication.twitter.com/srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
IP
104.244.42.200:0
ASN
#13414 TWITTER

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65296), with no line terminators
Size
16 kB (16099 bytes)
Hash
e2fe6225dc8198b7260a354808032f57
a93b68dd49024cdeda3d3df237868a5c7e7428b5
4c84bafcaa7ea3795ce69a31e8115d5be86514b4fc267b6b432ebaa54120bde8

HTTP Headers

GET /srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.host.air.ngo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:37:19 GMT
etag: "24c7a-qlM5q0I+8tzElG6MiQVSFYotw78"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: e569eb64acf53270
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 16099
x-response-time: 830
x-connection-hash: b5f74fb4298f8dca0cd965547de1250a4bf71c90b866b2b867da0c8e5280d251
X-Firefox-Spdy: h2

platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js

93.184.220.66

200 OK

2.2 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (4155), with no line terminators
Size
2.2 kB (2234 bytes)
Hash
48a927c41072f5796731387d71328bce
17ea7ef4f55d98a091d4f1d2951003ca69c75fc4
5ed9748db26cb54cc994c0ea96bc05aa96b5b8cc23cdfae6fc169743a729c1c3

HTTP Headers

GET /_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199664
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "3c59d8987afc673c8c0655b21a2e0858+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2234

platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

93.184.220.66

200 OK

96 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (95842 bytes)
Hash
869fd45e2b95e749fda642bd000a7c35
ccc71357b3b6190d935437ef9ce72a7eb7abc7fe
520f12b3f009d368f69b2910367e2182e69a4eba3fed134331603abf3549d2ed

HTTP Headers

GET /_next/static/chunks/modules.20f98d7498a59035a762.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 95842

platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js

93.184.220.66

200 OK

90 B

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
1d1fa0644a94523711b2bb99a8d652bc
7fe6c07d5f75c483662b7de1befae5284d7afc8e
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

HTTP Headers

GET /_next/static/chunks/main-fd9ef5eb169057cda26d.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90

platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js

93.184.220.66

200 OK

668 B

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1338), with no line terminators
Size
668 B (668 bytes)
Hash
a89c7430b892cb0e48c80509386cce38
2db0ffe7707d4ea752666b85d613b19ac3e32e29
06f314d281c0480b56cccf3fadc95acf6e6a95c7b0bb5860923d32fda9c88b37

HTTP Headers

GET /_next/static/chunks/pages/_app-88bf420a57d49e33be53.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668

platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js

93.184.220.66

200 OK

1.3 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (13508), with no line terminators
Size
1.3 kB (1290 bytes)
Hash
ceaefa8dbb25d1fcdcc03eb51b3bad58
31a55bb25041e12c5baf5e3c10c1ca9f1224d2c2
b20cdf2d284b3138299ad84c4840bb787d204faa201049a7ea417bdadbf76d98

HTTP Headers

GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1290

platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js

93.184.220.66

200 OK

451 B

URL HTTP/1.1
platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1325), with no line terminators
Size
451 B (451 bytes)
Hash
7fd2849742282ee323e46e5068b5d59f
aaa75f6f3cdcd73e3fad4cf5dfafe67283b2fcea
ef5371b79b0be51f24f7ccba4abbf57ff5a16745ca7303cd4f958180a302fc02

HTTP Headers

GET /_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 451

platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js

93.184.220.66

200 OK

76 B

URL HTTP/1.1
platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

HTTP Headers

GET /_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199663
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76

platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js

93.184.220.66

200 OK

12 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (38311), with no line terminators
Size
12 kB (12051 bytes)
Hash
e9152435e6cbecaad6c1606afd0edf57
a396f1f0a5615066aabab74644fedd50ec360fe5
17e23603b958fb3c95f0783f6305781d16a4dd966a9592d2facd56d4f9678398

