envsciencegroup.com/
66.96.130.139301 Moved Permanently 236 B IP 66.96.130.139:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 95f89d704af708add88da189fe00fe84
7e11613011faea32dd6c00dc147da6834f62e145
35c05fe28dfbcc83207341550fa7b1ed3360db7e2d01185b7ff291337e47e5ef
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 12:38:25 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 236
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.3.2
X-Redirect-By: WordPress
Location: https://envsciencegroup.com/
Age: 750
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21047
Expires: Wed, 30 Nov 2022 18:29:12 GMT
Date: Wed, 30 Nov 2022 12:38:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3383
Cache-Control: max-age=168557
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:25 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:27:42 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 12:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1124
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8454
Expires: Wed, 30 Nov 2022 14:59:19 GMT
Date: Wed, 30 Nov 2022 12:38:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IJp5pRqCgXlj+cvGptyTy4uARGGosMm+aAFmQ8FM//pIEl9C4G3Ev30fCAEdfCiKHPyCeaSiVJU=
x-amz-request-id: 6602E5AQ4BCSRRWZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 11:45:13 GMT
age: 3192
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 12:38:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 12:11:14 GMT
cache-control: public,max-age=3600
age: 1632
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a389a551cb7f0aa32a8852800bd8ed69
1857099a62f4766bbda0354688c74728ce3fe7f1
cfb340186e92fb00c22b18269230221eb6ef914e4c343d60b83f072022e5fae3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFB340186E92FB00C22B18269230221EB6EF914E4C343D60B83F072022E5FAE3"
Last-Modified: Tue, 29 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 30 Nov 2022 18:38:26 GMT
Date: Wed, 30 Nov 2022 12:38:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3386
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:26 GMT
Last-Modified: Wed, 30 Nov 2022 11:42:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F2mbZW9mQ5Sa08rUvFYqgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4TYEYE5tDWozWf9iz0RTaxzAjMI=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8412
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8412
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8412
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:38:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8412
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:38:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 52228
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 53620
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 53723
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 52015
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 52896
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 53621
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
envsciencegroup.com/
66.96.130.139200 OK 260 kB IP 66.96.130.139:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (40863), with CRLF, LF line terminators
Size 260 kB (260277 bytes)
Hash 03ded8e4ee445ded95402ea309571f0a
1dc482fd59b915be0694e50bf24fd6f5128e2507
87923a7843d306e36fc6e601a326a9bc3611812f37657fdabe95859b2dd4ff9b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 260277
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.3.2
Set-Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333; path=/
Link: <https://envsciencegroup.com/wp-json/>; rel="https://api.w.org/", <https://envsciencegroup.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://envsciencegroup.com/>; rel=shortlink
Age: 4
envsciencegroup.com/wp-includes/css/dist/editor/style.min.css?ver=6.0.3
66.96.130.139200 OK 20 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/css/dist/editor/style.min.css?ver=6.0.3
IP 66.96.130.139:0
File type Unicode text, UTF-8 text, with very long lines (20364), with no line terminators
Hash a9f329af48461d5fc599f179bf5da842
2f3d5ac0413c931412d52836d3225aa78e38d3da
4abb7aa5439849a3cddb4085a9c39b6ef0a54da587c675c4cb4e9887974e5642
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/editor/style.min.css?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 20396
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "4fac-5e5535c6916ac"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-includes/css/dist/nux/style.min.css?ver=6.0.3
66.96.130.139200 OK 2.8 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/css/dist/nux/style.min.css?ver=6.0.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (2256)
Hash 91865d3e0fb09e5febb1ad64d56827d1
e4ef380619e272990480f9aa3f66e0a38e171626
6da593bb41278863238449ee446ac7a689c10718f2351833aa9e6f1575c3ac21
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/nux/style.min.css?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 2786
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "ae2-5e5535c6960df"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
envsciencegroup.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.0.3
66.96.130.139200 OK 522 B URL HTTP/1.1 envsciencegroup.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.0.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (522), with no line terminators
Hash 0511686b2d1751365589bb4ad6ebd381
9055cd550ec030497299985811ae0dfc78ada3ca
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 522
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 30 Mar 2022 02:31:43 GMT
ETag: "20a-5db6658976eb9"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-content/plugins/simple-job-board/sjb-block/dist/blocks.style.build.css
66.96.130.139200 OK 0 B URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/simple-job-board/sjb-block/dist/blocks.style.build.css
IP 66.96.130.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/simple-job-board/sjb-block/dist/blocks.style.build.css HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:01:28 GMT
ETag: "0-5e553511244fe"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3
66.96.130.139200 OK 4.9 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 4933
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:46 GMT
ETag: "1345-5e55355bb46ff"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
66.96.130.139200 OK 89 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 88932
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:38 GMT
ETag: "15b64-5e5535c66d449"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-content/plugins/column-shortcodes//assets/css/shortcodes.css?ver=1.0.1
