r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4510
Expires: Wed, 23 Nov 2022 11:39:00 GMT
Date: Wed, 23 Nov 2022 10:23:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6159
Cache-Control: max-age=93004
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:50 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:13:54 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10147
Expires: Wed, 23 Nov 2022 13:12:57 GMT
Date: Wed, 23 Nov 2022 10:23:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 10:17:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 403
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /0ZXjlKpbSde2nStNpQq0QDyLVLFQidTDC4cI3UPrXIr5EBVBlYruQkoG23Mcyp2ElMRtUduCaI=
x-amz-request-id: E3720RB783QWNZYR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 09:39:57 GMT
age: 2633
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 10:23:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 759
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 546
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:50 GMT
Last-Modified: Wed, 23 Nov 2022 10:14:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2zcz4qrNyeTmWnG71WQmaw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u53xoO+y2OvQn0FLrJaXQE1cJPo=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8883
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8883
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8883
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8883
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:23:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 05:01:14 GMT
age: 19358
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:42 GMT
age: 45070
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 218956a7601433bcf0f6ff484dbd5b52
d005c3afc835a854efdfa9cceb54b81153bb9899
dcc6527a7705c8e870e6aaf6744319ba0541a9fdfef58ca897361309d11b2b2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6180
x-amzn-requestid: 77d0b21a-db56-431c-8bc1-15ce409beadd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE2FyqIAMFnEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-6661a45a00c174e87e789791;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 4i-DyxmOE3pf55HCp1_oYxYPupFwEdMiQH8YRPQlyj-HMHtlRUfS4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:59:00 GMT
age: 23092
etag: "d005c3afc835a854efdfa9cceb54b81153bb9899"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cdc70ea570bedb3a19294a2e3cfcb1b
c3abc52da2458971b00416c5513894a8b60389f0
71f4c91b66b84d7bff6416d8efd1b95ca3aa3543a25489553d1acb6cd9b77308
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 7bb62ac1-5774-4e82-8438-9eded7ea71a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JKMGFMIAMFovg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef0d-06bd21480b42efd67f62c690;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FjB6qa579_iDdG_QfQwnlYUEnwv0vZHG0JetZw_gtSVuet7BROTwDw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:49:34 GMT
age: 45258
etag: "c3abc52da2458971b00416c5513894a8b60389f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed56d033b6595fa91a4c513c0ed7cdd4
ef87cc22637f94451f116905bfe096fff3e73d86
02f79fe867a07f3fdd1ad932da67a9a2df8c07ad4172b0aad2f61ee6b67a72fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9355
x-amzn-requestid: d801efd0-da4a-405a-b1b4-ebd17a784129
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-LA6FwuoAMFRxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bf205-1d28acc046a79a4e4df8aabe;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:47:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IZZbByT9It-u1_v1M9O1pTF65pwOSGBeCVgCtDisb6-kZiN76R3lkg==
via: 1.1 b04d82bf2bc15ab146955a862be263f0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:54:39 GMT
age: 41353
etag: "ef87cc22637f94451f116905bfe096fff3e73d86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gtzOoH3--VR9BQTHvU5vInc6yhBcK0-O1oBbVJpAhpRRqqKY8vAf_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:48 GMT
age: 45484
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tcpermaculture.com/site/
192.185.21.178500 Internal Server Error 11 kB IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1746), with CRLF, LF line terminators
Hash 47f4c3d1c7cc948145e6253fd3511fa8
9a2b5fe5ab6483d898d70d908bedeb2f813c6ba1
3fa4f2c74b410b5552618dcdc6d0ddd321526d7ada545f591fa108482bc724ee
Analyzer Verdict Alert fortinet Phishing
GET /site/ HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 500 Internal Server Error
Date: Wed, 23 Nov 2022 10:23:50 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Link: <http://tcpermaculture.com/site/wp-json/>; rel="https://api.w.org/", <http://tcpermaculture.com/site/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Encoding: gzip
Content-Length: 11197
Content-Type: text/html; charset=UTF-8
platform-api.sharethis.com/js/sharethis.js
143.204.55.116301 Moved Permanently 167 B URL HTTP/1.1 platform-api.sharethis.com/js/sharethis.js