HTTP Headers

GET /_next/static/chunks/16.83edf0a92864b221c4c2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "cc91d8b3ed42cb1fdceb72053c094b19+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12051

platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js

93.184.220.66

200 OK

7.7 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (23122), with no line terminators
Size
7.7 kB (7674 bytes)
Hash
73baa3debbf84cb65f7e594ac3fba515
e78e5f5502aa0699efa7946012a52918d4dbff57
9fd4a9285078cb2898430bf965b39ca27b98fb48f0a97f52746ccad0f87e73fc

HTTP Headers

GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674

platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js

93.184.220.66

200 OK

1.3 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (2558), with no line terminators
Size
1.3 kB (1276 bytes)
Hash
fbfe9c7bbfc4a737388d8eaf1fbcf291
5fa25c339b216d7f437a9ab355f9f64372b1a1c2
7fe34550767b1cffdba1f955cfc374520ec909fe76799eb43a1daed3e5f681a9

HTTP Headers

GET /_next/static/chunks/6.23c33d3dbf51f67f2970.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199712
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276

platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js

93.184.220.66

200 OK

39 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
39 kB (39063 bytes)
Hash
298a7dfda72b1dc8e83328c282f202a4
348d741871e8c92950faf30fc5bf6a60adb02ee0
99654e867ed549caf1f6dcdba8afa1bd0ea2f3c089f7daded0a49fdf5af34e08

HTTP Headers

GET /_next/static/chunks/1.33d5194e3e24fe3f42e2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199712
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "eede84fca518a97ffc0d7f8a062820b9+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 39063

platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js

93.184.220.66

200 OK

67 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (66820 bytes)
Hash
6daaa66e067adf091d7d7417f8ba56dd
fa37d93fa118af2d2be630e6a0044f58b6a4fda1
655fef49b15129489c6375f65bcc70a9cc7e0f15e03f79208ad34100d6805715

HTTP Headers

GET /_next/static/chunks/4.c99a76747fd916e95958.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896045
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "813fe12fe49871b42d9cd17b5f80c663+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 66820

platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js

93.184.220.66

200 OK

106 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
106 kB (106305 bytes)
Hash
c6c50729484946cb7fb6a8bb5954ad36
24ff6dfd5c1934ce93e245c19a4f3efe6c0b0ddd
db4627b96900954722287c501edb87b454f83401556eb77fb497d17c7f25938f

HTTP Headers

GET /_next/static/chunks/0.12059cc9aae4f779ab68.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896045
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "145185fec2c06c3409682e5df48acdf8+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 106305

platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js

93.184.220.66

200 OK

2.8 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (7266), with no line terminators
Size
2.8 kB (2822 bytes)
Hash
8be16d98914bca0c28d6ca4ff70da965
482e130207a08ea6477aae9e0e7cff18e43b1a99
d4780fd20a4b9f4ab4e00778ea83cdd250fe047735485b0b5fb782fc872dd3a3

HTTP Headers

GET /_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199662
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2822

abs-0.twimg.com/emoji/v2/svg/1f49a.svg

104.244.43.131

200 OK

266 B

URL HTTP/2
abs-0.twimg.com/emoji/v2/svg/1f49a.svg
IP
104.244.43.131:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Size
266 B (266 bytes)
Hash
61a3f7c83e8eebd89c1827841eeafc33
a015e348efd54902d14ee99f7638456d0b5afab3
61d3e6712403767dda53b10a374f6f74ebc751ba00503a59135fc5bfe9c69901

HTTP Headers

GET /emoji/v2/svg/1f49a.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "NSIUY+Is9owosjtkeaQ2Ew=="
expires: Thu, 16 Mar 2023 06:25:07 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:04 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:20 GMT
x-served-by: cache-fty21343-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 266
X-Firefox-Spdy: h2

abs-0.twimg.com/emoji/v2/svg/1f499.svg

104.244.43.131

200 OK

269 B

URL HTTP/2
abs-0.twimg.com/emoji/v2/svg/1f499.svg
IP
104.244.43.131:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Size
269 B (269 bytes)
Hash
447e7ceb235c75a10156ee9d4101dd82
014a10acd3cbcdf3d4b970e6e0ebc23ac017151a
d1f62abb7b3ef3db9f0c15144b31916d5904f8fe95e8bc432d2c47694bca11e3

