enviroments.com/
200 OK 7.0 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (301)
Hash 49237d734b8a09ece7f8a40aa6da710c
c4edc7b87fcd8256b24b42acaf8f5d74faee54c6
413d482b822439e945f76d348c6b979fd23d1b705b80a7baf97b3b316683f197
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 03 Sep 2022 07:45:02 GMT
content-type: text/html; charset=utf-8
content-length: 7033
vary: Accept-Language
content-language: en
connection: close
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8101
Expires: Sat, 03 Sep 2022 10:00:03 GMT
Date: Sat, 03 Sep 2022 07:45:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 07:42:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4SOgVKlt8q96EVLmh4OEc1Yu89jayT-IBvwcGRRD8ZMypxPOoWDsgQ==
Age: 128
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4-i2-yNgv1Mdni6gVvUb_p_-nFJtx0srYhmHpwF7Ww60Z2HGgouH5w==
age: 23385
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 07:45:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
enviroments.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCJ3NZSnATXtJEQdycFVuxm3ug94aEMJ_DgAHWcGzZSGkhJvzLl2a4JhZpSWlizULK5D1m2UwhUrCWjan4yiQ5LiRzQOCdft2VX_1eJ5_tl3x8dC47kceHhhyvdiut89-kHeL0B0zM2Hg:1oUNpu:m0CbH-0QXe6JKbNNaJwmWJ_zK7c/1/0
200 OK 344 B URL HTTP/1.1 enviroments.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCJ3NZSnATXtJEQdycFVuxm3ug94aEMJ_DgAHWcGzZSGkhJvzLl2a4JhZpSWlizULK5D1m2UwhUrCWjan4yiQ5LiRzQOCdft2VX_1eJ5_tl3x8dC47kceHhhyvdiut89-kHeL0B0zM2Hg:1oUNpu:m0CbH-0QXe6JKbNNaJwmWJ_zK7c/1/0
IP
File type ASCII text, with very long lines (344), with no line terminators
Hash f822a1f394638c81bc05d4cd39540d20
046446372f18b4bf81241f3d1a019cdc21818b20
cf3d9a2f14e26c6addcaac0816117577d7a926fafe43fc462cf63b057c51ac02
Analyzer Verdict Alert fortinet Malware
GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCJ3NZSnATXtJEQdycFVuxm3ug94aEMJ_DgAHWcGzZSGkhJvzLl2a4JhZpSWlizULK5D1m2UwhUrCWjan4yiQ5LiRzQOCdft2VX_1eJ5_tl3x8dC47kceHhhyvdiut89-kHeL0B0zM2Hg:1oUNpu:m0CbH-0QXe6JKbNNaJwmWJ_zK7c/1/0 HTTP/1.1
Host: enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://enviroments.com/
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 03 Sep 2022 07:45:03 GMT
content-type: text/html; charset=utf-8
content-length: 344
x-mtm-path: 7
x-mtm-prov: 328:0.00;329:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJlbnZpcm9tZW50cy5jb20iLCJodHRwOi8vd3d3MS5lbnZpcm9tZW50cy5jb20vP3RtPTEmc3ViaWQ0PTE2NjIxOTExMDMuMDM3NDI2MDAwMCZrdz1lbnZpcm9tZW50JktXMT1FbnZpcm9tZW50JTIwQ29uc2VydmF0aW9uJTIwQ2hhcml0eSZLVzI9RW52aXJvbWVudCUyMEVkdWNhdGlvbiUyMENvdXJzZXMmS1czPUV4dHJlbWUlMjBXZWF0aGVyJTIwV2FybmluZyUyMFN5c3RlbSZLVzQ9Q2xpbWF0ZSUyMENoYW5nZSUyMERhdGElMjBWaXN1YWxpemF0aW9uJktXNT1Eb25hdGUlMjBPbmxpbmUmS1c2PVNlbmQlMjBNYXNzJTIwVGV4dCUyME1lc3NhZ2VzJTIwdG8lMjBDb25ncmVzcyZzZWFyY2hib3g9MCZkb21haW5uYW1lPTAmYmFja2ZpbGw9MCIsMSwiMjAyMi0wOS0wMyAwNzo0NTowMyIsMSwiMTY2MjE5MTEwMy4wMzc0MjYwMDAwIiwzMjgsbnVsbCxudWxsXQ:1oUNpv:I3jvub_krSU-mFbtEjicdgjob5Y; expires=Sat, 03-Sep-2022 08:45:03 GMT; Max-Age=3600; Path=/
connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 07:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 08:35:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ceCxkkABjf0W8kW0FiMwVHVXsKEw1mRpgvVNawb9Ip3UB06B4xxm9A==
Age: 407
www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
200 OK 5.6 kB URL HTTP/1.1 www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2938)
Hash eba2556456650cd5dca9147dea1a2fe5
46d337c8661835b7d1dc170cadb790700bfadd34
7c6cf7aab86a7c2c3e91f1f3bac224bf477b0f30260982a2ef05d56d63e34268
GET /?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://enviroments.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 07:45:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IcvovR23QdeRJg+x1WF1GrHv+1/J8sRv6w3GwsTu4fB4An91h9yZcoCeaL6hCMw5jVNeEwt0hR6KG18dkqMD0w==
X-Template: tpl_Urspring_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
200 OK 7.0 kB URL HTTP/1.1 d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
IP