IP 143.204.55.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 23 Nov 2022 10:23:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://platform-api.sharethis.com/js/sharethis.js
X-Cache: Redirect from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ykGu2NVBdbOdw9-vFltLD32gWFer1u1qG_k1VmEDYNZGrCNEXR2jpA==
fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese
142.250.74.10200 OK 580 B URL HTTP/1.1 fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese
IP 142.250.74.10:0
Hash 58a34938f7b1832ecd99a909f4e2cae4
72e13c00e817491a4a13a56047bb816f163160cb
32f8877c8357f53dd86fde3ba9cc5adb13f6de20a8b3439aaf921ac5848b049c
GET /css?family=PT+Sans:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 23 Nov 2022 10:23:52 GMT
Date: Wed, 23 Nov 2022 10:23:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Antic+Slab:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese
142.250.74.10200 OK 273 B URL HTTP/1.1 fonts.googleapis.com/css?family=Antic+Slab:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese
IP 142.250.74.10:0
Hash bb89282f2bd62fb2b4e0f5c4f9c31f39
fca215aede96fd4e4ed8de8f4b56e2c54d9e4886
99e169791e781b87c4e27dca3f85f08d846ede42e405b68e50c52c15dec9c9ae
GET /css?family=Antic+Slab:400,400italic,700,700italic&subset=latin,greek-ext,cyrillic,latin-ext,greek,cyrillic-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 23 Nov 2022 10:23:52 GMT
Date: Wed, 23 Nov 2022 10:23:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
tcpermaculture.com/site/wp-content/themes/Avada/css/media.css
192.185.21.178200 OK 3.9 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/css/media.css
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ca571dbb3dfa542be8f15aafb124a200
e4ca8182109c06ac0bce62318fcc781d4bf03ea2
54a3e9154ef50763f8789a4855b752ccf7430a514c98327135cc09645a09e0e9
GET /site/wp-content/themes/Avada/css/media.css HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3884
Keep-Alive: timeout=5, max=75
Content-Type: text/css
tcpermaculture.com/site/wp-content/themes/Avada/style.css
192.185.21.178200 OK 15 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/style.css
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (402)
Hash a367865235b674fac7e73b6608da2ad5
c78af809f7df2040aafbcec4695b2de27a1276ca
6264e006463e1b308a6f9f174b966b9107600ffa0ac665efee34b6df499b3e34
GET /site/wp-content/themes/Avada/style.css HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15151
Keep-Alive: timeout=5, max=75
Content-Type: text/css
tcpermaculture.com/site/wp-content/plugins/pinterest-pin-it-button/css/public.css?ver=2.1.0.1
192.185.21.178200 OK 469 B URL HTTP/1.1 tcpermaculture.com/site/wp-content/plugins/pinterest-pin-it-button/css/public.css?ver=2.1.0.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 78cc9addaee7dbb0e8b3631278ae9257
aba929efbc04e3b2e1a3767ccd3aeabe116f4317
f932c1ce80b0abb8bba756c9d9d057f92007c354c28355adfa94f8873a9a43e9
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/plugins/pinterest-pin-it-button/css/public.css?ver=2.1.0.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 29 May 2016 06:10:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 469
Keep-Alive: timeout=5, max=75
Content-Type: text/css
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/css/layerslider.css?ver=4.1.1
192.185.21.178200 OK 3.2 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/css/layerslider.css?ver=4.1.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ca5ca4b5d6c64bc6ccc78076071f24dd
86a0c833c8878a9cdcc7104f61c9c0e01a233263
507de77835c1f070f7cf63bc40c83dc184652273b71154f4e8fadc527502cd30
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/LayerSlider/css/layerslider.css?ver=4.1.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3213
Keep-Alive: timeout=5, max=75
Content-Type: text/css
tcpermaculture.com/site/wp-includes/css/dist/block-library/style.min.css?ver=5.1.12
192.185.21.178200 OK 5.6 kB URL HTTP/1.1 tcpermaculture.com/site/wp-includes/css/dist/block-library/style.min.css?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25245), with no line terminators
Hash 0adb00828ab6fbc558d16170c65e3eba
57a669175415a32d0015bdee5ecbe5e98c18d498
fddd028b16fff5fcc7faabd864b0b7f034f369199b1bdb6d51668e02dcbcbe99
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-includes/css/dist/block-library/style.min.css?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 19 Jan 2022 06:03:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5637
Keep-Alive: timeout=5, max=75
Content-Type: text/css
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/css/settings.css?ver=5.1.12
192.185.21.178200 OK 4.7 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/css/settings.css?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash ffc01d8186a2142fabc8a6b25d9ceb1c
a40d515434ca2935154658557df3c4238d2a6fb2
a260fae7885be81fb63c6ea2c5dc1c6d356bf17728057b234c277d9a41ee732b
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/css/settings.css?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 04 Apr 2013 17:30:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4668
Keep-Alive: timeout=5, max=75
Content-Type: text/css
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/css/captions.css?ver=5.1.12
192.185.21.178200 OK 907 B URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/css/captions.css?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c28aa65e4bf0d71c673a573ac8450b35
174b1d641bc91413e056f234e515d27b4c8e2e0f
0e2d09c3df356026a97d5688fd89fb3c408600593d981b22570a9910cbe9588d
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/css/captions.css?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Sun, 07 Apr 2013 20:37:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 907
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/tf-flexslider/assets/css/style.css?ver=1.0.1
192.185.21.178200 OK 980 B URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/tf-flexslider/assets/css/style.css?ver=1.0.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b2feed65ad7686f56cd4a676f16d8205
405de51ce3d754bc59669aa08684cf2515cc8e8c
c620c9be8a3877cd48ec20ec56a4ec510db04a14988da3c92eeac2b0117c8095
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/tf-flexslider/assets/css/style.css?ver=1.0.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 980
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/tf-flexslider/assets/css/flexslider.css?ver=1.0.1
192.185.21.178200 OK 1.6 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/tf-flexslider/assets/css/flexslider.css?ver=1.0.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (365)
Hash 377dee7595025b1ec1fb941b83d934a5
c3b1ed9821fde2637c074715323394d2aa37ff7e
15c9ee92c6241c3671321c628c90166f9c647cf90970a11b5a1f1e837870e3e3
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/tf-flexslider/assets/css/flexslider.css?ver=1.0.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1639
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
tcpermaculture.com/site/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
192.185.21.178200 OK 4.4 kB URL HTTP/1.1 tcpermaculture.com/site/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9959)
Hash 1e40dfe689f1e989e1a3de2e3c6e26bf
4196eddc5203fd18f63e90065d777f757088ca2f
b40b1ef07db6e093ad2df064e8cb582906eb2448e1caacc2f5b721cd5d0e3cb4
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 06:03:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4444
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.1.12
192.185.21.178200 OK 1.3 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5269), with no line terminators
Hash c0a5abb1a2c0a286a1c126bbbefde67d
106d91185b33a76a5b699a1e9e7542972b3b4a79
48305a02d4071cb39776b2e393bbd998f6cbd974a55e46959e035ff61e9396bf
GET /site/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 06:29:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1285
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
tcpermaculture.com/site/wp-content/themes/Avada/js/jquery.flexslider-min.js?ver=5.1.12
192.185.21.178200 OK 6.7 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/js/jquery.flexslider-min.js?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (527)
Hash 3b4ca07fda3b6ca1be7793e20979a440
824d56f65d35bc7999db25492a872c818b785016
3e62ba30066fc5630fe28160778fe1f7bbb9298316ead9545696cd7ea0d922ef
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/js/jquery.flexslider-min.js?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6694
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/js/jquery.easing.js?ver=5.1.12
192.185.21.178200 OK 2.8 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/js/jquery.easing.js?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash def61d453b55428f36bf1e9fa6c30183
7034d21982faba0d22d7085d7f071c16b5014629
862ec44fdd4dd0cf0580f7852ecf15dc07a21b664505023845d8843bd13f1393
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/js/jquery.easing.js?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2763
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/js/jquery.fitvids.js?ver=5.1.12
192.185.21.178200 OK 654 B URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/js/jquery.fitvids.js?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (738)
Hash f6607df659df6ef88276d7f5be6171c4
5535ae1fa21f43abbc85973da66b5ea3e8d1e03f
349df61d6bde895810b4b84ad35f4c5ba2e9281deba64bc1b847d358fcb7eb8b
GET /site/wp-content/themes/Avada/js/jquery.fitvids.js?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 654
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0
192.185.21.178200 OK 2.8 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e4db53ec6a26d9c38fe227a16e1ed928
74d021bdaeaa6a270bb99822bc5cabb1ddbf79ea
fe5d7b8fb8804e8b1d14968010e9e449c08494cd1d116032d503d2430db5b209
GET /site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2796
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9
192.185.21.178200 OK 3.4 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6299)
Hash 9d857ab280aadcf108cfef361a97613b
05875ec2219de0e943a07d965925d26e2aa8c95e
6878ebe17094a04f3b6104252f780922c5f363ccb1caf470186d7fe034bbc86c
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3353
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-includes/js/jquery/jquery.js?ver=1.12.4
192.185.21.178200 OK 43 kB URL HTTP/1.1 tcpermaculture.com/site/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31997)
Hash db3a0076514643ba73afd55e1a83d176
762702ae91e53968444bd2d9d743539d04c29642
a96be560ba0bbbf51a4d02e4a60f523e1470bfb6a2a72881a77bb8963a343842
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 06:03:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.1.1
192.185.21.178200 OK 18 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.1.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (41573)
Hash c5119215662bdc5dffd50e2d11c6e680
f8036c5c7c4e54d4dd523f65da7277f0cf0b60bb
478fba6aeb7e3067d7aa69244b3dd3da1f601e65d296e25177241ead41fda2b5
GET /site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.1.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17767
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.1.1
192.185.21.178200 OK 3.1 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.1.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17882)
Hash edb4da47d5abb519ef3d99931ec2d870
b629dca67bda7704809ba7b7c1d0604ed1937b5b
d90c8af1f87c29961b206a8fe24fdd447882258a4c1c0b1c602a2677df004aee
GET /site/wp-content/themes/Avada/framework/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.1.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3060
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=5.1.12
192.185.21.178200 OK 6.5 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14598), with CRLF line terminators
Hash 590c8aeb58cb23cec0bf3dd7d0c8ec04
e5c3061d5b09a57faf2d870eccc3280874a07ef5
206abb42b049600190c10205ab7fd5b07f68925d2dc9380aa1d1a6a9afeb95e9
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6477
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.1
192.185.21.178200 OK 2.3 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.1
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8371), with no line terminators
Hash 2535d9ecb1cf671b498f9aac42b27aef
5d95d599eed36d1c2e433ed122545d99eea92b29
c7839e1e3877dab790543321c0f89da3796dc78e53d85f2d1975f4d0ddd88e5b
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.1 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 06:29:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2334
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
platform-api.sharethis.com/js/sharethis.js
143.204.55.116200 OK 61 kB URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP 143.204.55.116:0
File type ASCII text, with very long lines (2054)
Hash a3d8255e8358eec870278047a8d30514
fd2aea76c28b12ed461255a517538ac7b0248bd7
47b97c0b6cbb8713922f0148d892d26b2b18a7506f2270208a5747aaa0889bb5
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tcpermaculture.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Wed, 23 Nov 2022 10:20:20 GMT
cache-control: max-age=600, public
etag: W/"30217-4R/x1mcbHYoN8J5L8eO1d9Nv/qY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bj_Z2ccDBY-duiMZ9IXkEi5okIqeuJItZWBfHIHpI9xPy76saDuhcg==
age: 212
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=5.1.12
192.185.21.178200 OK 15 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (55679), with CRLF line terminators
Hash e4a831799adb0eea2c0844bdbdfd7540
193aca5c9b66eb1ee95dbec1cd57a43f76aa708e
0b182f434f238862618d08db3e088b686a5cb3a2704d82532d7bf98c942d4af0
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/themes/Avada/framework/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14928
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.195200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://tcpermaculture.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 45300
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 17 Nov 2022 21:39:24 GMT
Expires: Fri, 17 Nov 2023 21:39:24 GMT
Cache-Control: public, max-age=31536000
Age: 477869
Last-Modified: Wed, 27 Apr 2022 16:11:08 GMT
Content-Type: font/woff2
tcpermaculture.com/site/wp-includes/js/wp-emoji-release.min.js?ver=5.1.12
192.185.21.178200 OK 4.6 kB URL HTTP/1.1 tcpermaculture.com/site/wp-includes/js/wp-emoji-release.min.js?ver=5.1.12
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9071)
Hash 122e21d07df6406b4339db3edac0c8bd
b5d303d757a55542e58dc7c5d1c3cd7bb4079752
594b3412cfe7c3b48cb88f6200dc609267714d73da6c1941a2db9c938ab2f75f
GET /site/wp-includes/js/wp-emoji-release.min.js?ver=5.1.12 HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 06:03:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4634
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
tcpermaculture.com/site/wp-content/themes/Avada/images/white/facebook.png
192.185.21.178200 OK 3.0 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/images/white/facebook.png
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 9 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 4369d148f31af95696015a03b8af1941
4f308ce230662d44174e2254b84680924520e508
73ca00aee868fb2665928383f2f70bb0e7b4473fcb8b0e6ad433c65becc179a4
GET /site/wp-content/themes/Avada/images/white/facebook.png HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/wp-content/themes/Avada/css/all.css
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Content-Length: 2951
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
tcpermaculture.com/site/wp-content/themes/Avada/images/white/twitter.png
192.185.21.178200 OK 2.9 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/themes/Avada/images/white/twitter.png
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 13 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 862d47c0a38f1b6a10989fa9686aa370
5adec77244cfd21ee5c9c294b8ecbd31e545e026
3ff253f6e296836c039daecfd7afea05669851eba021dceaff0d5b28571cb14f
GET /site/wp-content/themes/Avada/images/white/twitter.png HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/wp-content/themes/Avada/css/all.css
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Fri, 05 Apr 2013 01:57:26 GMT
Accept-Ranges: bytes
Content-Length: 2936
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
tcpermaculture.com/site/wp-content/uploads/2013/04/TC_Permaculture_Logo1-300x103.jpg
192.185.21.178200 OK 61 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/uploads/2013/04/TC_Permaculture_Logo1-300x103.jpg
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 9.0 Macintosh, datetime=2012:01:21 13:36:53], baseline, precision 8, 300x103, components 3\012- data
Hash c1183918776214792ab7add96cb3a0af
740d4c7a2b0c1e585f07b6aa634eb688a43b17f1
14a8810ef755d78174bcf14065bd1a477182cbb56ef552bffe4254f935978fc8
GET /site/wp-content/uploads/2013/04/TC_Permaculture_Logo1-300x103.jpg HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Sun, 07 Apr 2013 18:35:05 GMT
Accept-Ranges: bytes
Content-Length: 61245
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
tcpermaculture.com/site/wp-content/uploads/2013/04/Museo_Slab_500_2-webfont.woff
192.185.21.178200 OK 30 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/uploads/2013/04/Museo_Slab_500_2-webfont.woff
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 30076, version 1.0\012- data
Hash bee63b26f2dbbd6ba926ad64153d6e99
e0e438b8d7031388ccd8f4aa61174984f0407b60
89a52bd7fe06ab0713c1558e0777be71b57be4c437f8a76dcd578547c4e87840
Analyzer Verdict Alert fortinet Phishing
GET /site/wp-content/uploads/2013/04/Museo_Slab_500_2-webfont.woff HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:53 GMT
Server: Apache
Last-Modified: Thu, 11 Apr 2013 16:34:43 GMT
Accept-Ranges: bytes
Content-Length: 30076
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: font/woff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085436500705486
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085436500705486
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash f3fef51081abfa45e79faabf351db161
102645e85b7bcbfb85e63a97e0bcc3ca5f496077
17a37a7f8092793e100ed878f60f94771bce98dbeb06781d05522bfb812d69a7
GET /pagead/js/adsbygoogle.js?client=ca-pub-3085436500705486 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tcpermaculture.com
Connection: keep-alive
Referer: http://tcpermaculture.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 23 Nov 2022 10:23:54 GMT
expires: Wed, 23 Nov 2022 10:23:54 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5988312142716960864
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tcpermaculture.com/site/wp-content/uploads/2017/04/TC_Permaculture_Circle_small.png
192.185.21.178200 OK 73 kB URL HTTP/1.1 tcpermaculture.com/site/wp-content/uploads/2017/04/TC_Permaculture_Circle_small.png
IP 192.185.21.178:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash c7130b8355ebd7ae49b1af21ab3c0f49
156e8857e53aded4d9617f6d12bcf92860ac05f1
a2158a6047d86ee084d94b0318eb860ce4a66fe358fcc2d20e6fce18fc3bae73
GET /site/wp-content/uploads/2017/04/TC_Permaculture_Circle_small.png HTTP/1.1
Host: tcpermaculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tcpermaculture.com/site/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:23:54 GMT
Server: Apache
Last-Modified: Mon, 03 Apr 2017 15:18:24 GMT
Accept-Ranges: bytes
Content-Length: 72605
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash dcce578105517a77ee96260a5f758e7b
3140f83775a0d0fadc73fd5a06e156bec5afd3de
8812d0da4c920689bbeadeda104f00cb55806f2c2e10c4ec07883b947cd7e057
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119017
Date: Wed, 23 Nov 2022 10:23:54 GMT
Etag: "637d112c-1d7"
Expires: Thu, 24 Nov 2022 19:27:31 GMT
Last-Modified: Tue, 22 Nov 2022 18:13:00 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bnDuMDtsTJpEIdKRoLiSO3CVxCPXA9UD6QRh0dw-4jNXLbwr0iMkpw==
Age: 4471
l.sharethis.com/pview?event=pview&hostname=tcpermaculture.com&location=%2Fsite%2F&product=ga&url=http%3A%2F%2Ftcpermaculture.com%2Fsite%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Temperate%20Climate%20Permaculture%20Temperate%20Climate%20Permaculture&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Your%20source%20for%20Permaculture%20Design%20in%20a%20Temperate%20Climate!
35.157.109.18204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=tcpermaculture.com&location=%2Fsite%2F&product=ga&url=http%3A%2F%2Ftcpermaculture.com%2Fsite%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Temperate%20Climate%20Permaculture%20Temperate%20Climate%20Permaculture&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Your%20source%20for%20Permaculture%20Design%20in%20a%20Temperate%20Climate!
IP 35.157.109.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=tcpermaculture.com&location=%2Fsite%2F&product=ga&url=http%3A%2F%2Ftcpermaculture.com%2Fsite%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Temperate%20Climate%20Permaculture%20Temperate%20Climate%20Permaculture&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Your%20source%20for%20Permaculture%20Design%20in%20a%20Temperate%20Climate! HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tcpermaculture.com
Connection: keep-alive
Referer: http://tcpermaculture.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: http://tcpermaculture.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 23 Nov 2022 10:23:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 942e48a42959a84a8fb01744fd2caf86
a3659e206ba81e8549afa2d9138060148883ba90
7b84fbd99ebee52b8eb3b3d506ffc4ff9d15bd2bd211fc4003a20fe3ef171501
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=tcpermaculture.com&callback=_gfp_s_&client=ca-pub-3085436500705486&gpid_exp=1
172.217.21.162200 OK 260 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=tcpermaculture.com&callback=_gfp_s_&client=ca-pub-3085436500705486&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (403), with no line terminators
Hash fde38c5ca89cb398301f14d6dfc8267e
0e4cc896df55eeaefcdb1d10ab5ea320632ea230
a13d24cc38a198cdb85b9c42dbadad047db9ded87b2019955f452931ca506fee
GET /gampad/cookie.js?domain=tcpermaculture.com&callback=_gfp_s_&client=ca-pub-3085436500705486&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tcpermaculture.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 23 Nov 2022 10:23:54 GMT
server: cafe
cache-control: private
content-length: 260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=tcpermaculture.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=tcpermaculture.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=tcpermaculture.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tcpermaculture.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 23 Nov 2022 10:23:54 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=tcpermaculture.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=tcpermaculture.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=tcpermaculture.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tcpermaculture.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 23 Nov 2022 10:23:54 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 942e48a42959a84a8fb01744fd2caf86
a3659e206ba81e8549afa2d9138060148883ba90
7b84fbd99ebee52b8eb3b3d506ffc4ff9d15bd2bd211fc4003a20fe3ef171501
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ad551ace7091b0bcbb73a9f0b0758b00
6f66566bd59661ddbe2cb8d84c2f54fc88d80f20
285174281781fecaca35ea75d2460b2585335b0ecf15f80b15575041bf385894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tcpermaculture.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 23 Nov 2022 10:23:54 GMT
expires: Wed, 23 Nov 2022 10:23:54 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tcpermaculture.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:10:36 GMT
expires: Wed, 22 Nov 2023 20:10:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 51198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:23:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 28f3ac6b0fdaf08dd52aeddd2872fd20
5a59831b673e920cb49277cf17989b9252c503cb
bebed653da81574a92fa941b7c2bcb143b210698bfec96982397869f177fc585
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tcpermaculture.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Nov 2022 10:23:54 GMT
date: Wed, 23 Nov 2022 10:23:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-A5vwmQ96k5QJcAkUJnrI5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2