HTTP Headers

GET /emoji/v2/svg/1f499.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "43yYXt2ga31fRVm8g4wb3g=="
expires: Fri, 10 Jun 2022 07:37:35 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:04 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:20 GMT
x-served-by: cache-fty21358-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 269
X-Firefox-Spdy: h2

platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js

93.184.220.66

200 OK

6.2 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (24067), with no line terminators
Size
6.2 kB (6183 bytes)
Hash
f1b93cfe355af74f3daee1f14f07e022
eefb466022541b8abe13275b16e3522e52b70837
28991370e4b80e2428d2a5a7be03036f284ced278dc821ad152baff6d92ab560

HTTP Headers

GET /_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "795a024b9fe49518f14d917058dbd4e5+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6183

platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js

93.184.220.66

200 OK

60 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
60 kB (60079 bytes)
Hash
014a3d9faba09140b4ae58971d7605e1
b81798cc7985ba39e48184ea5e0d2f207a8b3acc
245fe3f3d8020aa29e07b49aec71e0e2b7d45059a30279e601864f0a88d10744

HTTP Headers

GET /_next/static/chunks/loaders.card.DefaultCard.d08263922db4f1764adc.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199711
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "223819c131ed2e2b1f86bbabf99ac3a1+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 60079

abs-0.twimg.com/emoji/v2/svg/1f64f-1f3fc.svg

104.244.43.131

200 OK

694 B

URL HTTP/2
abs-0.twimg.com/emoji/v2/svg/1f64f-1f3fc.svg
IP
104.244.43.131:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1511), with no line terminators
Size
694 B (694 bytes)
Hash
8a02cfbd2cd9aaad4fa1100abddfc78e
71736093735f7dcc80a98939b5a35c4f7bd5c45b
f9cf55addc74cc356f9916d7c945335addf8a87c94dcb7a25157ac55dd03315b

HTTP Headers

GET /emoji/v2/svg/1f64f-1f3fc.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "fr/k4bLC5hcrreGWCDj+LQ=="
expires: Wed, 08 Jun 2022 09:51:27 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:11 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:20 GMT
x-served-by: cache-fty21338-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 694
X-Firefox-Spdy: h2

abs-0.twimg.com/emoji/v2/svg/2764.svg

104.244.43.131

200 OK

268 B

URL HTTP/2
abs-0.twimg.com/emoji/v2/svg/2764.svg
IP
104.244.43.131:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Size
268 B (268 bytes)
Hash
95e1d04b43b41695bcabf7c8f4b121cf
785b7a4f7b0819f76b228ee74e2bc209d7a32d57
398e85423b6964eb4dbd3581bfb4eacfa5c7db0eabb8506cd9ee1838ab8f26af

HTTP Headers

GET /emoji/v2/svg/2764.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: "BIPytkjcyYbQE4UGIFKuHA=="
expires: Thu, 09 Jun 2022 07:29:22 GMT
last-modified: Fri, 10 Aug 2018 17:46:01 GMT
strict-transport-security: max-age=631138519
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:21 GMT
x-served-by: cache-fty21366-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 268
X-Firefox-Spdy: h2

abs-0.twimg.com/emoji/v2/svg/1f384.svg

104.244.43.131

200 OK

1.0 kB

URL HTTP/2
abs-0.twimg.com/emoji/v2/svg/1f384.svg
IP
104.244.43.131:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2576), with no line terminators
Size
1.0 kB (1013 bytes)
Hash
9f5b1758f8f3a64d237660dff80ed683
aba4eb695abefc7d1b63be2bb4ba5abd35fa26e0
b8ed4b18992de2972b772f5f860812defa25c9bd9a505bb00cc18a387e3e16f5