66.96.130.139200 OK 3.2 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/column-shortcodes//assets/css/shortcodes.css?ver=1.0.1
IP 66.96.130.139:0
File type ASCII text, with CRLF line terminators
Hash eeb616c7d096549b9792359164dafe24
a91666748378686514bc1473a470573af0eef091
a2b52f4819c133bc281608895d14021d514a47cb8300a6d671226785319813f0
GET /wp-content/plugins/column-shortcodes//assets/css/shortcodes.css?ver=1.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 3185
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 19 May 2021 14:18:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "c71-5c2af7eed7df4"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
66.96.130.139200 OK 2.7 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP 66.96.130.139:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 2731
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:00:41 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "aab-5e5534e483bc2"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-content/plugins/simple-job-board/public/css/font-awesome.min.css?ver=4.7.0
66.96.130.139200 OK 31 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/simple-job-board/public/css/font-awesome.min.css?ver=4.7.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-job-board/public/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 31004
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:01:28 GMT
ETag: "791c-5e553510f6a4c"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-includes/css/dist/components/style.min.css?ver=6.0.3
66.96.130.139200 OK 105 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/css/dist/components/style.min.css?ver=6.0.3
IP 66.96.130.139:0
File type Unicode text, UTF-8 text, with very long lines (41679)
Size 105 kB (105345 bytes)
Hash 9a4c3f7de34833e6f3f3a1f375222386
e8b43896e9f8bc7c4c388bb6065d031f06a7782d
6abba1c5cd542f8f5d4b9561b3315f05ff018a2647f216fbf6ac2002aca567cf
GET /wp-includes/css/dist/components/style.min.css?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 105345
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:38 GMT
ETag: "19b81-5e5535c67ca95"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-includes/css/dist/block-editor/style.min.css?ver=6.0.3
66.96.130.139200 OK 122 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/css/dist/block-editor/style.min.css?ver=6.0.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 122 kB (122045 bytes)
Hash 7701f6970c9a6f91b1e183a05eb2b82e
96d7a4812a855ecd60f9385f332d1e13e74d939b
4f572c3b6c2a05290943051120f64356f1dd8414438d487fae7114cebf63c164
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-editor/style.min.css?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 122045
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 31 Aug 2022 05:33:59 GMT
ETag: "1dcbd-5e782d8044261"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-content/plugins/simple-job-board/public/css/jquery-ui.css?ver=1.12.1
66.96.130.139200 OK 37 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/simple-job-board/public/css/jquery-ui.css?ver=1.12.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (2363), with CRLF line terminators
Hash be5915cddb305b9dff26398e5ac3466a
3e6361c100e9a589a0c3b04654a5029e41dc4704
f846f662e208c7b18406c9393ba662f59472f9516f4cb0d095d10dd44e04fe24
GET /wp-content/plugins/simple-job-board/public/css/jquery-ui.css?ver=1.12.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 37305
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:01:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "91b9-5e553510f762f"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
envsciencegroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0
66.96.130.139200 OK 18 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 17809
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "4591-5e55354e925ea"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0
66.96.130.139200 OK 63 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0
IP 66.96.130.139:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 62755
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "f523-5e55354e91a33"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
66.96.130.139200 OK 52 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
IP 66.96.130.139:0
File type ASCII text, with very long lines (30343)
Hash 3708d4b99910a9c61258eb31bcdaca6e
0ded058dbfe31a654bf25f271ce0db0a26cbe728
1300738aefb18a0c76072b6cd0e833e0eb4f1c4370cfeca7e5a3a3b3009fb968
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 52485
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "cd05-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient/css/rgs.css?ver=9.0.1
66.96.130.139200 OK 6.6 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/rgs.css?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with CRLF line terminators
Hash 9f26143a3921b2b92066cb0a0a204d32
88fc201b8fda97f5aaf62de1fbcf2ff4b263cbf4
c0c741823b4f618f49b7e9a7dd31c402ff925b4001f127357ff5df0b3dae49a6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/rgs.css?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 6575
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
ETag: "19af-5a5b60c448000"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient-child/style.css?ver=9.0.1
66.96.130.139200 OK 10 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient-child/style.css?ver=9.0.1
IP 66.96.130.139:0
File type assembler source, ASCII text
Hash 75f727b96ce4604e3f82a99bc485f745
91ca86b73e3bfc88d1ff901dc2b16b10961cb9b3
56f41abc889ee6d36faf3548279b6fedcf3ca32943adf51cfd1d81de41b5058f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient-child/style.css?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 10355
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 03 Jul 2020 16:34:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2873-5a98c19660023"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient/css/jquery.fancybox.css?ver=9.0
66.96.130.139200 OK 21 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/jquery.fancybox.css?ver=9.0
IP 66.96.130.139:0
Hash 008748741f8d7d8e354e8617f009d0f1
46969e165ba4ff0f4b449ec2df512981ec35d202
7616972059d978e8875609457ca5bd2c5eb37c2d87a055b7c539d30dba03aa43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/jquery.fancybox.css?ver=9.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 20642
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "50a2-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3
66.96.130.139200 OK 210 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3
IP 66.96.130.139:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 210 kB (209885 bytes)
Hash 375cb90c5332267d20d6043a63444e6d
c9e3491ce137aa644109765ff590e0d30da35e72
9e4f92eb422eb08e7fdb89083b71ade65040e339149d2c901f957dc7f202055f
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:30 GMT
Content-Type: text/css
Content-Length: 209885
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "333dd-5e55355bb087e"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3150
envsciencegroup.com/wp-content/themes/salient/css/nectar-slider.css?ver=9.0.1
66.96.130.139200 OK 49 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/nectar-slider.css?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (358), with CRLF line terminators
Hash bbcbbce9d74d6c5405a16ae47d750029
f4ed12acf65d1a32cc39f5a0e10dd61d8b5d157b
367a7e2845302c27781ef3228a70559aaab184eb0985b8c8fea01da094ab4f7b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/nectar-slider.css?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 48555
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "bdab-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient/css/responsive.css?ver=9.0.1
66.96.130.139200 OK 202 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/responsive.css?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (445), with CRLF line terminators
Size 202 kB (201816 bytes)
Hash 17ff278db88a63fdabe9e85c1bb11409
fae9369d9a16e8f5e371385e722192126c259a8b
526b922f9628ef183526413ba83c30c03dd33dee70d268523efdb05ea11ae7f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/responsive.css?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 201816
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "31458-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient/style.css?ver=9.0.1
66.96.130.139200 OK 932 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/style.css?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (770), with CRLF line terminators
Size 932 kB (932350 bytes)
Hash 81375db721bc9a6f904f03c7ab65d01b
b432ccd0c071ccacf0f4f21e07727444e990047a
9c289bfd0e89c21fcc7c5bf4345a95a81c2dd994f81dae89054642e7218c9889
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/style.css?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 932350
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "e39fe-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/plugins/simple-job-board/public/css/simple-job-board-public.css?ver=3.0.0
66.96.130.139200 OK 102 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/simple-job-board/public/css/simple-job-board-public.css?ver=3.0.0
IP 66.96.130.139:0
File type ASCII text, with CRLF line terminators
Size 102 kB (101813 bytes)
Hash 5d78f2d3766d79f21b3824cac947bc9c
a75fee4254967ec701177835e511456489645f5c
c030710206d1e2b7d2a192f30e3b6edcd364a6d96ff0f660cadc031205054e22
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-job-board/public/css/simple-job-board-public.css?ver=3.0.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 101813
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:01:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "18db5-5e553510f89a2"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient/css/skin-material.css?ver=9.0.1
66.96.130.139200 OK 130 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/skin-material.css?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (447), with CRLF line terminators
Size 130 kB (129518 bytes)
Hash 622bb6e149a24393f43c09d2b19be73a
696ef5037981b7c54ff5a493d0efbb5eab4aa039
004c66ec9a6206e4af099b00db7e24c0db88f58ff7612304ee3d1ff183d48675
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/skin-material.css?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 129518
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "1f9ee-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/plugins/newsletter/style.css?ver=7.5.0
66.96.130.139200 OK 6.3 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/newsletter/style.css?ver=7.5.0
IP 66.96.130.139:0
Hash e82f7c1bf34a75131708b4d9028fd6f1
587555f2d28fd2b15d470116a6e3c322a06e7cc1
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3
GET /wp-content/plugins/newsletter/style.css?ver=7.5.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 6282
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:01:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "188a-5e5534fe3f242"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/themes/salient/css/woocommerce.css?ver=9.0.1
66.96.130.139200 OK 192 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/woocommerce.css?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (385), with CRLF line terminators
Size 192 kB (191455 bytes)
Hash a49c83abceb3607d929adc90a9a1b809
62490815e98f6430bde152cb657b053b1d19edab
1c2e1f42490cd40a0af682cdd3d6d720f311e20870f026b37f4719699b3fe9f0
GET /wp-content/themes/salient/css/woocommerce.css?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 191455
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
ETag: "2ebdf-5a5b60c448000"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=5.5.2
66.96.130.139200 OK 217 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=5.5.2
IP 66.96.130.139:0
File type CSV text\012- , ASCII text, with CRLF line terminators
Size 217 kB (216561 bytes)
Hash 171a66272e8f12543e068d25ae3a18b3
02c477d4e5bf7feeac7dfff484875df0b8d9c9ba
8618b9dfd05650a88831c53be273cfbc252d15c43d455c24d95c8e88cd2a2873
GET /wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=5.5.2 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 216561
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "34df1-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.2.1
66.96.130.139200 OK 1.6 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.2.1
IP 66.96.130.139:0
Hash 25d31c50a58310c71bc4604e2cebef6d
deab3cb90b7f5f4b4cf2afa586ac8a9ed9852d00
dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0
GET /wp-content/plugins/cf7-conditional-fields/style.css?ver=2.2.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 1620
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:00:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "654-5e5534ded5e39"
Expires: Wed, 30 Nov 2022 15:46:00 GMT
Age: 3151
envsciencegroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
66.96.130.139200 OK 11 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 66.96.130.139:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 11224
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 30 Mar 2022 02:31:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2bd8-5db6658abc9cb"
Expires: Wed, 30 Nov 2022 15:58:06 GMT
Age: 2425
envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
66.96.130.139200 OK 9.5 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 9533
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "253d-5e55354f6e188"
Expires: Wed, 30 Nov 2022 15:58:06 GMT
Age: 2425
envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
66.96.130.139200 OK 3.0 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
IP 66.96.130.139:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 3037
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "bdd-5e55354f5050b"
Expires: Wed, 30 Nov 2022 15:58:07 GMT
Age: 2424
envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5.2
66.96.130.139200 OK 2.7 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5.2
IP 66.96.130.139:0
File type ASCII text, with very long lines (1789)
Hash 862f7ca841166e87d24a8b275e340c5c
d9267514fe237dd23ae5caec93f7f629c89833ee
516d6ae963765a4d08f296d225825746730830c1d8b8d82320ef23f5a1c2cf16
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer_salient/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5.2 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 2684
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "a7c-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:07 GMT
Age: 2424
envsciencegroup.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
66.96.130.139200 OK 19 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 18617
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "48b9-5e5535c7d65b0"
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2944
envsciencegroup.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
66.96.130.139200 OK 22 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (21904), with no line terminators
Hash e7334b0f16895605c1234c69ad86fd4a
6da3372e63cabe2d3c6b0dfecc70770c2f69921b
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 21904
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:00:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "5590-5e5534e49aefd"
Expires: Wed, 30 Nov 2022 15:58:08 GMT
Age: 2423
envsciencegroup.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
66.96.130.139200 OK 6.5 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 66.96.130.139:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 6475
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "194b-5e5535c6b6852"
Expires: Wed, 30 Nov 2022 15:58:07 GMT
Age: 2424
envsciencegroup.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
66.96.130.139200 OK 19 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 66.96.130.139:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 19142
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "4ac6-5e5535c6bb2a9"
Expires: Wed, 30 Nov 2022 15:58:08 GMT
Age: 2423
envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=5.5.2
66.96.130.139200 OK 54 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=5.5.2
IP 66.96.130.139:0
File type ASCII text, with very long lines (53826)
Hash 0b9ed7b612dcfe272e83e92398be1da5
3a3f2074a297776a05367d0e086e4e72981c3717
5b518bc060167c79b585ab74260cd0c4cd4ef5e6f7ee2759908ee832731352c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=5.5.2 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: text/css
Content-Length: 53987
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "d2e3-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3150
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
66.96.130.139200 OK 1.8 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 1834
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "72a-5e55354f90848"
Expires: Wed, 30 Nov 2022 15:58:09 GMT
Age: 2423
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
envsciencegroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
66.96.130.139200 OK 472 B URL HTTP/1.1 envsciencegroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 66.96.130.139:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 89521
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 30 Mar 2022 02:31:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "15db1-5db6658ac4a82"
Expires: Wed, 30 Nov 2022 15:58:06 GMT
Age: 2425
envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
66.96.130.139200 OK 2.1 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 2139
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "85b-5e55354f69b42"
Expires: Wed, 30 Nov 2022 15:58:09 GMT
Age: 2422
envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
66.96.130.139200 OK 2.9 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 2938
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "b7a-5e55354f55ed1"
Expires: Wed, 30 Nov 2022 15:58:06 GMT
Age: 2425
envsciencegroup.com/wp-content/themes/salient/js/priority.js?ver=9.0.1
66.96.130.139200 OK 21 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/priority.js?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (1789), with CRLF line terminators
Hash 52c5e1a00bb5f4b5b0c45ca57e12e73b
f647c743de95c773b6b649b20b9b30d23b4f8476
c89fdbf14b412c1fbfb86e8c0a36d93ebd440df496e0fc9aae96f57ea19319e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/priority.js?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 21290
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "532a-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:06 GMT
Age: 2425
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://envsciencegroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 150350
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://envsciencegroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:28:50 GMT
expires: Thu, 23 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 580181
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
envsciencegroup.com/wp-content/themes/salient/js/modernizr.js?ver=2.6.2
66.96.130.139200 OK 18 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/modernizr.js?ver=2.6.2
IP 66.96.130.139:0
File type ASCII text, with very long lines (17271), with CRLF line terminators
Hash 08a53e8c75ce7e1e8884ee1f18b30bd6
13b126cac817fd31b48252ef092f2dd66d653f9b
6f5fa523b83843d6ca9f0beea3ed2f8e2cde6b3fbef156830150fe8117ddad8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/modernizr.js?ver=2.6.2 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 17919
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "45ff-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:06 GMT
Age: 2425
envsciencegroup.com/wp-content/themes/salient/js/imagesLoaded.min.js?ver=4.1.4
66.96.130.139200 OK 7.4 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/imagesLoaded.min.js?ver=4.1.4
IP 66.96.130.139:0
File type ASCII text, with very long lines (7266), with CRLF line terminators
Hash df8cda3157f34dd2b9e97c381fb47311
dab92a032e7948f40e2305bb85edbe3a0e5d4ee9
0cc40dd257f9b58a9b13cefbc3e096853f2ef8c6e67bf208699fb2443bd319b4
GET /wp-content/themes/salient/js/imagesLoaded.min.js?ver=4.1.4 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 7389
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "1cdd-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:07 GMT
Age: 2424
envsciencegroup.com/wp-content/themes/salient/js/jquery.fancybox.min.js?ver=7.0.1
66.96.130.139200 OK 62 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/jquery.fancybox.min.js?ver=7.0.1
IP 66.96.130.139:0
File type Unicode text, UTF-8 text, with very long lines (32088)
Hash 502cc772952eb76f1ca6cd988a97b972
a5b5c0ba44cc806ff6db187452dd893602b57d3c
f8d40eded8de3ee4c090732000875c8f40401e5f33a1497aeaf62529fad44c88
GET /wp-content/themes/salient/js/jquery.fancybox.min.js?ver=7.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 61558
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "f076-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:07 GMT
Age: 2424
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
envsciencegroup.com/wp-content/themes/salient/js/touchswipe.min.js?ver=1.0
66.96.130.139200 OK 11 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/touchswipe.min.js?ver=1.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (11146), with CRLF line terminators
Hash 0a9eb42394e3b1a72a3558941b9065cb
d283bf46c1347c8141f6f29b995aa212ee187f36
c99ea98258efdbeeb57de9eee388f506c88443a6ccab9638b94ebc2eee5e7651
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/touchswipe.min.js?ver=1.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 11165
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2b9d-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:07 GMT
Age: 2424
envsciencegroup.com/wp-content/themes/salient/js/caroufredsel.min.js?ver=7.0.1
66.96.130.139200 OK 57 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/caroufredsel.min.js?ver=7.0.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (32032), with CRLF line terminators
Hash d3e62edd4bfdcd2381f31b86113de7f4
0f2e9bcd3e331357a3684d744bc48bb7f85233ec
4694b27c80d750f137c44e601ddc70798a4f1bb9a9e66febc698e2793d72799c
GET /wp-content/themes/salient/js/caroufredsel.min.js?ver=7.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 56584
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "dd08-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:08 GMT
Age: 2423
envsciencegroup.com/wp-content/themes/salient/js/owl.carousel.min.js?ver=1.3.3
66.96.130.139200 OK 45 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/owl.carousel.min.js?ver=1.3.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (32000)
Hash 13c938a5e4d83fa68792f7951194fd08
a5c152e7e9a7695f9ee6405f7fd460b1196bd0d4
fca9393e0120626328c4bbf9d4963e0faeb6f1d4555293bfc990e3f3e912aebb
GET /wp-content/themes/salient/js/owl.carousel.min.js?ver=1.3.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 44555
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "ae0b-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:08 GMT
Age: 2423
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
envsciencegroup.com/wp-content/themes/salient/js/superfish.js?ver=1.4.8
66.96.130.139200 OK 11 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/superfish.js?ver=1.4.8
IP 66.96.130.139:0
File type ASCII text, with very long lines (1789)
Hash a64deec75a70babf5ae155f72f2a4c51
26ce048e68102c6090afffb74cd0608b952a4629
7874ffea6bf4ff44a09f8b0d3cb5d2607ab6fe8bd7a1b7241172a3aa08009d3b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/superfish.js?ver=1.4.8 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 11094
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2b56-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:09 GMT
Age: 2422
envsciencegroup.com/wp-content/themes/salient/js/nectar-slider.js?ver=9.0.1
66.96.130.139200 OK 258 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/nectar-slider.js?ver=9.0.1
IP 66.96.130.139:0
File type ASCII text, with CRLF line terminators
Size 258 kB (257592 bytes)
Hash fd5917c1e83f66ec0fa2615f66f204ae
9ad1276d65d14022c03363829c0db2cdfeffc4e8
e6cfc7f2aac4106643bbd38c5b97aad5dfd0e3ac0fa330467fbe1d1cd0e2ec45
GET /wp-content/themes/salient/js/nectar-slider.js?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 257592
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
ETag: "3ee38-5a5b60c448000"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:04 GMT
Age: 3147
envsciencegroup.com/wp-includes/js/underscore.min.js?ver=1.13.3
66.96.130.139200 OK 19 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (18876)
Hash 42aa17e1f850a414638ee4a32a3aa807
2e42d03a5e042701191650c041eae1cfb2d6c7b9
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: application/x-javascript
Content-Length: 18911
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:04:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "49df-5e5535c7b3716"
Expires: Wed, 30 Nov 2022 15:46:04 GMT
Age: 3148
envsciencegroup.com/wp-includes/js/wp-util.min.js?ver=6.0.3
66.96.130.139200 OK 1.3 kB URL HTTP/1.1 envsciencegroup.com/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 66.96.130.139:0
File type ASCII text, with very long lines (1305)
Hash 8637362089372427b52fa10a43d8109c
6009bed674718329dce6055ab09fa95181162d81
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: application/x-javascript
Content-Length: 1340
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 30 Mar 2022 02:31:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "53c-5db6658b468c2"
Expires: Wed, 30 Nov 2022 15:46:04 GMT
Age: 3148
envsciencegroup.com/wp-content/themes/salient/nectar/woo/js/quick_view_actions.js?ver=1.0
66.96.130.139200 OK 15 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/nectar/woo/js/quick_view_actions.js?ver=1.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (1792), with CRLF line terminators
Hash 8c143a9e363f7760935c5aa54545cb2a
c58e589a4ae112b9dd364d766857927bd95db554
c517468e75da458a3d47d691bb3529d68199c672ef655c31467e28700a115d39
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/nectar/woo/js/quick_view_actions.js?ver=1.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: application/x-javascript
Content-Length: 14933
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
ETag: "3a55-5a5b60c448000"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:05 GMT
Age: 3147
envsciencegroup.com/wp-content/themes/salient/js/flickity.min.js?ver=1.1.1
66.96.130.139200 OK 57 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/flickity.min.js?ver=1.1.1
IP 66.96.130.139:0
File type ASCII text, with very long lines (32020), with CRLF line terminators
Hash 1e865c4fa30f01636138442caf5499a8
aaef25d7d3c78ddb58d44af2e41869a5e92fbcab
2be97025bcc39360c4a6472d3e050221a7871a51e783b6456012a63dd4d8cc78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/flickity.min.js?ver=1.1.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: application/x-javascript
Content-Length: 57042
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "ded2-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:05 GMT
Age: 3147
envsciencegroup.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.2.1
66.96.130.139200 OK 137 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.2.1
IP 66.96.130.139:0
File type Unicode text, UTF-8 text, with very long lines (595)
Size 137 kB (137293 bytes)
Hash db5c3708050c899e7d725bc07b651639
7cd897e4d85cb07846d7064398110f90061b9dca
830704f7c030d2331d24df0028d5a071c9566ff2b47186b579b130fd0679e67c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.2.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: application/x-javascript
Content-Length: 137293
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:00:35 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2184d-5e5534dea25c5"
Expires: Wed, 30 Nov 2022 15:46:05 GMT
Age: 3147
envsciencegroup.com/wp-content/uploads/2020/07/Paragon-Cleaners-Medium.ttf
66.96.130.139200 OK 27 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/07/Paragon-Cleaners-Medium.ttf
IP 66.96.130.139:0
File type TrueType Font data, 19 tables, 1st "GPOS", 33 names, Macintosh, Copyright (c) 2014 by Tino Mendes. All rights reserved.ParagonMedium1.000;pyrs;ParagonMediumPara\012- data
Hash f2c31ff1e6f4303529855e6d225e66ec
207f655d6ec2059dabc1fb0959197053a02cd6bc
cc70a92cbdff5de189b162f128386645eecea14240f3a3e64609d13055d05c44
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/07/Paragon-Cleaners-Medium.ttf HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Length: 27088
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "69d0-5b1b3b5f5a500"
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
envsciencegroup.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
66.96.130.139200 OK 98 kB URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
IP 66.96.130.139:0
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
GET /wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envsciencegroup.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Length: 98024
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "17ee8-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=5.5.2
66.96.130.139200 OK 29 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=5.5.2
IP 66.96.130.139:0
File type ASCII text, with very long lines (1792), with CRLF line terminators
Hash dc41e4cacbd7adae62a16b68090fb9a2
546cb5c746963a0ae492d7dc89bb2b8ab114e53b
689856a8cccc5a99dc6bbf5df5b99d4a5ca2afe8a9c18d2856811cb27ce58e01
GET /wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=5.5.2 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: application/x-javascript
Content-Length: 28973
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "712d-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:46:05 GMT
Age: 3147
envsciencegroup.com/wp-content/uploads/2020/05/slider.png
66.96.130.139200 OK 475 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/slider.png
IP 66.96.130.139:0
File type PNG image data, 1596 x 847, 8-bit/color RGBA, non-interlaced\012- data
Size 475 kB (474768 bytes)
Hash c6503726a2bdf1761d77b365db6ed0c0
70cf7f6fb6331c3cc3ad9bb8832ae48e3f2886e7
a19a2fe14d56fbfc8c945caa88c10c59110b4cb7e54cc1875b91040759cefae0
GET /wp-content/uploads/2020/05/slider.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 474768
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:29 GMT
ETag: "73e90-5b1b3b5bc7484"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
envsciencegroup.com/wp-content/uploads/2020/07/BG.png
66.96.130.139200 OK 1.8 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/07/BG.png
IP 66.96.130.139:0
File type PNG image data, 780 x 400, 8-bit/color RGB, non-interlaced\012- data
Hash 1c4aed1de0872ac82277786f6af2f46d
cf6a54d0f4aef7af0a2f24c2cc69c0d436cf18ad
ed5326beaeacb305f7faafe06fa34b2afa64a7da3f31f8c838434357003c4f4d
GET /wp-content/uploads/2020/07/BG.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 1782
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:33 GMT
ETag: "6f6-5b1b3b5f59d22"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
envsciencegroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0
66.96.130.139200 OK 7.0 kB URL HTTP/1.1 envsciencegroup.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0
IP 66.96.130.139:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.7.0 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: text/css
Content-Length: 7043
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 03 Aug 2022 10:02:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "1b83-5e55354e94d00"
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
envsciencegroup.com/wp-content/uploads/2020/05/bg2.png
66.96.130.139200 OK 724 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/bg2.png
IP 66.96.130.139:0
File type PNG image data, 1600 x 711, 8-bit/color RGBA, non-interlaced\012- data
Size 724 kB (724498 bytes)
Hash 1b41d7b1b2f3a89f038a78ca6b056c00
ee45866fe34da2aacc3682dc149199c0df951e6d
dd22d6ee9e1e07cae7b18c4e193da8d61d63fdfb4cadc0ccbfe8db2fdbdc6ab3
GET /wp-content/uploads/2020/05/bg2.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 724498
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:30 GMT
ETag: "b0e12-5b1b3b5c2c1bf"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
envsciencegroup.com/wp-content/uploads/2022/07/safety-data-sheet-authoring.jpg
66.96.130.139200 OK 56 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2022/07/safety-data-sheet-authoring.jpg
IP 66.96.130.139:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash dcc99b5daa70db0d38badda3773e5530
07bcaff8d4e8fd17fc03110bb47fe51eae168ad0
3685fde42b1eb8e12d3a663e23a01e34b8c0de3e38db17b16bc387f6edf738bc
GET /wp-content/uploads/2022/07/safety-data-sheet-authoring.jpg HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/jpeg
Content-Length: 56256
Connection: keep-alive
Server: Apache/2
Last-Modified: Wed, 27 Jul 2022 20:59:06 GMT
ETag: "dbc0-5e4cfb00c446c"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3151
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 485429
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:43 GMT
expires: Fri, 24 Nov 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 503869
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/B43JA9uS2PE
142.250.74.14200 OK 127 kB URL HTTP/2 www.youtube.com/embed/B43JA9uS2PE
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58646)
Size 127 kB (127401 bytes)
Hash d494958637d0648162e5ea348c58ffc4
c23f0132c8eb53f508f21ac64d6931f6857e31fd
86325db18c5e497b6842a889f350231aa6236bb91185d7c4825c17eded37b616
GET /embed/B43JA9uS2PE HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 12:38:31 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=yflbTZTsaEw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=mV1hZvUJasM; Domain=.youtube.com; Expires=Mon, 29-May-2023 12:38:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+610; expires=Fri, 29-Nov-2024 12:38:31 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
envsciencegroup.com/wp-content/uploads/2020/05/side-img.png
66.96.130.139200 OK 529 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/side-img.png
IP 66.96.130.139:0
File type PNG image data, 678 x 463, 8-bit/color RGBA, non-interlaced\012- data
Size 529 kB (529418 bytes)
Hash 5eb7b574f0cff9f89810669383b41a1e
c8afbab97e7ff22d25799b48343eb1391cae5f56
5e644f490b1a36a409707a035df118afad5d2acd8a9df334fb74be7967e16dab
GET /wp-content/uploads/2020/05/side-img.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 529418
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:31 GMT
ETag: "8140a-5b1b3b5d328ea"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3151
envsciencegroup.com/wp-content/uploads/2020/05/111.png
66.96.130.139200 OK 371 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/111.png
IP 66.96.130.139:0
File type PNG image data, 604 x 407, 8-bit/color RGBA, non-interlaced\012- data
Size 371 kB (370574 bytes)
Hash 20603d48494aa568fd2e76d0d653dd4c
1ef82fe921785863196b1e11f1cae9f9fbf76976
a0d1b1716de0b8ff135d2ae80de281ac46c244949e07206da2bd78579633c668
GET /wp-content/uploads/2020/05/111.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 370574
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:29 GMT
ETag: "5a78e-5b1b3b5b58700"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
envsciencegroup.com/wp-content/uploads/2020/05/img3.png
66.96.130.139200 OK 596 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/img3.png
IP 66.96.130.139:0
File type PNG image data, 604 x 710, 8-bit/color RGBA, non-interlaced\012- data
Size 596 kB (596118 bytes)
Hash 6ab238c10485e66918930616586513df
c551a87a623d59929cda0ad563b2ce38150f2aba
2b59422d4e3568191b079c9d9a8f8cb189b495955f4bd871cd6f4089409d011b
GET /wp-content/uploads/2020/05/img3.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 596118
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:33 GMT
ETag: "91896-5b1b3b5f9044c"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3151
envsciencegroup.com/wp-content/uploads/2020/06/esg-1484-ver-3-1.gif
66.96.130.139200 OK 2.5 MB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/06/esg-1484-ver-3-1.gif
IP 66.96.130.139:0
File type GIF image data, version 89a, 300 x 120\012- data
Size 2.5 MB (2477382 bytes)
Hash 74aeea022ee470682b565679946e1634
2da97cab4a928822952081c03e8fc7f031c85847
255951db82eecf406ba4b9344fecd8b1039550822243c200a563d451780f5bc2
GET /wp-content/uploads/2020/06/esg-1484-ver-3-1.gif HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/gif
Content-Length: 2477382
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:25 GMT
ETag: "25cd46-5b1b3b57e88f7"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3151
envsciencegroup.com/wp-content/uploads/2020/05/i1.png
66.96.130.139200 OK 84 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/i1.png
IP 66.96.130.139:0
File type PNG image data, 328 x 328, 8-bit/color RGBA, non-interlaced\012- data
Hash fb0bbbe0402e6d4aed15323481712844
d0cfcb83a2f9b498e0c348284464e2baf5ca767a
0aee265493ba2834697904251a9e0056575ad309ef19fbf3640839503a698ae8
GET /wp-content/uploads/2020/05/i1.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 83843
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:29 GMT
ETag: "14783-5b1b3b5bce1c6"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3151
envsciencegroup.com/wp-content/uploads/2020/05/i3.png
66.96.130.139200 OK 85 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/i3.png
IP 66.96.130.139:0
File type PNG image data, 328 x 328, 8-bit/color RGBA, non-interlaced\012- data
Hash c79b44cbbc45588ff7b8c2e337991787
5b491cdd0138a57e11bb2145c8efb67479763035
61c2dd529e4ec7d8ddbfca517c483c40d20b558ea41a9eb98cccaff00ddf1134
GET /wp-content/uploads/2020/05/i3.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 85246
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:30 GMT
ETag: "14cfe-5b1b3b5c53a8c"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3151
envsciencegroup.com/wp-content/uploads/2020/05/i2.png
66.96.130.139200 OK 87 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/i2.png
IP 66.96.130.139:0
File type PNG image data, 328 x 328, 8-bit/color RGBA, non-interlaced\012- data
Hash e4cff4bb49ba0ab327c758bfc7fa027d
827d306ab8b5756fc5f77a49005c70e5f6c24404
3c284aa94dfa5e6fa335df039805e7bf97b9a6ce44ca4c1c4befe86c63d85df7
GET /wp-content/uploads/2020/05/i2.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 86739
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:33 GMT
ETag: "152d3-5b1b3b5f844d2"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:46:01 GMT
Age: 3151
envsciencegroup.com/wp-content/uploads/2020/05/cropped-fave-192x192.png
66.96.130.139200 OK 38 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/cropped-fave-192x192.png
IP 66.96.130.139:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 870a60d561437a6111c713b17c62680f
40c856605e13f0a4ef2b333a56045a09b6697153
a92b68edfdb1def3a0c32a344f06a97e115d38f367f76fa0559cae89f25130b7
GET /wp-content/uploads/2020/05/cropped-fave-192x192.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:33 GMT
Content-Type: image/png
Content-Length: 37456
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "9250-5b1b3b5c1238e"
Expires: Wed, 30 Nov 2022 16:38:33 GMT
Age: 0
envsciencegroup.com/wp-content/uploads/2020/05/cropped-fave-32x32.png
66.96.130.139200 OK 2.1 kB URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/cropped-fave-32x32.png
IP 66.96.130.139:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 61f441354212ccda3e53f69309958356
d5ac3f6ade78f9c71e74c276d8357b1d74f0c531
25ac3f44456d59e04852d3477156e9bc8fce5785134201b472b935a4d66f6058
GET /wp-content/uploads/2020/05/cropped-fave-32x32.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:33 GMT
Content-Type: image/png
Content-Length: 2104
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:33 GMT
ETag: "838-5b1b3b5f602ba"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:49:29 GMT
Age: 2944
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b470d898d2b9f278b6ec072b3f336cf
1570b2d97beb377b0a424044be2075ec0a262851
b73f51f344b0c221e7bcc239083809a5a1030f9893db5b9ddb7741df1bde495b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 12:36:04 GMT
expires: Wed, 30 Nov 2022 12:51:04 GMT
cache-control: public, max-age=900
age: 149
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
envsciencegroup.com/wp-content/uploads/2020/05/wasps-bg.png
66.96.130.139200 OK 0 B URL HTTP/1.1 envsciencegroup.com/wp-content/uploads/2020/05/wasps-bg.png
IP 66.96.130.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2020/05/wasps-bg.png HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:32 GMT
Content-Type: image/png
Content-Length: 1474449
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 15 Oct 2020 11:11:27 GMT
ETag: "167f91-5b1b3b59df7cf"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 30 Nov 2022 15:49:27 GMT
Age: 2945
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b470d898d2b9f278b6ec072b3f336cf
1570b2d97beb377b0a424044be2075ec0a262851
b73f51f344b0c221e7bcc239083809a5a1030f9893db5b9ddb7741df1bde495b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 30 Nov 2022 12:38:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 84ea0ab54c1ba42c13376f9220588bc6
85eb478945a2b02776c3cfcfee6108072353a8f7
66767714d247eb2861473188f1031c23aa28c13aec58b6bde809066ac539def0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 30 Nov 2022 12:38:33 GMT
server: ESF
cache-control: private
content-length: 30596
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (35786)
Hash ab1d51e6cf1d842260dab25a4332649c
0c814f9168dff9647a797787c2109a568904fedb
4b4e6a92912d486accd192aec1f4ba5ffee3658019c01e98199976a192941f09
GET /js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:40:04 GMT
expires: Wed, 29 Nov 2023 18:40:04 GMT
cache-control: public, max-age=31536000
age: 64709
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5f53eac27302554bb029ae36aa283c
2d71b909d1a1bbe2e81269d0c6200ba807fcd4aa
a4644d46e0e2b270572d06530145486bac01335dada14ccd6079bd9543e710d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 369336d480569ceb5b96454c928ae3f5
f8bc9e0cd99273198df5c7334d731a1b75fd2f2e
5338be3c216922d48eeec600e01265955f3e00a88eb048344ae365735a85bf9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-C4Wb7v-0pk4JLSUhmJ4S9W3HX20z84gy1tg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-C4Wb7v-0pk4JLSUhmJ4S9W3HX20z84gy1tg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash db45d56b7c251c433551c52a5262d5f5
466b01b63bcc9b5ad2eee49879cb4ce5c96901a3
7b8876d204d0949fb8d459cf30615ec8a7c90e2d9ee88b6d0a2f5212576e792f
GET /ytc/AMLnZu-C4Wb7v-0pk4JLSUhmJ4S9W3HX20z84gy1tg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 01 Dec 2022 12:38:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 12:38:33 GMT
server: fife
content-length: 1095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5f53eac27302554bb029ae36aa283c
2d71b909d1a1bbe2e81269d0c6200ba807fcd4aa
a4644d46e0e2b270572d06530145486bac01335dada14ccd6079bd9543e710d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/B43JA9uS2PE/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgYyhSMA8=&rs=AOn4CLA9jzmK0LLuvmP9foQ2y6oEU3lkMQ
142.250.74.22200 OK 139 kB URL HTTP/2 i.ytimg.com/vi/B43JA9uS2PE/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgYyhSMA8=&rs=AOn4CLA9jzmK0LLuvmP9foQ2y6oEU3lkMQ
IP 142.250.74.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 139 kB (138767 bytes)
Hash 892e39b7091fd427f53bd36710e979c7
4bf373894d075d6b60ded834e406ea9005506715
3a41d6272cb578d83117da678804e9e062b99a5d3b5e9882769ee60613a30784
GET /vi/B43JA9uS2PE/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgYyhSMA8=&rs=AOn4CLA9jzmK0LLuvmP9foQ2y6oEU3lkMQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 138767
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 12:38:33 GMT
expires: Wed, 30 Nov 2022 14:38:33 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 369336d480569ceb5b96454c928ae3f5
f8bc9e0cd99273198df5c7334d731a1b75fd2f2e
5338be3c216922d48eeec600e01265955f3e00a88eb048344ae365735a85bf9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 12:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 30 Nov 2022 12:38:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f5d7a49944d388d24683d43c62809d68
84c6b5b538746ce59996be84670f0714fafd1c5a
33856eb5eb8a2e5af4a6b33eeeb3f6535483496fea58bbcafced3098566e230c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 918
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 30 Nov 2022 12:38:33 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=2.10.0
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=2.10.0
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=2.10.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:38:30 GMT
date: Wed, 30 Nov 2022 12:38:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%7CArvo%3A700%7CPoppins%3A700%2C400&subset=latin&ver=1621697008
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%7CArvo%3A700%7CPoppins%3A700%2C400&subset=latin&ver=1621697008
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A400%2C300%7CArvo%3A700%7CPoppins%3A700%2C400&subset=latin&ver=1621697008 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:38:30 GMT
date: Wed, 30 Nov 2022 12:38:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
envsciencegroup.com/wp-content/themes/salient/js/init.js?ver=9.0.1
66.96.130.139200 OK 0 B URL HTTP/1.1 envsciencegroup.com/wp-content/themes/salient/js/init.js?ver=9.0.1
IP 66.96.130.139:0
GET /wp-content/themes/salient/js/init.js?ver=9.0.1 HTTP/1.1
Host: envsciencegroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envsciencegroup.com/
Cookie: PHPSESSID=o98o78lbcjngnkb7bidf2jekq5nla333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 12:38:31 GMT
Content-Type: application/x-javascript
Content-Length: 659245
Connection: keep-alive
Server: Apache/2
Last-Modified: Fri, 15 May 2020 20:56:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "a0f2d-5a5b60c448000"
Expires: Wed, 30 Nov 2022 15:58:09 GMT
Age: 2422