r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7197
Expires: Mon, 19 Dec 2022 16:34:06 GMT
Date: Mon, 19 Dec 2022 14:34:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16507
Expires: Mon, 19 Dec 2022 19:09:16 GMT
Date: Mon, 19 Dec 2022 14:34:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 13:45:36 GMT
content-type: application/json
age: 2914
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6899
Expires: Mon, 19 Dec 2022 16:29:09 GMT
Date: Mon, 19 Dec 2022 14:34:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: P5Syiiw2KcgjRkqI0fJOBxkyIIuTxU5qMwqE6eSNr2z3Ue2eSlHRP/Lb2Bp2Y4/N4qdrJfpEUe8=
x-amz-request-id: FGYNXMJGEYEX5TSY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 13:54:34 GMT
age: 2376
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 14:34:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 14:08:01 GMT
age: 1569
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc065a52d7234ddf4e1313e47b0cc6d7
57eea8b766115dda77ebc1df9fdac7ba53c0a6c1
77383c90515836e29edd67127a1ad3fe7551e79cd48746cbc1e7235a58b8743e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77383C90515836E29EDD67127A1AD3FE7551E79CD48746CBC1E7235A58B8743E"
Last-Modified: Sun, 18 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Dec 2022 20:34:10 GMT
Date: Mon, 19 Dec 2022 14:34:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4df678b16094ceafefdbbd55707f4dbe
39a68e051456a8ab6c782502a94e8b95ccb0a71d
00561de9683c69a89e084b685df25c6ea4d3a38654a40554f127814200aadf6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1868
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:10 GMT
Last-Modified: Mon, 19 Dec 2022 14:03:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xwwmtlIU+1J39ZP817EBMQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ctsAXFdwSWY9rEx0lY3576xUPTo=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 930f0320ed7bc9738f6d3d00639c7537
f9a1d6bea1bd4816546a03821888cd3dff122c73
1f59797edf40eaef89b0c2671766ecdcaf9e48ec2883f285b34d330f01823d19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-986373460
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-986373460
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash d358dd5c8d2f68f7004a5c7a8bdcf9f7
133e6bb15177ce622f2a9de5fa0220386394d573
da5813bf6bf53703a6ea3af868c987dd1dfaf5bd950219eee687bcfd94b3eba8
GET /gtag/js?id=AW-986373460 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Dec 2022 14:34:11 GMT
expires: Mon, 19 Dec 2022 14:34:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evergreencounty.com/wp-content/uploads/blocksy/css/global.css?ver=72236
103.211.216.225200 OK 4.3 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/blocksy/css/global.css?ver=72236
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (18349), with no line terminators
Hash 207b137e272dca3248779d8e7515b1fd
088d94109b90ce5a447826e1caf7dbc643649281
553472e5cdad84df6147855f8796e5b8e90e1f06ea0d52c5d0fa471e0b3e3162
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/blocksy/css/global.css?ver=72236 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 09:23:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4267
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-includes/css/classic-themes.min.css?ver=1
103.211.216.225200 OK 189 B URL HTTP/2 evergreencounty.com/wp-includes/css/classic-themes.min.css?ver=1
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 01:25:16 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 189
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/themes/blocksy/static/bundle/back-to-top.min.css?ver=1.8.46
103.211.216.225200 OK 468 B URL HTTP/2 evergreencounty.com/wp-content/themes/blocksy/static/bundle/back-to-top.min.css?ver=1.8.46
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1101), with no line terminators
Hash b513b0fcd5c2277ddbee62decd5dc996
bfa384e2b0a3730341943bc6f7b07eb2550c9613
7c73d65c33c3595363f7d43d1b03075072c465c3b6f66c08757f24e68c3cb280
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/blocksy/static/bundle/back-to-top.min.css?ver=1.8.46 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 468
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/themes/blocksy/static/bundle/brizy.min.css?ver=1.8.46
103.211.216.225200 OK 460 B URL HTTP/2 evergreencounty.com/wp-content/themes/blocksy/static/bundle/brizy.min.css?ver=1.8.46
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (984), with no line terminators
Hash bed94112c80d0cf450ddb935a9f79e69
efc97407ec9d3a8c844b489b0c9f3ffbe7ba4547
6f823593af585292bbdff88fb7014f3deb3bb4681c522563a8a4560787e4f65a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/blocksy/static/bundle/brizy.min.css?ver=1.8.46 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 460
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d6c9d0cbdcdc9044d9b88026c63adc2b
25af605c2b78ad7a86c861f16954ecda6ef32fd8
6d1057d432f6d33cd6ec5af497c5ee903865c893c07e1fa7b92d1a44993b9cf0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4378
Cache-Control: max-age=133059
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:11 GMT
Etag: "639fca0c-116"
Expires: Wed, 21 Dec 2022 03:31:50 GMT
Last-Modified: Mon, 19 Dec 2022 02:18:52 GMT
Server: ECS (amb/6BC5)
X-Cache: HIT
Content-Length: 278
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/e4/ca/default-avatar-2020-51.jpg?w=100&h=100&s=1
151.101.0.233200 OK 4.5 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/e4/ca/default-avatar-2020-51.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash cb40f8f81f159036b1329862fd7dcfc0
d39f29d8248a4b3e638697a4dd30f507612cc044
3eb2306b62701afd1633a7160fc4d2834e749265b9285a97f7e2d4779eb264f0
GET /media/photo-o/1a/f6/e4/ca/default-avatar-2020-51.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 2090796
x-served-by: cache-iad-kcgs7200173-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 15359, 3
x-timer: S1671460452.842690,VS0,VE0
content-length: 4451
X-Firefox-Spdy: h2
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/f3/23/default-avatar-2020-28.jpg?w=100&h=100&s=1
151.101.0.233200 OK 3.3 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/f3/23/default-avatar-2020-28.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash 64d19bb1edba5fc6210c3c46fd8a26aa
14742cda613a39c4606e86dd1e7c0dd4201399ed
9820c47d4ce7739af655302fdbbe08a47d3283af2be2a7e07658a2b116397be7
GET /media/photo-o/1a/f6/f3/23/default-avatar-2020-28.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 430496
x-served-by: cache-iad-kcgs7200143-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 85, 2
x-timer: S1671460452.843012,VS0,VE0
content-length: 3303
X-Firefox-Spdy: h2
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/de/5a/default-avatar-2020-36.jpg?w=100&h=100&s=1
151.101.0.233200 OK 3.7 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/de/5a/default-avatar-2020-36.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash 849f793d43389857ca5002b878e41f97
9243202b53e28cf83674a1b099dfbd1fb052cbea
2a3f269d6f20497fab73f28ce40aa4427efb8eb3e3d4851b0f7039fe7ee555c6
GET /media/photo-o/1a/f6/de/5a/default-avatar-2020-36.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 1113880
x-served-by: cache-iad-kjyo7100152-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 3841, 2
x-timer: S1671460452.842864,VS0,VE0
content-length: 3661
X-Firefox-Spdy: h2
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/e2/11/default-avatar-2020-41.jpg?w=100&h=100&s=1
151.101.0.233200 OK 3.3 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/e2/11/default-avatar-2020-41.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash cfe67fc5d163adc64b41d4d40fa53a59
dcac666e44d52304de129ff338691cab805026e7
b72fdcf823881e8c12456b5b6fa93e2e2694046db6dd6038ba45e5e648c94ca7
GET /media/photo-o/1a/f6/e2/11/default-avatar-2020-41.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 2006631
x-served-by: cache-iad-kcgs7200062-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 2
x-timer: S1671460452.843249,VS0,VE0
content-length: 3303
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open%20Sans:wght@400;600;700&family=Cinzel:wght@500;700&family=Petrona:wght@400;500;600;700&display=swap
142.250.74.106200 OK 4.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Open%20Sans:wght@400;600;700&family=Cinzel:wght@500;700&family=Petrona:wght@400;500;600;700&display=swap