HTTP Headers

GET /emoji/v2/svg/1f384.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "L1MxRFpGR68rsxeGKzhQKg=="
expires: Fri, 30 Sep 2022 07:54:45 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:50 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:21 GMT
x-served-by: cache-fty21346-FTY, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1013
X-Firefox-Spdy: h2

platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js

93.184.220.66

200 OK

42 kB

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41941 bytes)
Hash
47d134ddc26f8303a63f5077210e691d
208e6b463d3f86f8d627c9cc9b4e8a0ba4dc3adf
a4b68569485df549adb77e2c5ba911661d62f141e65678b7523e685822e5a05f

HTTP Headers

GET /_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 896047
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:21 GMT
Etag: "5e006b62c5bde14eb6fa194e2cee465c+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941

abs.twimg.com/sticky/animations/like.4.json

152.199.21.141

200 OK

1.9 kB

URL HTTP/2
abs.twimg.com/sticky/animations/like.4.json
IP
152.199.21.141:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (24291)
Size
1.9 kB (1897 bytes)
Hash
c5203df5bd1440c2fdf4b44f0eb3116a
6b928e79e59b281eb5b9f5c2ad608f81078b5869
0b638ce107a37db0734fcd82af97d1dd575c246d737949c5414aa1dc549540e3

HTTP Headers

GET /sticky/animations/like.4.json HTTP/1.1
Host: abs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndication.twitter.com/
Origin: https://syndication.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 9207962
content-type: application/json
date: Sat, 04 Feb 2023 06:37:21 GMT
etag: "YKYmOkwIx9KztN7bQT7x8g=="
expires: Sun, 04 Feb 2024 06:37:21 GMT
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
perf: 7626143928
server: ECAcc (ska/F695)
strict-transport-security: max-age=631138519
surrogate-key: twitter-assets
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
vary: Accept-Encoding
x-cache: HIT
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
x-content-type-options: nosniff
x-response-time: 10
x-ton-expected-size: 24292
x-transaction-id: 80afab27525733bc
content-length: 1897
X-Firefox-Spdy: h2

syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675492675780%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.host.air.ngo%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AAttitudesInRev%22%7D&dnt=1&session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f

104.244.42.200

200 OK

43 B

URL HTTP/2
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675492675780%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.host.air.ngo%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AAttitudesInRev%22%7D&dnt=1&session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f
IP
104.244.42.200:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675492675780%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.host.air.ngo%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AAttitudesInRev%22%7D&dnt=1&session_id=a884368f1a6033b5f3b448ecb0cbac30be6dd39f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/AttitudesInRev?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=250px&origin=http%3A%2F%2Fwww.host.air.ngo%2F&sessionId=a884368f1a6033b5f3b448ecb0cbac30be6dd39f&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:37:20 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sat, 04 Feb 2023 06:37:21 GMT
content-length: 43
x-transaction-id: bdaf22e7c86e43a6
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: b5f74fb4298f8dca0cd965547de1250a4bf71c90b866b2b867da0c8e5280d251
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1521117360085733377/EgDVw9py_normal.jpg

151.101.244.159

200 OK

2.4 kB

URL HTTP/2
pbs.twimg.com/profile_images/1521117360085733377/EgDVw9py_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.4 kB (2415 bytes)
Hash
550b072b46c56104c53254161a309574
266e266345a7d7a912e80a57da209538a809ab1d
0f537d45eb85944c7d7f70cdc856724005ef4f645389c68bc56190b8206f9d04

HTTP Headers

GET /profile_images/1521117360085733377/EgDVw9py_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 02 May 2022 13:18:14 GMT
x-transaction-id: 25419f9819cceed0
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:21 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7372-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2415
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1613777470154588160/CCBdqSDr_normal.png