File type ASCII text, with very long lines (316)
Hash cce7f943ec8e7b4ba13be4aba6b463d9
220f3e8ca723daa91fd040cf518991a65f2bf110
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
GET /scripts/js3caf.js HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7000
Connection: keep-alive
Server: nginx
Date: Sat, 03 Sep 2022 00:46:18 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Accept-Ranges: bytes
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z-FGSxvo2f2o15yLDXEnIR9Q2YAWKA8P3xMjnjX3Ae5HtZqAyjhQUw==
Age: 25124
d1lxhc4jvstzrp.cloudfront.net/themes/urspring_2fef8ec8/style.css
200 OK 595 B URL HTTP/1.1 d1lxhc4jvstzrp.cloudfront.net/themes/urspring_2fef8ec8/style.css
IP
Hash 3467fcf391de4afa7667a4f28cf9bdee
e0bd69005cd9f0a608a230c8268e26e529240258
55ed4b318bf91e37cdca77a89b672b77f88ac9faf184aa4c63e5bcf5971141bc
GET /themes/urspring_2fef8ec8/style.css HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sat, 03 Sep 2022 00:59:08 GMT
Last-Modified: Tue, 17 May 2022 14:10:00 GMT
Content-Encoding: gzip
ETag: W/"6283acb8-577"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tCVp7_3ZSxtHZeGKY1U4pqNeVTVIsgMcVZXsoABPHgnVeS5JOaOJEw==
Age: 24355
d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
200 OK 343 B URL HTTP/1.1 d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
IP
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sat, 03 Sep 2022 06:34:46 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bNZPe6-84KDlEH9K99n0xfxna_sz8Nd2QdEWjakSkkVoVepD_yls4A==
Age: 4217
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP
File type ASCII text, with very long lines (1885)
Hash 420d683f36d2cac7a4f51cb4015eb967
a55f0285ec0f301c5ae304d4e9d5b9d62f84385f
1e580edd27661061218a32cc0526bec06e859b3e31a98ed4b04c4a6444e42e07
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 03 Sep 2022 07:45:03 GMT
Expires: Sat, 03 Sep 2022 07:45:03 GMT
Cache-Control: private, max-age=3600
ETag: "14619200350205862941"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
ocsp.digicert.com/
200 OK 471 B IP
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4327
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:03 GMT
Last-Modified: Sat, 03 Sep 2022 06:32:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
c.parkingcrew.net/scripts/sale_form.js
200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 07:45:03 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5p8ckjTcjrp9D9ye+hcRPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lcf6I46uoZOK1NOs7phqLvf6y40=
d1lxhc4jvstzrp.cloudfront.net/themes/urspring_2fef8ec8/img/arrows.png
200 OK 11 kB URL HTTP/1.1 d1lxhc4jvstzrp.cloudfront.net/themes/urspring_2fef8ec8/img/arrows.png
IP
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/urspring_2fef8ec8/img/arrows.png HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/urspring_2fef8ec8/style.css
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Sat, 03 Sep 2022 00:59:09 GMT
Last-Modified: Tue, 17 May 2022 14:10:00 GMT
Accept-Ranges: bytes
ETag: "6283acb8-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1QIbB5yxjBHX-NP7IMJpRJSgwqiHWL9SC8Tpdy42y3-cljUelMbbdQ==
Age: 24355
www1.enviroments.com/favicon.ico
200 OK 0 B URL HTTP/1.1 www1.enviroments.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 07:45:04 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
www1.enviroments.com/track.php?domain=enviroments.com&toggle=browserjs&uid=MTY2MjE5MTEwMy40ODE6ODgxY2E4ODg2NDQ5M2Q2MzExZTc5NGNhYzRkZTZlMDBhYTZmYjc1YTg3YWI1YTZkZGJlODZmZTI1NGQ1YmY4YTo2MzEzMDVmZjc1NmRi
200 OK 20 B URL HTTP/1.1 www1.enviroments.com/track.php?domain=enviroments.com&toggle=browserjs&uid=MTY2MjE5MTEwMy40ODE6ODgxY2E4ODg2NDQ5M2Q2MzExZTc5NGNhYzRkZTZlMDBhYTZmYjc1YTg3YWI1YTZkZGJlODZmZTI1NGQ1YmY4YTo2MzEzMDVmZjc1NmRi
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=enviroments.com&toggle=browserjs&uid=MTY2MjE5MTEwMy40ODE6ODgxY2E4ODg2NDQ5M2Q2MzExZTc5NGNhYzRkZTZlMDBhYTZmYjc1YTg3YWI1YTZkZGJlODZmZTI1NGQ1YmY4YTo2MzEzMDVmZjc1NmRi HTTP/1.1
Host: www1.enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 07:45:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b6b5ffecd53193507458fbe6e66d3f0
c96009132e435078cd79e19b19eeb0dbcf9abef3
229806893f073d6d725880c375c2f72ab09221a46095e1203d7379c1a29b8bef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2d7a177ba4f5d07378f3f80625ca76d4
aeb98c6fcc81f8337738537995dc458e4ca05744
81581b3594ced0fbfec9a2b0818692ba149112c2aecf167c661d52f26dd5904f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C001154%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Enviroment%20Conservation%20Charity%2CEnviroment%20Education%20Courses%2CExtreme%20Weather%20Warning%20System%2CClimate%20Change%20Data%20Visualization%2CDonate%20Online%2CSend%20Mass%20Text%20Messages%20to%20Congress&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r6%7Cs&nocache=7221662191102416&num=0&output=afd_ads&domain_name=www1.enviroments.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1662191102417&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&uio=--&cont=tc&jsid=caf&jsv=470786624&rurl=http%3A%2F%2Fwww1.enviroments.com%2F%3Ftm%3D1%26subid4%3D1662191103.0374260000%26kw%3Denviroment%26KW1%3DEnviroment%2520Conservation%2520Charity%26KW2%3DEnviroment%2520Education%2520Courses%26KW3%3DExtreme%2520Weather%2520Warning%2520System%26KW4%3DClimate%2520Change%2520Data%2520Visualization%26KW5%3DDonate%2520Online%26KW6%3DSend%2520Mass%2520Text%2520Messages%2520to%2520Congress%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fenviroments.com%2F&adbw=master-1%3A530
200 OK 2.5 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C001154%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Enviroment%20Conservation%20Charity%2CEnviroment%20Education%20Courses%2CExtreme%20Weather%20Warning%20System%2CClimate%20Change%20Data%20Visualization%2CDonate%20Online%2CSend%20Mass%20Text%20Messages%20to%20Congress&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r6%7Cs&nocache=7221662191102416&num=0&output=afd_ads&domain_name=www1.enviroments.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1662191102417&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&uio=--&cont=tc&jsid=caf&jsv=470786624&rurl=http%3A%2F%2Fwww1.enviroments.com%2F%3Ftm%3D1%26subid4%3D1662191103.0374260000%26kw%3Denviroment%26KW1%3DEnviroment%2520Conservation%2520Charity%26KW2%3DEnviroment%2520Education%2520Courses%26KW3%3DExtreme%2520Weather%2520Warning%2520System%26KW4%3DClimate%2520Change%2520Data%2520Visualization%26KW5%3DDonate%2520Online%26KW6%3DSend%2520Mass%2520Text%2520Messages%2520to%2520Congress%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fenviroments.com%2F&adbw=master-1%3A530
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7914)
Hash 2de61945be0bb7537a28fda50c1bf94a
df1c0f20ad4c4858a04b68e32816d1ddf290913c
351ae1ba1b4c7b0525a292ce107c295bbed5b9a11d66822f68703db38e80bb44
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C001154%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Enviroment%20Conservation%20Charity%2CEnviroment%20Education%20Courses%2CExtreme%20Weather%20Warning%20System%2CClimate%20Change%20Data%20Visualization%2CDonate%20Online%2CSend%20Mass%20Text%20Messages%20to%20Congress&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r6%7Cs&nocache=7221662191102416&num=0&output=afd_ads&domain_name=www1.enviroments.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1662191102417&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&uio=--&cont=tc&jsid=caf&jsv=470786624&rurl=http%3A%2F%2Fwww1.enviroments.com%2F%3Ftm%3D1%26subid4%3D1662191103.0374260000%26kw%3Denviroment%26KW1%3DEnviroment%2520Conservation%2520Charity%26KW2%3DEnviroment%2520Education%2520Courses%26KW3%3DExtreme%2520Weather%2520Warning%2520System%26KW4%3DClimate%2520Change%2520Data%2520Visualization%26KW5%3DDonate%2520Online%26KW6%3DSend%2520Mass%2520Text%2520Messages%2520to%2520Congress%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fenviroments.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.enviroments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 03 Sep 2022 07:45:04 GMT
expires: Sat, 03 Sep 2022 07:45:04 GMT
cache-control: private, max-age=3600
content-encoding: br
server: gws
content-length: 2489
x-xss-protection: 0
set-cookie: CONSENT=PENDING+472; expires=Mon, 02-Sep-2024 07:45:04 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www1.enviroments.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
200 OK 182 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www1.enviroments.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP
File type ASCII text, with no line terminators
Hash 72a84b9c11f4f9e6d80853fca1ea28cf
fb341a10407547d61162f6344bf52d6bd22779c4
0fa18a87464dfb645e907905e513814c5d30e00082ba30cf4ce63d0eb73d6ebf
GET /gampad/cookie.js?domain=www1.enviroments.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.enviroments.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 03 Sep 2022 07:45:04 GMT
server: cafe
cache-control: private
content-length: 182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2d7a177ba4f5d07378f3f80625ca76d4
aeb98c6fcc81f8337738537995dc458e4ca05744
81581b3594ced0fbfec9a2b0818692ba149112c2aecf167c661d52f26dd5904f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b543e3a59e90c26c48a819e091f81f1e
37a1ed0df585a84b0790b1ef463ee4945f9087ad
c6e46687b404ce9848cb5a1a62f36d859f736e675662336da62578696c9ced1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b543e3a59e90c26c48a819e091f81f1e
37a1ed0df585a84b0790b1ef463ee4945f9087ad
c6e46687b404ce9848cb5a1a62f36d859f736e675662336da62578696c9ced1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash bbbac37f0b6e29a6099e4aa7cb19d6ca
0acafe95e2141f0af6109203efeb2d98e6b926c6
a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:41:00 GMT
expires: Sat, 03 Sep 2022 19:41:00 GMT
cache-control: public, max-age=82800
age: 39844
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:19 GMT
expires: Sun, 04 Sep 2022 01:02:19 GMT
cache-control: public, max-age=82800
age: 20565
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b543e3a59e90c26c48a819e091f81f1e
37a1ed0df585a84b0790b1ef463ee4945f9087ad
c6e46687b404ce9848cb5a1a62f36d859f736e675662336da62578696c9ced1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:45:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
200 OK 5.6 kB URL HTTP/1.1 www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2914)
Hash 335960558aaa1fa61353ac9b194776d2
7274bb8e51c6b503348cfd471d0ed748db5549cb
716993cfb1aa044ef86d923fc9dbcd4fca037450388d48dac5e2ed580ffc20a9
GET /?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __gsas=ID=3f0af3439d71534c:T=1662191104:S=ALNI_MYOMn6QXmucJY4cLXuweKfj_OKrQQ
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 07:45:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IcvovR23QdeRJg+x1WF1GrHv+1/J8sRv6w3GwsTu4fB4An91h9yZcoCeaL6hCMw5jVNeEwt0hR6KG18dkqMD0w==
X-Template: tpl_Urspring_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
304 Not Modified 0 B URL HTTP/1.1 d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/js3caf.js HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
If-Modified-Since: Thu, 14 Jan 2021 10:54:01 GMT
If-None-Match: "600022c9-1b58"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Connection: keep-alive
Server: nginx
Date: Sat, 03 Sep 2022 00:46:18 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ipjJr0DYoxBXH5B56i7Tx6QnlZmsETfU6xp0c5I86NtIVaPQ2Vr7xA==
Age: 25126
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP
File type ASCII text, with very long lines (1885)
Hash 5a2bbe3b568ec62d6563f54173ff6ab8
79cb651a4d41f783f9c2398153a0415508ae3862
28c66e04daa0caa0e7a796e7eefc349e246b9429b312064474f6116ecbea0dcb
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
If-None-Match: "14619200350205862941"
Cache-Control: max-age=0
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 03 Sep 2022 07:45:05 GMT
Expires: Sat, 03 Sep 2022 07:45:05 GMT
Cache-Control: private, max-age=3600
ETag: "14938927881529639172"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
c.parkingcrew.net/scripts/sale_form.js
304 Not Modified 0 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/
If-Modified-Since: Tue, 12 May 2020 14:25:52 GMT
If-None-Match: "5ebab1f0-2f9"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Server: nginx
Date: Sat, 03 Sep 2022 07:45:05 GMT
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16032
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 07:45:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16032
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 07:45:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16032
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 07:45:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16032
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 07:45:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1a25fee-f3d6-472f-81bc-e6c0a5fb3126.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1a25fee-f3d6-472f-81bc-e6c0a5fb3126.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68ab3b487c83fa2b50f774f1ed7e2e00
761c970aa19a87625a60a80f74dc9ae9d8c54ab0
4c483c7ad3b7f20a4566daf558fbd308158068accbbaca38089da192c2bc722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1a25fee-f3d6-472f-81bc-e6c0a5fb3126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: 2542bbcd-b962-4397-9c6a-359fa9b33b4d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0mhjF06oAMF62Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b7a3-281acf5f7c4982e26c723e42;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:58:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ygiWF4CCLws5zXLxKz79hEJ5eZEFIUsg41lhMvr9NeWjaFLLTX2OeQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:00:54 GMT
age: 35051
etag: "761c970aa19a87625a60a80f74dc9ae9d8c54ab0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 945f8c7bc247f564fc18e434049b8eaa
a74869b1d9551896ba6f911d167e192b2d9fd45e
143e84c6bbba21b868d2a443a365129e625614caa8f6eb7247cf971ce24417af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 2faea4f9-2bc2-4f09-98ff-753202d8a4e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMHHfpIAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-00ba3cea36308cea4a092141;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9qJg8ABexAQhpVPxIuH1gRIE9m62F5jPWWnaiMcF0RD9N-Wt30JTEw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:00:18 GMT
age: 35087
etag: "a74869b1d9551896ba6f911d167e192b2d9fd45e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9ae49d397bc8300ce0eceda8175a3ad
087b7d14d84ebb179126c9dcd8964d22f24f30ab
b9daa2fc390a97a4bd622dbdec7fe0fff7e6527ffb844a46b9b87b2bd6e0f006
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13241
x-amzn-requestid: 80083a05-9884-48f8-983b-d4132d7c8a0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMHFgPIAMF9qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-16fd2f06541cb4bc027f153f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zugAT8FgWA5gShTMABbCTZbZzaCXxM6du0zskoXn-LtzDNb5j4ByeA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:18:36 GMT
age: 33989
etag: "087b7d14d84ebb179126c9dcd8964d22f24f30ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:34 GMT
age: 34951
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dce7ca4-6ed1-4f00-8943-1ea59bc2cfd0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dce7ca4-6ed1-4f00-8943-1ea59bc2cfd0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 940d722cca434f3267ad6a1567b92e7b
8f8d5827588201a2b6aa883cbf812b0db2318df2
33c16b50e7c317df2b91def5625e8e39c8c2ecc75054ee40f82d4b22c80eb831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dce7ca4-6ed1-4f00-8943-1ea59bc2cfd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11776
x-amzn-requestid: 59dcda55-4c16-4842-828d-2588c43178c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqdN-FzkIAMFy4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630da8bf-37b930cb3e54dfa21883ead4;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 06:05:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eVOxXB-DBdvXLiSeG8b7tDD2oLU6x_F5EUSh-JjIW7SQJ1j9kOA6hg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:00:51 GMT
age: 35054
etag: "8f8d5827588201a2b6aa883cbf812b0db2318df2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SORUPJgJ_gKKs4hSa4EzCCQA6B1dmyO1EC-gCBvFKl2R2hV0mYTeA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:39:01 GMT
age: 32764
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www1.enviroments.com/track.php?domain=enviroments.com&toggle=browserjs&uid=MTY2MjE5MTEwNS4wNTk3OjNjNGRjMTQ5NDMxODBjODUyNzNhZTYzM2FhYjQ5MmFjN2IwZTExODY5OWI5YjA0NDM2NzNiZjQ4YTNlODNhNjM6NjMxMzA2MDEwZTkzMQ%3D%3D
200 OK 20 B URL HTTP/1.1 www1.enviroments.com/track.php?domain=enviroments.com&toggle=browserjs&uid=MTY2MjE5MTEwNS4wNTk3OjNjNGRjMTQ5NDMxODBjODUyNzNhZTYzM2FhYjQ5MmFjN2IwZTExODY5OWI5YjA0NDM2NzNiZjQ4YTNlODNhNjM6NjMxMzA2MDEwZTkzMQ%3D%3D
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=enviroments.com&toggle=browserjs&uid=MTY2MjE5MTEwNS4wNTk3OjNjNGRjMTQ5NDMxODBjODUyNzNhZTYzM2FhYjQ5MmFjN2IwZTExODY5OWI5YjA0NDM2NzNiZjQ4YTNlODNhNjM6NjMxMzA2MDEwZTkzMQ%3D%3D HTTP/1.1
Host: www1.enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=3f0af3439d71534c:T=1662191104:S=ALNI_MYOMn6QXmucJY4cLXuweKfj_OKrQQ
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 07:45:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.enviroments.com/ls.php
201 Created 0 B URL HTTP/1.1 www1.enviroments.com/ls.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ls.php HTTP/1.1
Host: www1.enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2866
Origin: http://www1.enviroments.com
Connection: keep-alive
Referer: http://www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=3f0af3439d71534c:T=1662191104:S=ALNI_MYOMn6QXmucJY4cLXuweKfj_OKrQQ; GoogleAdServingTest=Good
Cache-Control: max-age=0
HTTP/1.1 201 Created
Date: Sat, 03 Sep 2022 07:45:06 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 63130602447a0f7a004fb253
Charset: utf-8
Access-Control-Allow-Origin: http://www1.enviroments.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ca4jt7MJTgjqXO5k+y/h/LGgPIOBOProknZAzB4hA3dnOiVOKsLYImzTx/kM8CBxhXkBgvbDJe25itAJdxi0Xw==
www1.enviroments.com/track.php?domain=enviroments.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2MjE5MTEwNS4wNTk3OjNjNGRjMTQ5NDMxODBjODUyNzNhZTYzM2FhYjQ5MmFjN2IwZTExODY5OWI5YjA0NDM2NzNiZjQ4YTNlODNhNjM6NjMxMzA2MDEwZTkzMQ%3D%3D
200 OK 20 B URL HTTP/1.1 www1.enviroments.com/track.php?domain=enviroments.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2MjE5MTEwNS4wNTk3OjNjNGRjMTQ5NDMxODBjODUyNzNhZTYzM2FhYjQ5MmFjN2IwZTExODY5OWI5YjA0NDM2NzNiZjQ4YTNlODNhNjM6NjMxMzA2MDEwZTkzMQ%3D%3D
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=enviroments.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2MjE5MTEwNS4wNTk3OjNjNGRjMTQ5NDMxODBjODUyNzNhZTYzM2FhYjQ5MmFjN2IwZTExODY5OWI5YjA0NDM2NzNiZjQ4YTNlODNhNjM6NjMxMzA2MDEwZTkzMQ%3D%3D HTTP/1.1
Host: www1.enviroments.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.enviroments.com/?tm=1&subid4=1662191103.0374260000&kw=enviroment&KW1=Enviroment%20Conservation%20Charity&KW2=Enviroment%20Education%20Courses&KW3=Extreme%20Weather%20Warning%20System&KW4=Climate%20Change%20Data%20Visualization&KW5=Donate%20Online&KW6=Send%20Mass%20Text%20Messages%20to%20Congress&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=3f0af3439d71534c:T=1662191104:S=ALNI_MYOMn6QXmucJY4cLXuweKfj_OKrQQ
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 07:45:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.google.com/adsense/domains/caf.js
200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 03 Sep 2022 07:45:04 GMT
expires: Sat, 03 Sep 2022 07:45:04 GMT
cache-control: private, max-age=3600
etag: "400071477747266170"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
198.58.118.167
23.36.76.226
93.184.220.29
185.53.178.30
0.0.0.0