IP 142.250.74.106:0
Hash fd35660c6578286bd3ba5c883844e771
fb540efa492c87b8c0d5171b0b6decb8c11a3b55
83535aa01fee9a76886fa6771c0757c393b1c5b635bc4bde977448bba85b11dd
GET /css2?family=Open%20Sans:wght@400;600;700&family=Cinzel:wght@500;700&family=Petrona:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Dec 2022 14:34:11 GMT
date: Mon, 19 Dec 2022 14:34:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/f3/e4/default-avatar-2020-30.jpg?w=100&h=100&s=1
151.101.0.233200 OK 4.2 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/f3/e4/default-avatar-2020-30.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash 59eb1652e239190354ef249c5f849522
628b2f55c95b744395e4dfb8f9d75f1a80436e0b
a4e6a16f880165c8e260a1d94001fdf7b0ff1a35124ade896c09805ebdb27ea0
GET /media/photo-o/1a/f6/f3/e4/default-avatar-2020-30.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 1535787
x-served-by: cache-iad-kiad7000060-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1671460452.844792,VS0,VE1
content-length: 4162
X-Firefox-Spdy: h2
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/ed/ce/default-avatar-2020-7.jpg?w=100&h=100&s=1
151.101.0.233200 OK 4.2 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/ed/ce/default-avatar-2020-7.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash 0b2c9bc585c57ff96cc296790079df1b
fa5a5bafd9169eb15f32368d5d17fcfc4c17a668
49669218e299925b63d43fee3aed191f13621de8b4cc4c33734e4fe79656a4c6
GET /media/photo-o/1a/f6/ed/ce/default-avatar-2020-7.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 1983128
x-served-by: cache-iad-kjyo7100066-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 5121, 1
x-timer: S1671460452.845110,VS0,VE1
content-length: 4214
X-Firefox-Spdy: h2
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/f2/eb/default-avatar-2020-27.jpg?w=100&h=100&s=1
151.101.0.233200 OK 3.6 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/f2/eb/default-avatar-2020-27.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash d9cf128e308bd595709bffbc5f0d6466
68606e2ec8c349cd9f2351954b8735c99e0ee4a4
feec1a295d96ace138884a73b336b2c3d2367aefb8071211a4939fc74f7ec597
GET /media/photo-o/1a/f6/f2/eb/default-avatar-2020-27.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 355792
x-served-by: cache-iad-kcgs7200107-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1671460452.850676,VS0,VE1
content-length: 3557
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/css/group-1-pro.css?ver=2.4.6
103.211.216.225200 OK 0 B URL HTTP/2 evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/css/group-1-pro.css?ver=2.4.6
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/brizy-pro/public/editor-build/116-wp/css/group-1-pro.css?ver=2.4.6 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 10 Sep 2022 05:37:22 GMT
accept-ranges: bytes
content-length: 0
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/e6/ea/default-avatar-2020-54.jpg?w=100&h=100&s=1
151.101.0.233200 OK 5.1 kB URL HTTP/2 dynamic-media-cdn.tripadvisor.com/media/photo-o/1a/f6/e6/ea/default-avatar-2020-54.jpg?w=100&h=100&s=1
IP 151.101.0.233:0
File type JPEG image data, baseline, precision 8, 100x100, components 3\012- data
Hash 0d58331c21f37fafef3575b67cfc3342
cc10b4a564e05d3945ee6ff18a022bfb060d8146
8373a10949ce1578dbf9021beb8bc39a977eadd30c614efd3257d615d1221571
GET /media/photo-o/1a/f6/e6/ea/default-avatar-2020-54.jpg?w=100&h=100&s=1 HTTP/1.1
Host: dynamic-media-cdn.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-type: image/jpeg
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Dec 2022 14:34:11 GMT
age: 1585724
x-served-by: cache-iad-kjyo7100028-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 5221, 1
x-timer: S1671460452.863747,VS0,VE1
content-length: 5050
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/tochat-be/assets/css/public-tochatbe-style.css?ver=1.1.10
103.211.216.225200 OK 1.4 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/tochat-be/assets/css/public-tochatbe-style.css?ver=1.1.10
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash fbc7ee8feea7f54d26fe7463ab565b76
d3bf85b25308c0f918ddc452d49e8153583f9e65
af3d1c8f2b6c35093d3564e8d86caa6b76645aadcb20c91128ff493de1c28ef1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/tochat-be/assets/css/public-tochatbe-style.css?ver=1.1.10 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1431
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/
103.211.216.225200 OK 84 kB IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 601196f1d59cc1cf2818c9a6df4473d6
77c856b29474c351a4bad24cf196526316ea30df
c0c805303c9ba2889c062d23c4c8bb7725c95184fd4dd201c2ce6852d2676a6f
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 19 Dec 2022 14:34:10 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://evergreencounty.com/wp-json/>; rel="https://api.w.org/", <https://evergreencounty.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://evergreencounty.com/>; rel=shortlink
cache-control: no-store, max-age=7200
expires: Mon, 19 Dec 2022 16:34:10 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/brizy/public/editor-build/241-wp/editor/css/group-2_3.css?ver=2.4.5
103.211.216.225200 OK 10 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/brizy/public/editor-build/241-wp/editor/css/group-2_3.css?ver=2.4.5
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5ad8285d28cff4e8aae7f5e7713fd959
22fdf4434d5a6447e521ae1247e99a4dd304c814
f3a177b577bc8357ebda32f01492a6ff41b428bb5f26ca91af613f7a8528eeac
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/brizy/public/editor-build/241-wp/editor/css/group-2_3.css?ver=2.4.5 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 10 Sep 2022 05:37:18 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 10245
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d6c9d0cbdcdc9044d9b88026c63adc2b
25af605c2b78ad7a86c861f16954ecda6ef32fd8
6d1057d432f6d33cd6ec5af497c5ee903865c893c07e1fa7b92d1a44993b9cf0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4378
Cache-Control: max-age=133059
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:11 GMT
Etag: "639fca0c-116"
Expires: Wed, 21 Dec 2022 03:31:50 GMT
Last-Modified: Mon, 19 Dec 2022 02:18:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
evergreencounty.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.211.216.225200 OK 4.6 kB URL HTTP/2 evergreencounty.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/1.png
103.211.216.225200 OK 109 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/1.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1390 x 638, 8-bit/color RGBA, non-interlaced\012- data
Size 109 kB (108854 bytes)
Hash a6b5c68074ca3c737b2e64fe92f065c8
71a052e4c19d30712b1e8b55a42a32b7d8b94b03
ab6c286b2d37fa09b472ccc479555c3615caf9cf34dabc5f48a4cfe1622b2a04
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/1.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 108854
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/logo.png
103.211.216.225200 OK 24 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/logo.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 180 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 06d7056544354a784a028f72d15a3135
1a198285f79395ed8c23953296581f9251f471f4
43faa9fc9a9cf8cff7db8588e2fd6e2840c828cade0e3a1b79c70c5a3e5e2e34
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/logo.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 24243
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/trustindex-tripadvisor-widget.css?ver=1661165885
103.211.216.225200 OK 3.6 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/trustindex-tripadvisor-widget.css?ver=1661165885
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (14411), with no line terminators
Hash 018799b086b9bb885e815ef80df363d2
348bc9115f04c527b1d7de522c0d6489126ee8ba
d7197f6b7f417e99c135ddef5a92c5dc04b6613681201cf54f39acd22f9cb47b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/trustindex-tripadvisor-widget.css?ver=1661165885 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3621
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.6
103.211.216.225200 OK 1.1 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.6
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7074), with no line terminators
Hash 9a372121a32926cae0d21de5d50dfc2e
17d60347fa05af5b548d9f5173edccaac648d646
8759ae50439ce093b416a7f0ddca6f112c3f39b027c55706edc2649ea6b03647
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.6 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1106
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/web2-1.png
103.211.216.225200 OK 8.0 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/web2-1.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 150 x 122, 8-bit colormap, non-interlaced\012- data
Hash 521c2ef7ddde468ddc31e11465948bd5
70394f453f49f30634288e01ff66bae03e204973
4d689fb79721170592a94a9575f38500312fcb13571b6bb817cab395e96b4146
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/web2-1.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 7966
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/call-center-agent-avatar-character-vector-19078234-1.jpg
103.211.216.225200 OK 4.8 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/call-center-agent-avatar-character-vector-19078234-1.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], progressive, precision 8, 150x162, components 3\012- data
Hash a9a4b4835eed23c8e13760c555a0c69c
f52123e94a6877165e89d30218adbbdcedfd7f26
738c1d02cbefad261d96d7260a279fbdc7f575c6780e008960fcaa5263a3310b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/call-center-agent-avatar-character-vector-19078234-1.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 4822
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/quick-call-button/assets/js/jquery.ui.touch-punch.min.js?ver=6.1.1
103.211.216.225200 OK 597 B URL HTTP/2 evergreencounty.com/wp-content/plugins/quick-call-button/assets/js/jquery.ui.touch-punch.min.js?ver=6.1.1
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (1090)
Hash 386e7e3b5208d2820ec7f34a0b53c5af
439567cba8d628d4f76c88817039b531a357e7ed
8dcbaaf28a91ce1b3444fc314a613205ca747ce5f7ff21bc169b03a628167d85
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/quick-call-button/assets/js/jquery.ui.touch-punch.min.js?ver=6.1.1 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 597
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/tochat-be/assets/js/public-tochatbe-script.js?ver=1.1.10
103.211.216.225200 OK 1.9 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/tochat-be/assets/js/public-tochatbe-script.js?ver=1.1.10
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 9994c3e392f23a37b63e5463246407fb
e14a4559b440329632c2d98fa2f68a2ea82fb25c
7866a26f0779447dae508cd90ba72a5d966783352f53513d59fa6024d1e00752
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/tochat-be/assets/js/public-tochatbe-script.js?ver=1.1.10 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1886
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/web-3-1.png
103.211.216.225200 OK 9.6 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/web-3-1.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 150 x 156, 8-bit colormap, non-interlaced\012- data
Hash 582c52879ba67b067ace8baa680aaa99
2842c807c8c3b45433405a1eed8cd5ea97fa827b
9d65bfd78c9b2cc772bf21383b195501cca84aaa6a6d60adff5950b0577f3194
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/web-3-1.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 9608
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/js/group-1.pro.js?ver=2.4.6
103.211.216.225200 OK 14 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/js/group-1.pro.js?ver=2.4.6
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (36856), with no line terminators
Hash 1cfd7d1234b44c4c2f4ea70e0f06451d
213484c323d4cbb6ac3e1808c766909bac771209
e6f6de835dfc416033918ef4a23be0876d927ea700399876e8dc5b2ce6b520d7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/brizy-pro/public/editor-build/116-wp/js/group-1.pro.js?ver=2.4.6 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 10 Sep 2022 05:37:22 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13494
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=6.1.1
103.211.216.225200 OK 162 B URL HTTP/2 evergreencounty.com/wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=6.1.1
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash cb2969f57fcb53f8e8d5a91b091a8a9a
02fc079278092183b592dc9b7be3ee3dffd300b8
2d3114766b5eca41235b7a918c8bd7ce61abd7e334f0f6c0bfe4773aeb7e6704
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=6.1.1 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 162
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.46
103.211.216.225200 OK 13 kB URL HTTP/2 evergreencounty.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.46
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (33127)
Hash 7b7425ff0d176c469fccf18f843ed55d
f7dadb0f798c60d622323303ff9b9a01be9d81ff
ae2604f57e6aa50f290e1a8ee55cfb4f79f005d360a5c877254d4ef5eb99b7e9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.46 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12707
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/js/preview.pro.js?ver=2.4.6
103.211.216.225200 OK 77 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/js/preview.pro.js?ver=2.4.6
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d9e2c48a4f54819fa959b49a25a3eb02
51136b4ddabad4c2329ce68d3084cc9acd4d3851
7ac14d3b237da03d31b0b4e2246547826b5c616b359f82030b2dc2e86610758d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/brizy-pro/public/editor-build/116-wp/js/preview.pro.js?ver=2.4.6 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 10 Sep 2022 05:37:22 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Mon, 19 Dec 2022 18:30:38 GMT
Date: Mon, 19 Dec 2022 14:34:12 GMT
Connection: keep-alive
evergreencounty.com/wp-content/plugins/quick-call-button/assets/js/jquery-ui.js?ver=6.1.1
103.211.216.225200 OK 108 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/quick-call-button/assets/js/jquery-ui.js?ver=6.1.1
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 108 kB (107635 bytes)
Hash d29b853dcbbc30dc67dc22e50deddfb8
dd862dfe1a111264a1b11935c046258b1b3b6d3d
70ad61069fb4dda7af5c90a82764047754c05ff84a2fd95a67b33e8eb8e3ee27
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/quick-call-button/assets/js/jquery-ui.js?ver=6.1.1 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Mon, 19 Dec 2022 18:30:38 GMT
Date: Mon, 19 Dec 2022 14:34:12 GMT
Connection: keep-alive
cdn.trustindex.io/assets/platform/Tripadvisor/star/e.svg
143.204.55.42200 OK 691 B URL HTTP/2 cdn.trustindex.io/assets/platform/Tripadvisor/star/e.svg
IP 143.204.55.42:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (690), with no line terminators
Hash 68b7da8d5e6c0fad8fa762dd4b51f059
984de41fc54aa0db38078b7893fafe36a1425c32
ada547e9ae8eeae755eca6635993afb9b0c3a8da6ba0eaa7c3913f1dd93d7f4d
GET /assets/platform/Tripadvisor/star/e.svg HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 691
date: Fri, 04 Nov 2022 15:02:35 GMT
server: Apache/2.4.29 (Ubuntu)
last-modified: Tue, 22 Feb 2022 22:43:27 GMT
etag: "2b3-5d8a313da4829"
accept-ranges: bytes
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: max-age=31536000, public
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4bugMFiygxoIdsSM2oyAz_Z3YSZM-mOy2Qh4HgNbQvb0Xdb5NyGQlQ==
age: 3886297
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Mon, 19 Dec 2022 18:30:38 GMT
Date: Mon, 19 Dec 2022 14:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Mon, 19 Dec 2022 18:30:38 GMT
Date: Mon, 19 Dec 2022 14:34:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c990c360fd972821af876119dd8555b
458555bf2ac16225da8adfc9fbe75aed89526287
beae8e1d373cbe333272e54db93f44e18f063e93f12f005e793ba64e4f7696a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7760
x-amzn-requestid: a0b96eff-245a-48ab-b09b-013861bbad27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKwhKFTtIAMF6TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a946d-513964bc657a326217d85e42;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:28:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RIRrm1eTSOwWOIuw-YP0ga1-wyEVmsyLL4_9FnFauMDE_r290dds3Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 06:20:55 GMT
age: 29597
etag: "458555bf2ac16225da8adfc9fbe75aed89526287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _WKAnv-iFrsEA9lFq4adBmRVdSk9-FQVF_cFCDhpM1_LMDdt_vPwhQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:39:06 GMT
age: 60906
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JecluZu8ExMmP-UHM8QbK-bjm_yqULU1tl2QQDfKMea8NHM6y2JI7g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:39:06 GMT
age: 60906
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.buttonizer.io/embed.js?ver=3.2.0
172.67.215.66200 OK 103 kB URL HTTP/2 cdn.buttonizer.io/embed.js?ver=3.2.0
IP 172.67.215.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (102769 bytes)
Hash b45a45fdde1685799b33ba4cfe29fd3b
778fae90f0e7523d5ed383b9ad56a993c8c62d5b
f0b1c16c04f2c8e1cd901c796c5c0e618e80f64004e852ebabe35febc1df1b56
GET /embed.js?ver=3.2.0 HTTP/1.1
Host: cdn.buttonizer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 14:34:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=461380
etag: W/"70a44-5ef40d0f0dc03"
last-modified: Wed, 07 Dec 2022 18:09:05 GMT
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
age: 36
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2%2Fxm6uy%2ByVFtbf1%2FT1HaWuw6QfYOeDnYgprTV%2Fn0L3wPVj09NUQ4krWB6AOTQ7pw%2BVtrGBJc3gcAqlSevcxRGJkbPUuOCEwgNCsXfurndNlZT1ny%2Bzp2PfVJYaomq5Be1NDjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77c0db901dc80b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8qqSQbj22k16ApKTT8y5BQItInb8EjZuACdWcsW_FnMysvnDADbLxQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:39:06 GMT
age: 60906
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c714628a486b8d09101fe1115b4a25
a859bec81457e5b3511fb7612b65bcd4be790f21
41586527c64614c69c2833d2eb9a0e5e03906388a39ae16443b45dd6885329af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 30f541b7-557c-45c6-a639-596ec624d6b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJtzFJPIAMFaow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcbe-221f45c41cc4ac943f78ce6c;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f_sUIMBle-AT5Od_IJdlhNc1razIfG8LYIi1tEsIyWtMRBs063gjwQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 07:18:00 GMT
age: 26172
etag: "a859bec81457e5b3511fb7612b65bcd4be790f21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 384a2b2f97397ee2741922068da5bdcd
256bcaf0f153a739623feb917ad1c8745b7a3651
541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cinzel/v19/8vIJ7ww63mVu7gt79mT7.woff2
25 kB URL fonts.gstatic.com/s/cinzel/v19/8vIJ7ww63mVu7gt79mT7.woff2
IP :0
File type Web Open Font Format (Version 2), TrueType, length 24880, version 1.0\012- data
Hash 60337f4929e607883108c207a551f3c4
a362b7463f901e670973729b259f8c39a9cbf23c
5dc3de1acae3f4da0c269de47f720023720ab9ca0b84e61be6d57e1481a9e224
GET /s/cinzel/v19/8vIJ7ww63mVu7gt79mT7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evergreencounty.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/css/preview.pro.css?ver=2.4.6
103.211.216.225200 OK 99 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/brizy-pro/public/editor-build/116-wp/css/preview.pro.css?ver=2.4.6
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 61625d33906872f45403ea0f69221b5c
7a76e2031c5dd8459a7e2aad98318f23d64b50a3
d322e9f56c635c3142ae739e59bcab4fd20741bce0c631adc0af740d33926502
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/brizy-pro/public/editor-build/116-wp/css/preview.pro.css?ver=2.4.6 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 10 Sep 2022 05:37:22 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evergreencounty.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:12 GMT
expires: Sat, 16 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 262860
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evergreencounty.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:12 GMT
expires: Sat, 16 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 262860
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2
216.58.207.227200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 38720, version 1.0\012- data
Hash 5342b2bb527c1805890cfe977169338a
cb0b7569ea75637b94cae5196682f70e83e84639
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
GET /s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evergreencounty.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 21:17:08 GMT
expires: Tue, 12 Dec 2023 21:17:08 GMT
cache-control: public, max-age=31536000
age: 580624
last-modified: Mon, 18 Jul 2022 18:41:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7067973a30c54b2897aeeb5e204f014
7b0711fd3909e48347441e4edc9c429af69595a9
b224be5e7ec78abaa46ab333f0adee535cb24e5bc4b2b721c441e4061043a467
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/petrona/v28/mtG64_NXL7bZo9XXgXJYtQ.woff2
216.58.207.227200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/petrona/v28/mtG64_NXL7bZo9XXgXJYtQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 42452, version 1.0\012- data
Hash d902e20dab32ea8d1a33dc1314a039fb
54011c89604aabeb6be34798bab351cb015b7873
a5d8ddb78455ca78aa738dc1bbaa60cd7f84439a580e75f768122c64b7c66e7b
GET /s/petrona/v28/mtG64_NXL7bZo9XXgXJYtQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evergreencounty.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 08:33:23 GMT
expires: Fri, 15 Dec 2023 08:33:23 GMT
cache-control: public, max-age=31536000
age: 367249
last-modified: Mon, 18 Jul 2022 18:41:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 384a2b2f97397ee2741922068da5bdcd
256bcaf0f153a739623feb917ad1c8745b7a3651
541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 21:48:03 GMT
expires: Fri, 15 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 319569
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 16:40:43 GMT
expires: Fri, 15 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 338009
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evergreencounty.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
103.211.216.225200 OK 89 kB URL HTTP/2 evergreencounty.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash cb7a19f976fda9e26281f524801b66ab
281be9f6b491966309bd8e9b5cdfbdc88fe43b29
1b0b11ee762afe5286339cbff7c9dff9a00a05c87e0c4a620a77d5e05d7c222c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 01:25:16 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.trustindex.io/assets/platform/Tripadvisor/logo.svg
143.204.55.42200 OK 102 kB URL HTTP/2 cdn.trustindex.io/assets/platform/Tripadvisor/logo.svg
IP 143.204.55.42:0
Size 102 kB (102521 bytes)
Hash 4acf95f7dae36fe7626f9674468415b7
ac179e384d27707040de955830fa19db08304fcd
42bb9d6e5665e6b8d061a8cc2a377f3b2ed8a1a7c1d4ab0168e7859f62aabd06
GET /assets/platform/Tripadvisor/logo.svg HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Sun, 13 Nov 2022 01:20:12 GMT
server: Apache/2.4.29 (Ubuntu)
last-modified: Thu, 20 Oct 2022 13:54:48 GMT
etag: W/"220d-5eb77ab29cb01"
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: max-age=31536000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lx3fpDR6iJvOhBc5iWzqAhfNYA2qWyKgn7lJZn4PwkOu1u8kq-9AJA==
age: 3158039
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/GroupStay-3-1.jpg
103.211.216.225200 OK 713 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/GroupStay-3-1.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], progressive, precision 8, 1900x1266, components 3\012- data
Size 713 kB (712657 bytes)
Hash 22ee90f7a519c2ddebbc00eac22df1e1
0a5a0b731b6ac59a4e48014f82c0b205beb6c705
3ad8c682d7952d3a6df48813a9cdca52bfc62d28bfeed2106ae71c8bd79439ea
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/GroupStay-3-1.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 712657
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:12 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:12 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/Coorg-Cottage-Stay-1.jpg
103.211.216.225200 OK 706 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/Coorg-Cottage-Stay-1.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], progressive, precision 8, 1900x1267, components 3\012- data
Size 706 kB (705971 bytes)
Hash f7b68895635b549f6224b80f74da965d
18ec1939c0d143a890ee395621b758a8816dcee0
e55f8d8adb0e3507cdb8fec32ba93bcf444d34eeacbc618ed0e84b688cd1b9d7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/Coorg-Cottage-Stay-1.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 705971
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:12 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:12 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/brizy/public/editor-build/241-wp/editor/js/group-2_3.js?ver=2.4.5
103.211.216.225200 OK 575 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/brizy/public/editor-build/241-wp/editor/js/group-2_3.js?ver=2.4.5
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 575 kB (575093 bytes)
Hash 908692e33c0231c262f5da2cba7f2b85
722fa023bb2feeb7f19f762bd85a735a4efa0eae
3cdc3170052d79d613d83f888886ad83e1916aa39610aea7c29a17f5efc06d24
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/brizy/public/editor-build/241-wp/editor/js/group-2_3.js?ver=2.4.5 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 10 Sep 2022 05:37:18 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/quick-call-button/images/quick-call-button.png
103.211.216.225200 OK 638 B URL HTTP/2 evergreencounty.com/wp-content/plugins/quick-call-button/images/quick-call-button.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 52183b40a9b772ebf987d3f9c1716567
e224b027db3a0509b7d7c558103c864a673d7005
4dbb37ef73b7ee3bfaf1761a0f785cdf1a877a83cb2f83022c45113676feb928
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/quick-call-button/images/quick-call-button.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 638
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:12 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:12 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/Evergreencounty_Slider-1.jpg
103.211.216.225200 OK 305 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/Evergreencounty_Slider-1.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1000, components 3\012- data
Size 305 kB (304900 bytes)
Hash f950cdb8563fd80609917d01ae6f55a1
cfc01c9f7cafec7b30630b5b49eccca491ad4c01
99442c8e87eb18d42f7a3c96a6b1a61155fc1b079cd6de798af1b4dc648cbf50
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/Evergreencounty_Slider-1.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 304900
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:12 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:12 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/1500.png
103.211.216.225200 OK 2.7 MB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/1500.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1500 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 2.7 MB (2739624 bytes)
Hash 304aae1e1622cfb4e3344d67b809b031
b75ed8b93bfc9b7eac050bf189564d0e6ada0df7
d93f0ad8136f8e969e6f7c0ac9db30e73e99e7195e7a0af2bf595643572eab2c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/1500.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 2739624
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:12 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:12 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/Rectangle-11.png
103.211.216.225200 OK 125 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/Rectangle-11.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 355 x 189, 8-bit/color RGBA, non-interlaced\012- data
Size 125 kB (125349 bytes)
Hash 03fefebe540d0b66690755e9f57c872c
497eb43a4a0d91a0f0d07a2fc2d3072241154a45
6b41b9dc4ce10712696498ab67dbd13ec5512992be08d6d94bf0a336f1b0dd63
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/Rectangle-11.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 125349
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/Rectangle-17-1.png
103.211.216.225200 OK 148 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/Rectangle-17-1.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 322 x 185, 8-bit/color RGBA, non-interlaced\012- data
Size 148 kB (148061 bytes)
Hash 2a613b947bec98b71e16ddaeca95a525
50e94cec6d48b09d98e1cac2bc67d6bc96fef753
462998499a083ff155112fb87bf2c339f71283f7686e38af9052dc1229fd5f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/Rectangle-17-1.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 148061
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/plugins/blocksy-companion/static/bundle/sticky.js
103.211.216.225200 OK 4.7 kB URL HTTP/2 evergreencounty.com/wp-content/plugins/blocksy-companion/static/bundle/sticky.js
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (13580), with no line terminators
Hash cc8d784a057711881cd6c5d4549d1510
afeeff73fc8f65c08383004af049a5cdb9759529
fd95ba68af8673dde0aa92d21d7b56f601adc0f7059b7a4c95a608112ffa2879
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/blocksy-companion/static/bundle/sticky.js HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Mon, 19 Dec 2022 20:34:13 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4748
content-type: application/javascript
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/Rectangle-17.png
103.211.216.225200 OK 71 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/Rectangle-17.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 322 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 964f1871edfacb667f0d4d15fda38f31
3d49275f03b0f686ba30e30aa931526c2be9930d
4132259a7eafffc8166ed174f01cb7f1562fb1661ea969f4d14c4789967d4d6a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/Rectangle-17.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 70799
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/Rectangle-9-170x216x0x0x170x216x1661165885.png
103.211.216.225200 OK 88 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/Rectangle-9-170x216x0x0x170x216x1661165885.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 170 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash 89742007a2450e30aeebca824f6a872d
534689f64b11c5b0867b8ea2b11aa228a66f8a37
77a2b892400faeeffe2d48d50b8ed056a4cf4688199afebed998cade97893a87
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/Rectangle-9-170x216x0x0x170x216x1661165885.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 88094
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/Rectangle-9.png
103.211.216.225200 OK 146 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/Rectangle-9.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 210 x 266, 8-bit/color RGBA, non-interlaced\012- data
Size 146 kB (145464 bytes)
Hash 180644c708281ce7f7e25ec8dbc7484d
11694b02a1b6b7e9b3b6dcb857fea0dc8008e1aa
c0eeb760891d0e07758155e25be251280363fdc4d0b9eae4f73350c5c65fced2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/Rectangle-9.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 145464
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-1-257x171x14x0x228x171x1661165885.jpg
103.211.216.225200 OK 14 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-1-257x171x14x0x228x171x1661165885.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 228x171, components 3\012- data
Hash a0e988b1712492dd3a799c4c4f41647d
a5d928ff804631bf6e46bae63d3a54302f4ae5b5
2e2177f96ff5bfb30f1f6b9f81dbd0da118f9e0f8240cd8e0158dfb3638474ab
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/Gallery-1-257x171x14x0x228x171x1661165885.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 14134
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-4-267x178x19x0x228x178x1661165885.jpg
103.211.216.225200 OK 7.1 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-4-267x178x19x0x228x178x1661165885.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 228x178, components 3\012- data
Hash d41468cfdfc897b5e9fc378ba555daad
e9bf7f724357b7f32da6927b01c76d737b3fcf70
03a18838ac44432aee1d2bcdd2a309f13c4e953d3a81f9ce0ac2bc60a571ddc8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/Gallery-4-267x178x19x0x228x178x1661165885.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 7062
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-5-263x175x17x0x228x175x1661165885.jpg
103.211.216.225200 OK 14 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-5-263x175x17x0x228x175x1661165885.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 228x175, components 3\012- data
Hash 33c24843e0201cf15a4c9a7ae220fd1c
fe0986d37545024e74328912608e154380d843ad
9322efa7c8d22d55a54928c0695c83ed584acab9e8edf39efdcf1f807c8b02d1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/Gallery-5-263x175x17x0x228x175x1661165885.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 14182
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-7-260x174x16x0x228x174x1661165885.jpg
103.211.216.225200 OK 12 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-7-260x174x16x0x228x174x1661165885.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 228x173, components 3\012- data
Hash bd5531fc9bcdc30fa5efdaea86c3254a
aceb4faf167845d23cedf2be6179b182c97bd592
5ed60a785d2dbb6bfced204586a8561d4bae399aed478d1b98953cd1cc77f411
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/Gallery-7-260x174x16x0x228x174x1661165885.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 12467
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1bbd2b2bbc140300eb16e42d776b6166
47a2975a0cc4874037402a62718664b7e278a1e4
54c1a1d249da25529ce4522e9606c5023bb3176de8259a04cee5354d1643a4cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c76e2d1033fe19d491bcdb4e24faaeeb
9b3da75ba4ebf950d17ee9178c64c46afc363047
20590ac857bae294c81ad22c37bb5ec0aca36ad35ae4aa4ece7a5e5ea47ded63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 14:21:04 GMT
expires: Mon, 19 Dec 2022 14:36:04 GMT
cache-control: public, max-age=900
age: 789
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 19 Dec 2022 14:34:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 19 Dec 2022 14:34:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-3-270x180x21x0x228x180x1661165885.jpg
103.211.216.225200 OK 12 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/Gallery-3-270x180x21x0x228x180x1661165885.jpg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 228x180, components 3\012- data
Hash 77b67dcf391d74b1e59c32ae411d1984
b11b910ebda3bfe4d4a5518aabd39cd7d06646c2
7e4fa54a504e0829baa8053993dc6f2415c7029d587da6d4dcfff8c1aee97bbc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/Gallery-3-270x180x21x0x228x180x1661165885.jpg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 12136
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-2-385x385x0x41x385x303x1661165885.png
103.211.216.225200 OK 209 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-2-385x385x0x41x385x303x1661165885.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 385 x 303, 8-bit/color RGBA, non-interlaced\012- data
Size 209 kB (208950 bytes)
Hash 56505a5a6f74935a9c4cb0bab42d2641
df1d762a8d02ceb0c525b8d66e2ba11fdb2cc3ac
4f8837902c3b61150971eca51295e57156ef854a402d45abf25de3d8b1beeb2d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/celeb-2-385x385x0x41x385x303x1661165885.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:26 GMT
accept-ranges: bytes
content-length: 208950
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f34e056439242a853859b9a297dc42ce
91d6ebde868fbec9973f8939526ba0c3d2d304f0
bb4734e855deefe18f9de74ca801267e822305a8e7bfe05ef8efdfd567127b5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-6-385x385x0x48x385x289x1661165885.png
103.211.216.225200 OK 234 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-6-385x385x0x48x385x289x1661165885.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 385 x 289, 8-bit/color RGBA, non-interlaced\012- data
Size 234 kB (233967 bytes)
Hash cdaf77e0632f347dd759bafa1a53affc
f5ceeb49ed7080864e72d51e1037d1601105c775
2ea869d002fce5075af85d892f7f7d818efb1429b04c5b20b91c94c4b6166c95
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/celeb-6-385x385x0x48x385x289x1661165885.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 233967
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c76e2d1033fe19d491bcdb4e24faaeeb
9b3da75ba4ebf950d17ee9178c64c46afc363047
20590ac857bae294c81ad22c37bb5ec0aca36ad35ae4aa4ece7a5e5ea47ded63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-4-385x385x0x45x385x295x1661165885.png
103.211.216.225200 OK 288 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-4-385x385x0x45x385x295x1661165885.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 385 x 295, 8-bit/color RGBA, non-interlaced\012- data
Size 288 kB (287485 bytes)
Hash 464c2ab58bd23763a1b421b02bcdc927
32f4ea66eb34bdccc62720f368b75520ada7e6a2
9db4470a2de24ccfbf09066108be4ecb40b7d438047c4d60a25a9e896c79b047
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/celeb-4-385x385x0x45x385x295x1661165885.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:25 GMT
accept-ranges: bytes
content-length: 287485
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 127a55a0806e000f68aef0d148af0151
140bb9726efb7645c8ba7966d6e6c2a49c1b7b2e
5ddeab2d4b1bbcd63b1bc21a0a033bb924ccc80207166dc76c8816663a202f18
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 19 Dec 2022 14:34:13 GMT
server: ESF
cache-control: private
content-length: 31114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 03c8258e1c16364384a10c746732e080
24f121ea76ab812448228b238fadc421f5c4d6c8
9dfb03f619014cd8683030fb68b00b8a0befd9ad9755fcd77c69a2a4e163d397
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36162)
Hash e9bf756aa2fac02f3307febffa242635
d0da1ab271c03a49fe6499a38e6f3c34d396c5d4
12655f58f30c13fae1942aae99ace0d8e450ead33ec120b89d78fd98a279e0bb
GET /js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14349
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Dec 2022 14:28:27 GMT
expires: Mon, 18 Dec 2023 14:28:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 86746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01b5c4e0ba6775471242d7e4cadee177
3eb321e5a94c9fe258113ce260fe64c1efef45fe
15bf058f5239aaa97a6138e8c005f0b6114f9857c4d61baa17214d470561b8df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/Am6ThDSGxvxwAmC5v4Q_IJlTP-ZdQ50OIsW9kGq-OsIspPB2vVjctvxBciv8Yh0XlP6bljQ4iA=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.0 kB URL HTTP/2 yt3.ggpht.com/Am6ThDSGxvxwAmC5v4Q_IJlTP-ZdQ50OIsW9kGq-OsIspPB2vVjctvxBciv8Yh0XlP6bljQ4iA=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash e996b1c610b7be60e54a1506ed716dbc
6042ec7dd1682df078aca4cd0347d9c8df5a2016
975221ba6db743c9ce050cb459cf0ef69623c97038a1e40e058bc2e987af92f1
GET /Am6ThDSGxvxwAmC5v4Q_IJlTP-ZdQ50OIsW9kGq-OsIspPB2vVjctvxBciv8Yh0XlP6bljQ4iA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 20 Dec 2022 14:34:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 14:34:13 GMT
server: fife
content-length: 3988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-3-385x385x0x42x385x301x1661165885.png
103.211.216.225200 OK 240 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-3-385x385x0x42x385x301x1661165885.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 385 x 301, 8-bit/color RGBA, non-interlaced\012- data
Size 240 kB (239670 bytes)
Hash 471a8146421dfe22cb2a991ec9756487
63fa8e07a27624a2fff23ec76daa38bdcb5d0572
71cf1300b571360d7cd66a8381559d5de48f3e2961f389b69ab36e3cdf7d800e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/celeb-3-385x385x0x42x385x301x1661165885.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:26 GMT
accept-ranges: bytes
content-length: 239670
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-1-385x385x0x41x385x303x1661165885.png
103.211.216.225200 OK 237 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-1-385x385x0x41x385x303x1661165885.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 385 x 303, 8-bit/color RGBA, non-interlaced\012- data
Size 237 kB (237023 bytes)
Hash 11ca9aa6d7e1d1dbbca2101ad5ecc281
3444e9a357abb290d9c95600123a5fef9aeb5eb6
d4fe0f5a8dcf1c9600e042abe16d663a123a4e8ca772527ee747e7bd541b9977
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/celeb-1-385x385x0x41x385x303x1661165885.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:26 GMT
accept-ranges: bytes
content-length: 237023
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-5-385x385x0x46x385x293x1661165885.png
103.211.216.225200 OK 271 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/brizy/imgs/celeb-5-385x385x0x46x385x293x1661165885.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 385 x 293, 8-bit/color RGBA, non-interlaced\012- data
Size 271 kB (271044 bytes)
Hash 6a1b019a1a922de2fc191def369d6833
bc5005679329b0199d6791408bede0a7ffc6495f
9e5c0938e0c1168d9250340b3f9b539950fdad09b8d0422a05c72e2a4259d594
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/brizy/imgs/celeb-5-385x385x0x46x385x293x1661165885.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 11:00:26 GMT
accept-ranges: bytes
content-length: 271044
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:13 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01b5c4e0ba6775471242d7e4cadee177
3eb321e5a94c9fe258113ce260fe64c1efef45fe
15bf058f5239aaa97a6138e8c005f0b6114f9857c4d61baa17214d470561b8df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 522 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash 599917f4972dff5963ffff8c67c9edb5
72b52bfad801ad5a48d39af36466e581ff8e5c2a
42b32737b2f0ccd7dfe53f8a6c3e9153766fed4dac2ab6a2924c8c73e3278005
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 19 Dec 2022 14:34:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 835682d87a8735c2c863e5a79602bd8e
6b2f525a7daf19b69db749cb50fa07565a36f016
1cc70a5f8d1bdbbc48d8680c48c83c22b248a43a621883dbc64f95fad2760d89
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 992
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 19 Dec 2022 14:34:14 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17dcc783d992bd5bd0ccebc9e1d7cca3
178cd42a88e357d0159b6cbcdaffbec64f085c19
6172b49773ad841783181ffb415ff4f3328e02cb6e816bc75ac71dbc4eb4e137
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 17dcc783d992bd5bd0ccebc9e1d7cca3
178cd42a88e357d0159b6cbcdaffbec64f085c19
6172b49773ad841783181ffb415ff4f3328e02cb6e816bc75ac71dbc4eb4e137
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1671482053&ei=ZXagY-DXKqr27QTggp-gDQ&ip=91.90.42.154&id=o-AJnl3chFmzETv57ZwSiO9_vnXrn9zBHfQ177J5WsKkwo&itag=251&source=youtube&requiressl=yes&mh=Z4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=zIddbNPuaxnYhRhU-6xsQUVmyGejKYs&vprv=1&mime=audio%2Fwebm&ns=Sm9QwqWI-2PFUs7tUvHQb7EK&gir=yes&clen=559645&dur=32.941&lmt=1660308256450978&mt=1671460155&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=uAdqJYw7TyRVKQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgOc2lPZmQ4YLorTcVmruDVwqEygQCl1tnEeJxdC1S_z4CIAw4Fx5S5paxWJMDkfjgLpHjvlCkDHwrxG5p00aDfIQD&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhALnMTBPSyO9-VSyXu6S9dFxQhtQdjPR1DpBwKl9EjBc7AiBfZwinSFOjCZpxMBqtYltC83w6rPMWmkNBOpnGW9nvqg%3D%3D&alr=yes&cpn=mlSOBJL7Q2Ee3fyF&cver=1.20221214.01.00&range=0-65868&rn=2&rbuf=0
91.90.45.172200 OK 66 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1671482053&ei=ZXagY-DXKqr27QTggp-gDQ&ip=91.90.42.154&id=o-AJnl3chFmzETv57ZwSiO9_vnXrn9zBHfQ177J5WsKkwo&itag=251&source=youtube&requiressl=yes&mh=Z4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=zIddbNPuaxnYhRhU-6xsQUVmyGejKYs&vprv=1&mime=audio%2Fwebm&ns=Sm9QwqWI-2PFUs7tUvHQb7EK&gir=yes&clen=559645&dur=32.941&lmt=1660308256450978&mt=1671460155&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=uAdqJYw7TyRVKQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgOc2lPZmQ4YLorTcVmruDVwqEygQCl1tnEeJxdC1S_z4CIAw4Fx5S5paxWJMDkfjgLpHjvlCkDHwrxG5p00aDfIQD&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhALnMTBPSyO9-VSyXu6S9dFxQhtQdjPR1DpBwKl9EjBc7AiBfZwinSFOjCZpxMBqtYltC83w6rPMWmkNBOpnGW9nvqg%3D%3D&alr=yes&cpn=mlSOBJL7Q2Ee3fyF&cver=1.20221214.01.00&range=0-65868&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 5481046617b56ce58bc3dc94c0160d1c
813e4219fae2fd2c4bbb780dc5125ae6db8bac7f
e7f45a6292dfbe33845db6443e5b48a997b40c241005a100d2aa1ddc93377078
POST /videoplayback?expire=1671482053&ei=ZXagY-DXKqr27QTggp-gDQ&ip=91.90.42.154&id=o-AJnl3chFmzETv57ZwSiO9_vnXrn9zBHfQ177J5WsKkwo&itag=251&source=youtube&requiressl=yes&mh=Z4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=zIddbNPuaxnYhRhU-6xsQUVmyGejKYs&vprv=1&mime=audio%2Fwebm&ns=Sm9QwqWI-2PFUs7tUvHQb7EK&gir=yes&clen=559645&dur=32.941&lmt=1660308256450978&mt=1671460155&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=uAdqJYw7TyRVKQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgOc2lPZmQ4YLorTcVmruDVwqEygQCl1tnEeJxdC1S_z4CIAw4Fx5S5paxWJMDkfjgLpHjvlCkDHwrxG5p00aDfIQD&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhALnMTBPSyO9-VSyXu6S9dFxQhtQdjPR1DpBwKl9EjBc7AiBfZwinSFOjCZpxMBqtYltC83w6rPMWmkNBOpnGW9nvqg%3D%3D&alr=yes&cpn=mlSOBJL7Q2Ee3fyF&cver=1.20221214.01.00&range=0-65868&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 12 Aug 2022 12:44:16 GMT
Content-Type: audio/webm
Date: Mon, 19 Dec 2022 14:34:14 GMT
Expires: Mon, 19 Dec 2022 14:34:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65869
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9ca747e3c7c264af79d565d5c7f44e76
c64a6fc2a1c67ec444ff992e5f0d4e5f60f8da7e
70b91869ffb0d5b6dacb98c5138262e8f46750b449baf728c77a04243925d635
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash be7309a6dfa8db252ac8fd6073aac94c
38033b2600be25b208ab0eef5bc88eba0f6f50aa
28592dab98ba5b84b973c7db59360406a6490b505bf1c6dd4f1b54dabf509622
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/986373460/?random=1671460452867&cv=11&fst=1671458400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevergreencounty.com%2F&tiba=Evergreen%20County%20-%20Best%20Coorg%20Stay%20%7C%20Cottages%20In%20Coorg%20%7CAdventure%20Stay%20in%20Coorg&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2628132150&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/986373460/?random=1671460452867&cv=11&fst=1671458400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevergreencounty.com%2F&tiba=Evergreen%20County%20-%20Best%20Coorg%20Stay%20%7C%20Cottages%20In%20Coorg%20%7CAdventure%20Stay%20in%20Coorg&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2628132150&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/986373460/?random=1671460452867&cv=11&fst=1671458400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevergreencounty.com%2F&tiba=Evergreen%20County%20-%20Best%20Coorg%20Stay%20%7C%20Cottages%20In%20Coorg%20%7CAdventure%20Stay%20in%20Coorg&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2628132150&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 14:34:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b18428df832332e2f89ca51203de4ba
8272451b056b54992cfa05e70c53adde8b744299
c9bdf42b2f8b0cf614cd4821bce48a719d284c836eb98959dce1802dea20e617
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 14:34:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1671482053&ei=ZXagY-DXKqr27QTggp-gDQ&ip=91.90.42.154&id=o-AJnl3chFmzETv57ZwSiO9_vnXrn9zBHfQ177J5WsKkwo&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=zIddbNPuaxnYhRhU-6xsQUVmyGejKYs&vprv=1&mime=video%2Fwebm&ns=Sm9QwqWI-2PFUs7tUvHQb7EK&gir=yes&clen=1790324&dur=32.867&lmt=1660308270678073&mt=1671460155&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=uAdqJYw7TyRVKQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALVn_hOmaPLoiUElZjIDnUCqA6m2BJQ_zXY9GURRKFtFAiEAngRiGKAIZ8pgla-y_lP9Md-i9UR5_6il0-4s5P9sY2s%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhALnMTBPSyO9-VSyXu6S9dFxQhtQdjPR1DpBwKl9EjBc7AiBfZwinSFOjCZpxMBqtYltC83w6rPMWmkNBOpnGW9nvqg%3D%3D&alr=yes&cpn=mlSOBJL7Q2Ee3fyF&cver=1.20221214.01.00&range=0-129408&rn=1&rbuf=0
91.90.45.172200 OK 129 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1671482053&ei=ZXagY-DXKqr27QTggp-gDQ&ip=91.90.42.154&id=o-AJnl3chFmzETv57ZwSiO9_vnXrn9zBHfQ177J5WsKkwo&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=zIddbNPuaxnYhRhU-6xsQUVmyGejKYs&vprv=1&mime=video%2Fwebm&ns=Sm9QwqWI-2PFUs7tUvHQb7EK&gir=yes&clen=1790324&dur=32.867&lmt=1660308270678073&mt=1671460155&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=uAdqJYw7TyRVKQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALVn_hOmaPLoiUElZjIDnUCqA6m2BJQ_zXY9GURRKFtFAiEAngRiGKAIZ8pgla-y_lP9Md-i9UR5_6il0-4s5P9sY2s%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhALnMTBPSyO9-VSyXu6S9dFxQhtQdjPR1DpBwKl9EjBc7AiBfZwinSFOjCZpxMBqtYltC83w6rPMWmkNBOpnGW9nvqg%3D%3D&alr=yes&cpn=mlSOBJL7Q2Ee3fyF&cver=1.20221214.01.00&range=0-129408&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Size 129 kB (129409 bytes)
Hash a5d199cccf237043767e1c6672c11017
3e82e5667805d08203b2d1234e26afb9e7412d53
b7a20bb3356aac4c4e825b4fb818d13d94720f60de5c2635ebf9d0bffba9bd2a
POST /videoplayback?expire=1671482053&ei=ZXagY-DXKqr27QTggp-gDQ&ip=91.90.42.154&id=o-AJnl3chFmzETv57ZwSiO9_vnXrn9zBHfQ177J5WsKkwo&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=zIddbNPuaxnYhRhU-6xsQUVmyGejKYs&vprv=1&mime=video%2Fwebm&ns=Sm9QwqWI-2PFUs7tUvHQb7EK&gir=yes&clen=1790324&dur=32.867&lmt=1660308270678073&mt=1671460155&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=uAdqJYw7TyRVKQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALVn_hOmaPLoiUElZjIDnUCqA6m2BJQ_zXY9GURRKFtFAiEAngRiGKAIZ8pgla-y_lP9Md-i9UR5_6il0-4s5P9sY2s%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhALnMTBPSyO9-VSyXu6S9dFxQhtQdjPR1DpBwKl9EjBc7AiBfZwinSFOjCZpxMBqtYltC83w6rPMWmkNBOpnGW9nvqg%3D%3D&alr=yes&cpn=mlSOBJL7Q2Ee3fyF&cver=1.20221214.01.00&range=0-129408&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 12 Aug 2022 12:44:30 GMT
Content-Type: video/webm
Date: Mon, 19 Dec 2022 14:34:14 GMT
Expires: Mon, 19 Dec 2022 14:34:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 129409
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
evergreencounty.com/wp-content/uploads/2022/08/EGC-web.png
103.211.216.225200 OK 110 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/EGC-web.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 457 x 622, 8-bit/color RGB, non-interlaced\012- data
Size 110 kB (109837 bytes)
Hash 289cf63bfbc30018157f8620ed9c3b69
f3a2607be7624a417e8130988141b8ca9166e72a
0396d1358040bf8d13fe262b8dab079610e7cf7923381c075d908bf88bb8651d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/EGC-web.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 109837
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:14 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:14 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/EGC-web-150x150.png
103.211.216.225200 OK 22 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/EGC-web-150x150.png
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 419d9a265ce6d17df6002b809ab522cd
9835294a2b3e9efef3c21841354158571600793b
3e02564a7f02e85966ba2eccb1468924b6300f59e255fd6fe9947e8c03aea3b5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/EGC-web-150x150.png HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
content-length: 21937
cache-control: max-age=31536000
expires: Tue, 19 Dec 2023 14:34:14 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Mon, 19 Dec 2022 14:34:14 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/uploads/2022/08/BG-1.jpeg
103.211.216.225200 OK 453 kB URL HTTP/2 evergreencounty.com/wp-content/uploads/2022/08/BG-1.jpeg
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x682, components 3\012- data
Size 453 kB (453090 bytes)
Hash e80b1692877a414212e3ea44436ce2bc
3c2f428ae362b1ec5c36f72b90f54c7ae699ea5f
b6e03ec231819ab2fb7425828c56a310e0013fe30bd0f0a2446589a5bf50af70
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/BG-1.jpeg HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 14:34:12 GMT
server: Apache
content-type: image/jpeg
content-length: 453090
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
cache-control: max-age=31536000
expires: Sun, 22 Oct 2023 01:41:11 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css
103.211.216.225200 OK 1.5 kB URL HTTP/2 evergreencounty.com/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6028), with no line terminators
Hash 022c5aaa0adf9030812ad80cf4273def
d46fb7f3edb6b74b3e597e182de7bb2893e1fd36
f3ac48f8421e4f40b0a954d580462cb8d7a22979503e647a368d6ea40909713b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Cookie: _gcl_au=1.1.634744154.1671460453
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:17 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1525
content-type: text/css
date: Mon, 19 Dec 2022 14:34:17 GMT
server: Apache
X-Firefox-Spdy: h2
api.buttonizer.io/serve/93ba3706-0132-4ceb-8f3b-ff2f7a332b5a
104.21.24.5402 Payment Required 0 B URL HTTP/2 api.buttonizer.io/serve/93ba3706-0132-4ceb-8f3b-ff2f7a332b5a
IP 104.21.24.5:0
POST /serve/93ba3706-0132-4ceb-8f3b-ff2f7a332b5a HTTP/1.1
Host: api.buttonizer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 13
Origin: https://evergreencounty.com
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 402 Payment Required
date: Mon, 19 Dec 2022 14:34:12 GMT
content-type: application/json
cache-control: max-age=300, public
last-modified: Mon, 19 Dec 2022 14:33:35 GMT
access-control-allow-origin: https://evergreencounty.com
access-control-allow-credentials: true
access-control-expose-headers: link, set-cookie
x-do-app-origin: 39e9076a-e6ab-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 402
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU2bcGdptnz7GhMyOAp%2FBOrWA%2FmueTFwP%2FpiyGhBMv2ZiRYK8Jjits%2FPOMUK3%2FrWNU3bIIExFvYMUnYAwxoLG0cYLo1eFt7jxmJxDWiPGNB6EbOcsdp823BYMU979Pj3RNFuTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c0db94b9b9b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Petrona%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.5
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Petrona%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.5
IP 142.250.74.106:0
GET /css?family=Petrona%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Dec 2022 14:34:11 GMT
date: Mon, 19 Dec 2022 14:34:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.buttonizer.io/serve/93ba3706-0132-4ceb-8f3b-ff2f7a332b5a
104.21.24.5200 OK 0 B URL HTTP/2 api.buttonizer.io/serve/93ba3706-0132-4ceb-8f3b-ff2f7a332b5a
IP 104.21.24.5:0
OPTIONS /serve/93ba3706-0132-4ceb-8f3b-ff2f7a332b5a HTTP/1.1
Host: api.buttonizer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://evergreencounty.com/
Origin: https://evergreencounty.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 14:34:12 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST, PUT, GET, DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
access-control-allow-origin: https://evergreencounty.com
pragma: no-cache
expires: -1
x-backend: buttonizer-serve
x-do-app-origin: 39e9076a-e6ab-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2B4kxFQDByWkemYJx4BI0d7W0oeIln2toulZq%2BqIruxauh8Ii2Qgqj4ZxOEnP1aMkrAGhF9D1ZdH2UO2of%2BpCjJJiiv85a%2ByR6ZyGif0mTirMPxXRzitxGK2XXsBMcUdyjpy8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c0db943932b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
evergreencounty.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
103.211.216.225200 OK 0 B URL HTTP/2 evergreencounty.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 01:24:30 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
evergreencounty.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.46
103.211.216.225200 OK 0 B URL HTTP/2 evergreencounty.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.46
IP 103.211.216.225:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.46 HTTP/1.1
Host: evergreencounty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Aug 2022 10:58:05 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 18 Jan 2023 14:34:11 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Mon, 19 Dec 2022 14:34:11 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.trustindex.io/assets/platform/Tripadvisor/icon.svg
143.204.55.42200 OK 0 B URL HTTP/2 cdn.trustindex.io/assets/platform/Tripadvisor/icon.svg
IP 143.204.55.42:0
GET /assets/platform/Tripadvisor/icon.svg HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 04 Nov 2022 15:02:33 GMT
server: Apache/2.4.29 (Ubuntu)
last-modified: Tue, 22 Feb 2022 22:43:27 GMT
etag: W/"65b-5d8a313da4829"
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: max-age=31536000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LDuIw9EZnGdjG6Es3m9gcF3Psx6ua84tPQ8UtBp-q6WyXk8EG8MFtA==
age: 3886299
X-Firefox-Spdy: h2
www.youtube.com/embed/4t-sW1w_2j8?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=4t-sW1w_2j8
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/4t-sW1w_2j8?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=4t-sW1w_2j8
IP 142.250.74.78:0
GET /embed/4t-sW1w_2j8?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=4t-sW1w_2j8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evergreencounty.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 19 Dec 2022 14:34:12 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=7JieMauKO9E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=HOCMkcWY2kg; Domain=.youtube.com; Expires=Sat, 17-Jun-2023 14:34:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+431; expires=Wed, 18-Dec-2024 14:34:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2