151.101.244.159

200 OK

6.0 kB

URL HTTP/2
pbs.twimg.com/profile_images/1613777470154588160/CCBdqSDr_normal.png
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced\012- data
Size
6.0 kB (5987 bytes)
Hash
39161d823b6f55fefb1f12558cdefb57
65f7affb07a99f666af18b05c6bfee09ddca42ca
178f4f67ebfe3c372ba63bbdc0b601cf83d8acd3fa0cc1d479ee03f03b071696

HTTP Headers

GET /profile_images/1613777470154588160/CCBdqSDr_normal.png HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 13 Jan 2023 05:56:26 GMT
x-transaction-id: 5a5d3e7001c28cf2
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/png
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7323-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 5987
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/653019595343708160/lcNBdDub_normal.jpg

151.101.244.159

200 OK

1.7 kB

URL HTTP/2
pbs.twimg.com/profile_images/653019595343708160/lcNBdDub_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.7 kB (1731 bytes)
Hash
8d020d26f7c2e586358d41d9957bfae5
51d450f23fa5c03c7d4d8fe617125b800be024f4
b0468fda4d1e16fb5519f4f573bcfda1cdeca276d1b24ae116b7d416fd11974e

HTTP Headers

GET /profile_images/653019595343708160/lcNBdDub_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 11 Oct 2015 01:27:38 GMT
x-transaction-id: 700fae280f1032e5
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7375-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 1731
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1935042354/Twitter-Star-Ledger-Avatar-Logo_normal.gif

151.101.244.159

200 OK

1.2 kB

URL HTTP/2
pbs.twimg.com/profile_images/1935042354/Twitter-Star-Ledger-Avatar-Logo_normal.gif
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 48 x 48\012- data
Size
1.2 kB (1241 bytes)
Hash
b90ee6807a8c84f354230588bd72c624
e6eab019886dae8afd17fd27b5b4215e29a81c19
f351003a6cbdade7350607dd068bd3241f185a80ac6cfd6c45e493918b6e7929

HTTP Headers

GET /profile_images/1935042354/Twitter-Star-Ledger-Avatar-Logo_normal.gif HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
x-transaction-id: 897a786a940103c7
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/gif
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7331-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1241
X-Firefox-Spdy: h2

pbs.twimg.com/media/FLzQo95XoAgpN47?format=jpg&name=120x120

151.101.244.159

200 OK

5.4 kB

URL HTTP/2
pbs.twimg.com/media/FLzQo95XoAgpN47?format=jpg&name=120x120
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 119x120, components 3\012- data
Size
5.4 kB (5357 bytes)
Hash
12f4dc2e785bc945069f639bb5fb1e3f
caa0761b9d20bfe61c15a3d480996cc60c546f6a
a5662b4eba48a41e3ae15377d2bd5b44da97e08c10b985fe14a3e34f2e356f89

HTTP Headers

GET /media/FLzQo95XoAgpN47?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 17 Feb 2022 13:09:58 GMT
x-transaction-id: a53098e327acd80f
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7322-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 5357
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1294791914529619969/p7FIeaDi_normal.jpg

151.101.244.159

200 OK

2.3 kB

URL HTTP/2
pbs.twimg.com/profile_images/1294791914529619969/p7FIeaDi_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.3 kB (2339 bytes)
Hash
a5466f8de84cfedd1790ff4cef15e7dd
ae00458a96cbf081441f136bc0490e0591e42e40
03de3b0e00ec4b422cc4a56d0da283372c5a92eb744e253ebe88fce53985682e

HTTP Headers

GET /profile_images/1294791914529619969/p7FIeaDi_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 16 Aug 2020 00:21:43 GMT
x-transaction-id: 6e3fd56470afe22b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7356-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2339
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_normal.jpg

151.101.244.159

200 OK

2.2 kB

URL HTTP/2
pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.2 kB (2187 bytes)
Hash
fc61b12a77366b8264c74bc901244898
c873fce5ffe13d9d430219198b9929ddb8b69d0b
17586c948ed343ad22306eab90c7445d1c58d5eb1cac754d2bf34f90cd2d478b

HTTP Headers

GET /profile_images/1341148539619962885/ePn3wjsr_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 21 Dec 2020 22:26:23 GMT
x-transaction-id: aefef4ab2c0c6eae
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7354-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2187
X-Firefox-Spdy: h2

pbs.twimg.com/media/FLzQo97XMAIvWm4?format=jpg&name=240x240

151.101.244.159

200 OK

10 kB

URL HTTP/2
pbs.twimg.com/media/FLzQo97XMAIvWm4?format=jpg&name=240x240
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 208x240, components 3\012- data
Size
10 kB (10102 bytes)
Hash
a9229e3d2c0d1229d860d19ce0276f4e
1d2e607cb11c2abfa70814ee801f90681cb1593a
94a360d4312014d5f30d211f4dff0a7438c78a471f30ea9117c748c8c5d997fb

HTTP Headers

GET /media/FLzQo97XMAIvWm4?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 17 Feb 2022 13:09:58 GMT
x-transaction-id: 927a65fcfb573843
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7389-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 10102
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1460251482100576264/gyS9LMdQ_normal.jpg

151.101.244.159

200 OK

2.1 kB

URL HTTP/2
pbs.twimg.com/profile_images/1460251482100576264/gyS9LMdQ_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.1 kB (2111 bytes)
Hash
0e676933b17ada4b2cdc0245420ff58f
ad9f65c2613bfd066e2dcc10d7396926de274e65
02aad68f4e4bfc867b96258c16527cd7623458eda2f83996e73e0d58efef0936

HTTP Headers

GET /profile_images/1460251482100576264/gyS9LMdQ_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 15 Nov 2021 14:18:58 GMT
x-transaction-id: c03b15ed17542bff
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7335-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2111
X-Firefox-Spdy: h2

pbs.twimg.com/media/FLzQo97XwAE03jA?format=jpg&name=240x240

151.101.244.159

200 OK

16 kB

URL HTTP/2
pbs.twimg.com/media/FLzQo97XwAE03jA?format=jpg&name=240x240
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x180, components 3\012- data
Size
16 kB (16474 bytes)
Hash
0a1a223edeaec8c076f4c6b8a659a0e0
354b8307cf46ec1a8e08a0e88d1f66521aaa9b2f
62ed7aa471ae4a1de1dc970cb3b3f1d909a57b9364f7e3d41d5c1d5eab0530c9

HTTP Headers

GET /media/FLzQo97XwAE03jA?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 17 Feb 2022 13:09:58 GMT
x-transaction-id: c992c68920cbf886
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:22 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7374-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 16474
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1180492296657276929/P2doHiGm_normal.jpg

151.101.244.159

200 OK

2.3 kB

URL HTTP/2
pbs.twimg.com/profile_images/1180492296657276929/P2doHiGm_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.3 kB (2263 bytes)
Hash
e2155d095502a45c4fb44ac648dc6abe
f02ae6abd1c89a10246f06fcbcc28e93c01ad737
f7ca6288cf557701b12fa1c56c7828542e060762b22ca1bc3fe57963ee72a4cf

HTTP Headers

GET /profile_images/1180492296657276929/P2doHiGm_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 05 Oct 2019 14:35:50 GMT
x-transaction-id: 6c6f5c00c89573ea
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7357-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2

pbs.twimg.com/media/FJuIFQuXoAE9uGz?format=jpg&name=small

151.101.244.159

200 OK

72 kB

URL HTTP/2
pbs.twimg.com/media/FJuIFQuXoAE9uGz?format=jpg&name=small
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 514x680, components 3\012- data
Size
72 kB (72451 bytes)
Hash
6bb2141125798a09b44b875eaf86bf5f
8ed8c6663b079bb39b2b288ace61829d604c560c
5878d842570babbd5dbbd1765c9730e74c911bda3708360199a2df4754cde38a

HTTP Headers

GET /media/FJuIFQuXoAE9uGz?format=jpg&name=small HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 22 Jan 2022 16:43:05 GMT
x-transaction-id: e597adf42500a1cc
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7345-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 72451
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_mini.jpg

151.101.244.159

200 OK

1.6 kB

URL HTTP/2
pbs.twimg.com/profile_images/1341148539619962885/ePn3wjsr_mini.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 24x24, components 3\012- data
Size
1.6 kB (1556 bytes)
Hash
dce867fa0bffed40d38ce444ca3227e4
ac843ee79cbb993ed3e52be3e202d775827e016a
7e206d71975c3f7a572179a3e2a560f784f5ba208b6984cf8dd989333e59f647

HTTP Headers

GET /profile_images/1341148539619962885/ePn3wjsr_mini.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 21 Dec 2020 22:26:23 GMT
x-transaction-id: 2b719e18cb24ed40
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7338-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 1556
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5917 bytes)
Hash
75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 29981
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pbs.twimg.com/media/FHYSeLQWUAI2vGm?format=jpg&name=360x360

151.101.244.159

200 OK

18 kB

URL HTTP/2
pbs.twimg.com/media/FHYSeLQWUAI2vGm?format=jpg&name=360x360
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x274, components 3\012- data
Size
18 kB (17720 bytes)
Hash
2f13d167994122436f60ab25ef4c9085
1646d6d95c2691479a53d94962911a59c297328b
3990d63fd1477eea0c49909161c8f7ba04153ce694f275cedcea1bb7755c7134

HTTP Headers

GET /media/FHYSeLQWUAI2vGm?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 24 Dec 2021 14:25:26 GMT
x-transaction-id: 1a68cf3fd095a19b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 04 Feb 2023 06:37:23 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7337-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 17720
X-Firefox-Spdy: h2

www.host.air.ngo/wp-content/uploads/resized/8ebf1c6127581d5d9c48701f294f9d83/2012-08-27_AIR_Awards_2012_401-e1383019049691.jpg

72.167.78.206

200 OK

0 B

URL HTTP/1.1
www.host.air.ngo/wp-content/uploads/resized/8ebf1c6127581d5d9c48701f294f9d83/2012-08-27_AIR_Awards_2012_401-e1383019049691.jpg
IP
72.167.78.206:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/resized/8ebf1c6127581d5d9c48701f294f9d83/2012-08-27_AIR_Awards_2012_401-e1383019049691.jpg HTTP/1.1
Host: www.host.air.ngo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.host.air.ngo/?n2prerender=1&n2app=smartslider&n2controller=slider&n2action=iframe&sliderid=10&hash=11aa9934b643b6d6149df357982d8173
Cookie: devicePixelRatio=1; _gcl_au=1.1.847080542.1675492671; _ga=GA1.2.315079370.1675492672; _gid=GA1.2.1422018058.1675492672; _gat_gtag_UA_118313524_1=1; _gat_UA-116676792-1=1; __utma=68077320.315079370.1675492672.1675492672.1675492672.1; __utmb=68077320.1.10.1675492672; __utmc=68077320; __utmz=68077320.1675492672.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:37:18 GMT
Server: Apache
Last-Modified: Wed, 19 Dec 2018 22:51:41 GMT
ETag: "1be0d7f-cf8b-57d67db7c1940"
Accept-Ranges: bytes
Content-Length: 53131
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg

platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js

93.184.220.66

200 OK

0 B

URL HTTP/1.1
platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/3.9ea9198afb6f33351d13.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199712
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 04 Feb 2023 06:37:20 GMT
Etag: "b504a1691341799c78aca542f5795340+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 166211

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (56)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML