r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Sat, 10 Dec 2022 01:37:08 GMT
Date: Fri, 09 Dec 2022 22:51:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2593
Expires: Fri, 09 Dec 2022 23:34:25 GMT
Date: Fri, 09 Dec 2022 22:51:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 22:33:14 GMT
content-type: application/json
age: 1078
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
pennycronelasvegas.com/
96.126.99.100301 Moved Permanently 169 B IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4d5df04587b6abb07e32aa83f8da135a
6692cd0836d1ee08ec23820ed703dd959c92e3f8
6df3768e22eccc33abe2a50cb4650dbfb5f4f5884d80c82508e62665d29dd6d2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
server: nginx/1.17.3
date: Fri, 09 Dec 2022 22:51:12 GMT
content-type: text/html
content-length: 169
location: https://pennycronelasvegas.com/
access-control-allow-methods: POST, GET, OPTIONS
referrer-policy: no-referrer
set-cookie: NB_SRVID=srv1656166; path=/
cache-control: private
connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4843
Expires: Sat, 10 Dec 2022 00:11:55 GMT
Date: Fri, 09 Dec 2022 22:51:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WD+9n2IqUTafevMG9EOD8Qchevso8gPgUDDXz2RJqFj8aAjej52SH1f/8RvXU8qdeskza0G69Bg=
x-amz-request-id: X1AW2FYKYWZC3A9D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 22:48:33 GMT
age: 159
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:51:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 22:07:55 GMT
age: 2598
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5f120d7ebbbd8e854a0c542056947ad5
be81ac727cc582cfd6ed4af83c58f7f42239977d
48a1e62461c7885cb870dc89e9ad5ed8be95e416ed5d46081a001f5498bbf09c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48A1E62461C7885CB870DC89E9AD5ED8BE95E416ED5D46081A001F5498BBF09C"
Last-Modified: Fri, 09 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Sat, 10 Dec 2022 04:50:47 GMT
Date: Fri, 09 Dec 2022 22:51:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5928
Cache-Control: max-age=129270
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:45:43 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pennycronelasvegas.com/
96.126.99.100200 OK 18 kB IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash fd11d0a3289b58c5addd615614433d2c
6c8ac2396edc1d444138eef9ecb786c8f81c5813
c237fd1b38d14a137d434af6f48617dfb6c2ff464b9fdb6a19a2ad224eb541d7
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 74a50d5e-8da3-47c9-a256-2c924cfceed9
ETag: W/"8537edf04ad7b38a42d74d6dc556530a"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.100053
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:13 GMT
Set-Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8sK3ZnolPXqY4q72NLDo8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QdSDxr12ZLaNqPzwhPp2nUIcTKw=
cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32072)
Hash b1d38b850f2d249ecb6bc995eecc9d96
30facf94c44ca45e7521a25e5e73273c26fa7ddd
8097499101c6c88640c1bc49c3f00179c32f842d6ce79482fa3ccb48a23203d2
GET /ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 10318
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8f-a750"
last-modified: Mon, 04 May 2020 16:06:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1676391
expires: Wed, 29 Nov 2023 22:51:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrGKy7vI7F3ojyLuxHR2z%2FsZ6BDTb%2F5YEXq%2B7v8QxWoXC0JwBpV3mZTygHEoePbY%2B4RdmlQPvKN3kDk9ZWG43o%2F8QmUauS%2B2erDsYJN%2FecJ%2FAsq7AKqXp0I%2FWvDoPf1zJBri5PoW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77714de2bc8bb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.dmca.com/Badges/DMCABadgeHelper.min.js
151.139.128.10200 OK 395 B URL HTTP/2 images.dmca.com/Badges/DMCABadgeHelper.min.js
IP 151.139.128.10:0
Hash 365ad8f83802168e7326b29df6a22f4a
a096aa3c7e46525c7b7c54cb6b7987f01559b688
dafd787e6bf2c7ed10cb6c14f36ada4e5e9b7c15ffe7393cd6000acb946ebf13
GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:13 GMT
content-encoding: gzip
content-length: 395
content-type: application/javascript
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1670626273.cds002.sk1.hn,1670626273.cds225.sk1.c
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496
151.139.128.10200 OK 2.4 kB URL HTTP/2 images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496
IP 151.139.128.10:0
File type PNG image data, 100 x 20, 8-bit/color RGBA, interlaced\012- data
Hash 521db716019fc733b48f77f9822b30ee
8f8e11a44c38076713fd1a0233ef7de9f68498ed
2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1
GET /Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:13 GMT
content-length: 2390
content-type: image/png
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "70d0a63aace6d11:0"
x-powered-by: ASP.NET
x-hw: 1670626273.cds002.sk1.hn,1670626273.cds223.sk1.c
link: <https://www.dmca.com/Badges/dmca-badge-w100-5x1-11.png>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css
96.126.99.100200 OK 9.2 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css
IP 96.126.99.100:0
File type ASCII text, with very long lines (36298)
Hash d0edbc8e14faba86270de87d51cf4754
4f5d3c04af596b132b3def377d64ec541b46ee69
658fe67b2b2682a29798888db2473811ea843bd934022be7c0dfb83d7effb2d2
GET /assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: a62ecbf5-3536-44e8-9f41-cfa365bf5309
ETag: W/"a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667"
X-Runtime: 0.001232
Date: Fri, 09 Dec 2022 22:51:13 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c459cb4a805ba31e6a15ee485439eb00
70c5747293ae3678ca9563e3371cc7cdc163057b
809a60149b8908418157eb8c17dfc159c507c3e39238ee8118df92b3339614a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 22:51:13 GMT
Last-Modified: Fri, 09 Dec 2022 21:11:11 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BhrdnsgIiVlbCLpZZq2pu8xUy3XmDjZF7pJDGWcZA2fH3hwszmICwA==
Age: 6002
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c459cb4a805ba31e6a15ee485439eb00
70c5747293ae3678ca9563e3371cc7cdc163057b
809a60149b8908418157eb8c17dfc159c507c3e39238ee8118df92b3339614a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141254
Date: Fri, 09 Dec 2022 22:51:13 GMT
Etag: "63932938-1d7"
Expires: Sun, 11 Dec 2022 14:05:27 GMT
Last-Modified: Fri, 09 Dec 2022 12:25:28 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FWH0bfveqMO8VwWERhXmSQKc7WsZw7dwQnP4xIJzJ6QUoYLM8eUS0w==
Age: 5999
pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css
96.126.99.100200 OK 1.4 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css
IP 96.126.99.100:0
File type ASCII text, with very long lines (4127)
Hash f4897cf23e898fdd0fd4dfa22dd511a9
65816d4b1762d14f53486744ebf7ab451c063224
5860c6897bb7389941d3960bcdebb90c1a7b0fd0fb7c0f1285596b62f0f0e4e2
GET /assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: fca643ec-3240-48f3-877e-c6d73fc43bd1
ETag: W/"86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2"
X-Runtime: 0.001210
Date: Fri, 09 Dec 2022 22:51:13 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css
96.126.99.100200 OK 3.1 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css
IP 96.126.99.100:0
File type ASCII text, with very long lines (12653)
Hash 14e02d2509c4e9c021da0ac5141ff383
c8cdc88b7b962aec32ec75a168058e1af2b4c1a1
343373f029bc431ff0c944aed6c9838897107cb5b62dae0b002ca355fe4ae535
GET /assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: f78aec50-feef-40fd-895a-e99f005eb148
ETag: W/"1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36"
X-Runtime: 0.000873
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js
96.126.99.100200 OK 38 kB URL HTTP/1.1 pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (33913)
Hash 42173c874591f88f85ab701df850d0e7
da2c85886430dd508ab6daa683411c3381666fdf
fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b
Analyzer Verdict Alert fortinet Phishing
GET /assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 38476
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 60d75a44-2826-4830-866e-e8548660b23d
ETag: "fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b"
X-Runtime: 0.001250
Date: Fri, 09 Dec 2022 22:51:13 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js
96.126.99.100200 OK 7.8 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (7836), with no line terminators
Hash 6a8c64a9816c52d01a5c9a66f50a031e
6f7a2119a28757a936a3ad2d8ffd4553c1abcb2a
e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc
Analyzer Verdict Alert fortinet Phishing
GET /assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7836
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: df264ddb-0dc1-45d3-a3b1-34646fdf0ef4
ETag: "e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc"
X-Runtime: 0.001282
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js
96.126.99.100200 OK 483 B URL HTTP/1.1 pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (483), with no line terminators
Hash 8b69d038e9da700ec36148024782ba23
863f41c47cf9d843abfe8ce2b5514a691a57742a
4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e
Analyzer Verdict Alert fortinet Phishing
GET /assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 483
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: e0262421-5c9a-49c4-913d-f05f5f180fba
ETag: "4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e"
X-Runtime: 0.001401
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js
96.126.99.100200 OK 4.0 kB URL HTTP/1.1 pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (4026), with no line terminators
Hash 70a774951af96e61e57cde64b49b66f7
bf9f3470f5ca10b7968b19656fcf692939e35caf
d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14
Analyzer Verdict Alert fortinet Phishing
GET /assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4026
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: c5b0edcf-0763-4131-a9dd-c25eab1887d5
ETag: "d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14"
X-Runtime: 0.001329
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css
96.126.99.100200 OK 45 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css
IP 96.126.99.100:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65368)
Hash 557969dc5021dde6791ead6c0422c4d7
7a50d476d4aa201371555069667e59ceb63e74f2
6a121afb31f6d5c8321e1bd2c0d1e030ac127c716f1bbb5aa8003a0b75f07e16
GET /assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 0aebccc5-dc55-4aa1-9164-c6e7ef9b7d63
ETag: W/"0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9"
X-Runtime: 0.000748
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png
96.126.99.100200 OK 937 B URL HTTP/1.1 pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png
IP 96.126.99.100:0
File type PNG image data, 1 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 4fdb1b014f02b9d864a630c39c2ef13a
ce10cd2e9ef878dbc42532b94eb3b9f95a7e798b
bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7
GET /assets/themes/realtyone/bg-bar-active.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 937
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: 706d33aa-f6c4-4d08-b35c-9c6cb29f8ac0
ETag: "bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7"
X-Runtime: 0.001047
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif
96.126.99.100200 OK 1.3 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif
IP 96.126.99.100:0
File type GIF image data, version 89a, 1 x 45\012- data
Hash 993f232f9ea938ed9ea9d9ecbc32cbb6
0f7295588657c3e50c6090c67057bfbef32f9514
83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d
GET /assets/themes/realtyone/bg-bar.gif HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1320
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: 608bca11-63d8-4e0e-8c45-79cdc3f3a227
ETag: "83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d"
X-Runtime: 0.002780
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/fonts/avenir.woff
96.126.99.100302 Found 97 B URL HTTP/1.1 pennycronelasvegas.com/fonts/avenir.woff
IP 96.126.99.100:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a
Analyzer Verdict Alert fortinet Phishing
GET /fonts/avenir.woff HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 92a49c3a-805e-4ab5-af5c-6a10d8514784
Location: https://pennycronelasvegas.com/
X-Runtime: 0.012855
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:14 GMT
Set-Cookie: _agentformula_session=YnNGMHI2K21QUGhVeUppM1hldWRGeUhTM0lsZDVGSCtmTDhVVVhLQXVla3ZaMzJ5czVyVTMwNjVDQnI1RUZEY1VEVW5kNXRvTmdKRnhtOEJqM3NISEkrWUp5Nk5DS1gwOXUyZWVOS2V0bW9ORmwxVFpYZWtaMGFXa0xzS2MvMmZjRGJYYXZOMWJaanRqcW5QTXRrQ0hScVVBSnREUGRlL3ZxeFQzMmZNUTFEdWUwL21mTUt6ZjlPWmtPbCtOaTg3S0FuUVBhY1oyd3IvbzRMV0Z0Um5WTUZsN2oyR0pUU2NyL3Z0d3ZVbUJZbEliTVkyb2ZyTHpUVTQ3blFocDlkMzRKbjhPYjVkcHgza0YvVFM2RlZlcnp2bS8zTVFjckdNTzUvVkQrUzdvTmxoZmNFQndrZWUvSHNJaXBJS2JOSUExd2tSVVNGZFpOUkVKMXlQKzVqZWE4djZhRU5HYUdhU1piVWY3enhXUUg5K3FSZHExMElsS0pOTFZWNHJCdGNaT3VnbzJlSWhJOFhqSGFGZnQ0bEcva1hrRkVQeklJbSt5L1FzNnRjSWRjdC9JVGpJL0t0cTFvTGh5bXZZcXMybGtsbFVXY3kvemUxYVQ4VElwWmt6WXdWeDNuRW9vSklNbmUzM2tWNHlORmpTNFZxL0xDRXJrNUtwbm10ZW1rN1VjcHZQLzZWOU9EaDRjMDdYeHRjTGdQbkhaYnFZc0YyWG00SE51MUk1OUw1cFphWjdpNmRHMElFczBMNXVacGN6NHNtQjJENlQ5a0RWODdMbjhldzZnaEFka3d3MlRiQnJLK0o3QUxGdW9YSXcvQ2gwMmdQa21vRkpXa2VTbTg5ejgvM1V4ZkYyTllVM3RMWkNBVUhzanJIcE5Pb3hLQzJQd2NXM0E2cVR3eFF1Y3pNNDVrVVFjZU9jZFJsRlBCTzVpVVl3TGVoT0psOUk0bGJvVFE1ZFpBPT0tLUNjNlVuclRTTGdjU21KMStRTVdvS0E9PQ%3D%3D--9f3ff6fabdb12de6a8c40e46ba6d14bab682f7ed; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg
52.216.154.246200 OK 90 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg
IP 52.216.154.246:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=2592, bps=182, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 40D, orientation=upper-left, width=3888], baseline, precision 8, 325x252, components 3\012- data
Hash 0e9c43a2b1edd19fd678777ea7a0ea7c
744e5a6caa285f62e9c10a32ca6fd96d25813c65
26790e6caf160c0d32bc952c10d34cb2cf7f5b743884d3739c38b4c1598ee929
GET /glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ll39dH6aSnI9nH0iPP83+s+FrDfGegsu78ViD8wLVdMIqrOaQGhZ7agxsLqidIQrvycVuc8YaXc=
x-amz-request-id: EA9FQTTAC99BEW0C
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Thu, 19 May 2016 01:50:38 GMT
ETag: "0e9c43a2b1edd19fd678777ea7a0ea7c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 89780
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e9bab6dc8633c251d9a411cc1da0a96
af925889c86bb53a5b96e21c2a06653e6fb33edc
406df07af23d77c710d7675f869da89a4e36c0aad44c58f26bf00eb58987e253
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:14 GMT
Server: ECS (amb/6B8B)
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6636
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 22:51:14 GMT
Connection: keep-alive
pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png
96.126.99.100200 OK 26 kB URL HTTP/1.1 pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png
IP 96.126.99.100:0
File type PNG image data, 80 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash bef2baa6d19968878b9c24b337bb6d51
a61917f66a760bddade27d336c64c1982cf216a5
c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad
GET /assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Fri, 09 Dec 2022 22:51:14 GMT
Content-Type: image/png
Content-Length: 25760
Last-Modified: Thu, 08 Oct 2020 11:52:47 GMT
Connection: keep-alive
ETag: "5f7efd8f-64a0"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a5e9d0cddf26cf3a1478d2942f2478
e8a228a857a414f04108c84670ed7bc74534407c
3a15851f412000f1647057745348bc6f6e2f0cfe481ca7a72f6e94fab8d5e52e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12990
x-amzn-requestid: 2e4f71f3-b81d-4822-a13a-e8367a76aa20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMREp3IAMFRJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-447650995616ab6a09780380;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D3mXg-fDM59RiUxg-BxZNdAQG4_iGSTcxhleWiDkSmwlOdxS8SGhDA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
age: 3343
etag: "e8a228a857a414f04108c84670ed7bc74534407c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00ad01d32ff690b4a28f6d0555c7e146
c607a2782213afcc058882ffa11a08860a6de034
b5896253222e132fa68f11fba133195a20e4aad94f8cdbfef747ded7e9243b0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7444
x-amzn-requestid: eaf9e585-6b52-46c3-a62a-fa591bbf2204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5f7BEV6IAMFbIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ad13-3cab7e35787037ec74ff6e31;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:48:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q-JwtoYGsFkpCudY52QAzpwi-93TU1Eh_1szsnTQp1jHpILapcn5PQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
etag: "c607a2782213afcc058882ffa11a08860a6de034"
content-type: image/jpeg
age: 3343
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 67447
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oe1qgsBhixlxqlLZdNtuON-CMoWDhGTH1SQhmQQhLGYTmp_R9FKaEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:41 GMT
age: 3333
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 2857
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F_FNF6MAvQjqQ9kTGvu8lERPdurC-ZyLWtxQ5Ezs1OBUUmejNwiQ4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:13 GMT
age: 3061
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg
52.216.154.246200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg
IP 52.216.154.246:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 325x252, components 3\012- data
Hash ffff00465ef2c4e8095b2b1513a4e2b9
93b89366b1bff61f66a951987f2c84f9dff724ff
fd028a4ff9ec99488d7fcb7aab6ca42ef271f1c4b65e2a9c5ff80f11c7b92ab7
GET /glvar-photos/callouts/small/1/nosy.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: uMs90iOQZIw/Mb6sm9btQ7TfdxQ7hLsnD+wp/tAlIl4LqkgWYrteThxwPHyIHK+4Z0fWgcNu/JA=
x-amz-request-id: EA92QTCBTHDWVKYM
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 30 Nov 2015 02:53:29 GMT
ETag: "ffff00465ef2c4e8095b2b1513a4e2b9"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21398
s3.amazonaws.com/glvar-photos/logos/original/1108/download.png
52.216.154.246200 OK 5.8 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/logos/original/1108/download.png
IP 52.216.154.246:0
File type PNG image data, 325 x 155, 8-bit colormap, non-interlaced\012- data
Hash 73eba774f375c4f8da31cb0867e39b4f
042175818c35094c650d9dcb3cfabc466c22012b
67a439992bd17b27eea80162579a0b6ee57e82ad3708c3d8fc26acd2c42401f6
GET /glvar-photos/logos/original/1108/download.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xPERNJxdUqVs/phYZW6QYkJCR1QJR+1j7ZJkh15unZT4/mc0nep2wMosKdZbZzDXGNbbTbvVm0Q=
x-amz-request-id: EA9813Q67G37FX6P
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Tue, 07 Apr 2020 23:30:46 GMT
ETag: "73eba774f375c4f8da31cb0867e39b4f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5754
s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png
52.216.154.246200 OK 152 kB URL HTTP/1.1 s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png
IP 52.216.154.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 510x600, components 3\012- data
Size 152 kB (152094 bytes)
Hash c39d9c1050ca677a6f1a8fe6a5b65f1b
ec88a3e52e1c8d5c2a232fac2adc1ebf1ea250c8
1362f9581bda10f2d48d782bdf044eeb8c30cb8c61b9e6b11c4aeb6d815ef236
GET /photo-gallery.agentformula.com/1/housebullet2.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PJzdz4Q9FmM5YxcR3wocUbhC1kK9y3PzlEgKMG7e39M1HkRjmwFKbWUkn6JuvLOQ42pLamkwfbs=
x-amz-request-id: EA90JSJCW1DX8HVR
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Sun, 31 May 2020 06:51:10 GMT
ETag: "c39d9c1050ca677a6f1a8fe6a5b65f1b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 152094
pennycronelasvegas.com/
96.126.99.100200 OK 18 kB IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 58fd568f481ab05c08e3ee637202aaee
c9405e2f9ff7d1b915d1eae6a31adbdfb5ca9507
a3c70c04e0cec648da786bbcf928087c0a0139f6b70e14f74c8192e75ded6578
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=YnNGMHI2K21QUGhVeUppM1hldWRGeUhTM0lsZDVGSCtmTDhVVVhLQXVla3ZaMzJ5czVyVTMwNjVDQnI1RUZEY1VEVW5kNXRvTmdKRnhtOEJqM3NISEkrWUp5Nk5DS1gwOXUyZWVOS2V0bW9ORmwxVFpYZWtaMGFXa0xzS2MvMmZjRGJYYXZOMWJaanRqcW5QTXRrQ0hScVVBSnREUGRlL3ZxeFQzMmZNUTFEdWUwL21mTUt6ZjlPWmtPbCtOaTg3S0FuUVBhY1oyd3IvbzRMV0Z0Um5WTUZsN2oyR0pUU2NyL3Z0d3ZVbUJZbEliTVkyb2ZyTHpUVTQ3blFocDlkMzRKbjhPYjVkcHgza0YvVFM2RlZlcnp2bS8zTVFjckdNTzUvVkQrUzdvTmxoZmNFQndrZWUvSHNJaXBJS2JOSUExd2tSVVNGZFpOUkVKMXlQKzVqZWE4djZhRU5HYUdhU1piVWY3enhXUUg5K3FSZHExMElsS0pOTFZWNHJCdGNaT3VnbzJlSWhJOFhqSGFGZnQ0bEcva1hrRkVQeklJbSt5L1FzNnRjSWRjdC9JVGpJL0t0cTFvTGh5bXZZcXMybGtsbFVXY3kvemUxYVQ4VElwWmt6WXdWeDNuRW9vSklNbmUzM2tWNHlORmpTNFZxL0xDRXJrNUtwbm10ZW1rN1VjcHZQLzZWOU9EaDRjMDdYeHRjTGdQbkhaYnFZc0YyWG00SE51MUk1OUw1cFphWjdpNmRHMElFczBMNXVacGN6NHNtQjJENlQ5a0RWODdMbjhldzZnaEFka3d3MlRiQnJLK0o3QUxGdW9YSXcvQ2gwMmdQa21vRkpXa2VTbTg5ejgvM1V4ZkYyTllVM3RMWkNBVUhzanJIcE5Pb3hLQzJQd2NXM0E2cVR3eFF1Y3pNNDVrVVFjZU9jZFJsRlBCTzVpVVl3TGVoT0psOUk0bGJvVFE1ZFpBPT0tLUNjNlVuclRTTGdjU21KMStRTVdvS0E9PQ%3D%3D--9f3ff6fabdb12de6a8c40e46ba6d14bab682f7ed
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"8537edf04ad7b38a42d74d6dc556530a"
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 00916456-cbf5-484a-8f16-4fffc0c8a251
ETag: W/"114c6d241419144e65581118e9a3eac4"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.055767
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:14 GMT
Set-Cookie: _agentformula_session=K3NRSFozQzNmSVJOYVJJYllUMDFBVVNBZk1PMXZ5NGxTNlFDeFZvNmxHNHJDSG5zVVFLSXJGMlplclVjbUFQbU1pNzFpeFB2Q1UyNXpCNWJ3eVRtN1d6SzB3b0VVYjFUQk1keWtlOVd2WHFzRDZXbGhOUjBqYlR0MkNKNmNxMG9Rc3ZqYitPdXZocUpicDN0ZVRNTTU2QzdUQ0hBUzU2and3enFuejJ4aHpQN1hwekxTV04ray84Zk5XVm5HYi9aZWc4VllhRExGbERTdlZMOXBpMjhLdTFUMW1YWENnUmVVd3NaYmFPeUtGNDd5WUpKQzVlSEJOOTVWM3pKbEZkSFp5R294RWtYQkxtRDEvaGw2bWwwd2J6TnlobUZYVG5GcjNPNEYrZHlCbllMMGxhU1UwUEp4MFNpaXZkek1hRHBpendXS1lJTXhuM2VPYnNTaGVmZDNlQXRzeVI4N3dRYkRIOW5rYWlrOEpXeUxwN2F1bWl0dG9ucEw5OVhqSVlSLS1kR0NDc3BwczRvRXFjWVRvbzgvUThRPT0%3D--99a78a32070f9f57401a6297ae963806b8344c9d; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png
74.208.20.193200 OK 2.4 kB URL HTTP/1.1 www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png
IP 74.208.20.193:0
File type PNG image data, 66 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 187543743a882dd72f205bc0c9a2e6c9
838981cecda56c5be272e373e4d5b3908bfb9270
9679bad0c044970f4b45c9911a09d889ac63ef586fa22eeec6b62da4c71ef6b2
GET /img/logos/lvr-logo-66x27.png HTTP/1.1
Host: www.lasvegasrealtor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 22:51:14 GMT
Server: Apache/2.4.41 (Win64) PHP/7.3.12 OpenSSL/1.1.1c
Last-Modified: Wed, 12 Feb 2020 00:49:29 GMT
ETag: "944-59e5658475840"
Accept-Ranges: bytes
Content-Length: 2372
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg
52.216.154.246200 OK 7.8 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg
IP 52.216.154.246:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, PhotometricIntepretation=RGB, xresolution=122, yresolution=130, resolutionunit=2, software=Photos 4.0, datetime=2020:02:11 16:53:56], baseline, precision 8, 99x116, components 3\012- data
Hash 93f5b5d231a0c545d0d346da11221ff4
058455e7e7ae4e618d9b0906fd5a7ebe089915b7
ad2634edd7983f1cfb6c38bf0f07f7c7935d5eee8f28a4924fc2f55bed0e5699
GET /glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2U5Rt/waAGI0QScTEziAOFO45B4UeD5N7bGzbp0npFluVni246d8riuZYi2WBfrNyTKO0XCeqsk=
x-amz-request-id: EA9DHC07BRXG1SGR
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 01 Nov 2021 19:10:23 GMT
ETag: "93f5b5d231a0c545d0d346da11221ff4"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7807
pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js
96.126.99.100200 OK 498 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (32832)
Size 498 kB (497568 bytes)
Hash 474514ae84592eed4cee7100e55fe4f9
d23d44d24f16d2e8fe7659c8a7d0dbfbe3265d6b
c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585
Analyzer Verdict Alert fortinet Phishing
GET /assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 497568
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: fd8ad9a7-ad55-4cf7-9535-7762128d4f08
ETag: "c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585"
X-Runtime: 0.000656
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png
52.216.154.246200 OK 28 kB URL HTTP/1.1 s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png
IP 52.216.154.246:0
File type PNG image data, 595 x 149, 8-bit/color RGBA, non-interlaced\012- data
Hash 47a6f19c07360806ebd0e2251f8f61bb
51373f28e7f3ff1eb950d261048097ba525a1a14
d75e93d9bc3280d7e4df4078f7236499ce6b5475280232fa5e03b9c065511ac8
GET /photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RLzBlm/YIg+6UCKWNKVkRbU8jNSAinjWj4Zl/wahAzNxyRHRv051NMgQ0LHmeMGUWouWe86TUFk=
x-amz-request-id: EA951NKQCGVH3R4S
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 13 Jun 2022 21:43:19 GMT
ETag: "47a6f19c07360806ebd0e2251f8f61bb"
Accept-Ranges: bytes
Content-Type:
Server: AmazonS3
Content-Length: 27690
pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0
96.126.99.100200 OK 67 kB URL HTTP/1.1 pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0
IP 96.126.99.100:0
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Analyzer Verdict Alert fortinet Phishing
GET /assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0 HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Fri, 09 Dec 2022 22:51:14 GMT
Content-Type: font/woff2
Content-Length: 66624
Last-Modified: Mon, 24 Feb 2020 17:10:36 GMT
Connection: keep-alive
ETag: "5e54038c-10440"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes
pennycronelasvegas.com/fonts/avenir.ttf
96.126.99.100302 Found 97 B URL HTTP/1.1 pennycronelasvegas.com/fonts/avenir.ttf
IP 96.126.99.100:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a
Analyzer Verdict Alert fortinet Phishing
GET /fonts/avenir.ttf HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=K3NRSFozQzNmSVJOYVJJYllUMDFBVVNBZk1PMXZ5NGxTNlFDeFZvNmxHNHJDSG5zVVFLSXJGMlplclVjbUFQbU1pNzFpeFB2Q1UyNXpCNWJ3eVRtN1d6SzB3b0VVYjFUQk1keWtlOVd2WHFzRDZXbGhOUjBqYlR0MkNKNmNxMG9Rc3ZqYitPdXZocUpicDN0ZVRNTTU2QzdUQ0hBUzU2and3enFuejJ4aHpQN1hwekxTV04ray84Zk5XVm5HYi9aZWc4VllhRExGbERTdlZMOXBpMjhLdTFUMW1YWENnUmVVd3NaYmFPeUtGNDd5WUpKQzVlSEJOOTVWM3pKbEZkSFp5R294RWtYQkxtRDEvaGw2bWwwd2J6TnlobUZYVG5GcjNPNEYrZHlCbllMMGxhU1UwUEp4MFNpaXZkek1hRHBpendXS1lJTXhuM2VPYnNTaGVmZDNlQXRzeVI4N3dRYkRIOW5rYWlrOEpXeUxwN2F1bWl0dG9ucEw5OVhqSVlSLS1kR0NDc3BwczRvRXFjWVRvbzgvUThRPT0%3D--99a78a32070f9f57401a6297ae963806b8344c9d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 6cb30cf4-8791-4c7a-86a0-ad7734565080
Location: https://pennycronelasvegas.com/
X-Runtime: 0.010505
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:14 GMT
Set-Cookie: _agentformula_session=ZGg5dXplQ2gwOXRrV1MrdE9rb2MrM2ZpYlN6ZUwyYStmeDZvTWJmaUtyRkpTNmtxa25LZFNmcWlHVlRobXJudHUwOUFPZE45MEcxNG1SOUMxQzVxbE85eTNmZmVTVldBcnBndWowMnI4R2hIVUxPeDk5aXNwZ3R6b09maHhYS2t2b1dIZnFPcHFNU1NRbDkyVFVWOUdMQmVTOFcrOUk2cXZENmhla1NFbkVxeitpaGU1T1l0a1JmRmh3c0o3VmNkbXI0K0NqVmxvQ3VNbys3MS9WblVXR0p3eWt6bWp0UzFWazhaTE55T3hWMUw1Umw5Tnp2SnFQWjRSSmRqUjd6bWltSnlxL0E3TkMvUWdnekE4RExZSTdGcmRRbUQ5LzlpU3cwY1kwVXIwRDJUUXBSUXhNQlVtKy9Ba0grRHBJY0xON3c5WENGZnRuZDJEamR2azlBYnFhYmxlU1lVKzBtNXJjZ0VROVI2cDZJWGlNZUgwSDcwYVduRlVQM1Bvb1Vtbk4reG1KbEdYQnk2RWxsR1lBOG9BL29iUUIrZEFCd0dUNkJXdmNvSWVkbkxWQjI2UGtjbGllUlRmZTFWWktDblRmWEVJL3lvbGdPL3c0TmNqSFRpTzZVWkJkaHVhbTFiUWFoYmFRaXFOT0dwVzl6ZmlQdGRjMzFEOGQ3OGV0R1lLamh5dGJVRkUyK1JjdVdaWHNlUW93Y21rMDdMUWsvbERIeVVVUi9HSGVwOVAxQ1RYYzRZU2Nya0xRUVlJVGJNQUxmRkFOMUZ3ejI3eENEVHFhaU9hUm9acUxkTis3VEhQMTF2RmcxblNvcXVROWFrcXBXY3pPZTd1NGRGZUVkSm5iSVhDU1k0TW5OcUwwZUh3S2NUM0s5QUJEQUVUS2FlZTBPemFEd0lzZFRjQjB6azFxL0pjMG51emQ3eWRKRHBYcXM5akgxOFJraWhNM0dLRktZLzNRPT0tLTdncElFNVpVaURPaUhTdXE1bFdlaUE9PQ%3D%3D--16a8611f6809f4553e82045593967111a1ff0f25; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e9d006b90824c97342cc37829f8ffc4b
88e267e94f6d9d44877182a349c9702fe763fb45
ed1b527765c8090e33241a246be3c3a3acb3419ef63599b68c50180b073705e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5816
Cache-Control: max-age=129535
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Etag: "6392fc2b-117"
Expires: Sun, 11 Dec 2022 10:50:10 GMT
Last-Modified: Fri, 09 Dec 2022 09:13:15 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
pennycronelasvegas.com/
96.126.99.100200 OK 18 kB IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash efd95318dbde411db5e3a661a6edd397
e78831810ba3014327f19bd3f605eaea0d6644f5
8ad7e8ffb04840f543faa78ca28af8f836802199a6196726fc4347f84938182a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=ZGg5dXplQ2gwOXRrV1MrdE9rb2MrM2ZpYlN6ZUwyYStmeDZvTWJmaUtyRkpTNmtxa25LZFNmcWlHVlRobXJudHUwOUFPZE45MEcxNG1SOUMxQzVxbE85eTNmZmVTVldBcnBndWowMnI4R2hIVUxPeDk5aXNwZ3R6b09maHhYS2t2b1dIZnFPcHFNU1NRbDkyVFVWOUdMQmVTOFcrOUk2cXZENmhla1NFbkVxeitpaGU1T1l0a1JmRmh3c0o3VmNkbXI0K0NqVmxvQ3VNbys3MS9WblVXR0p3eWt6bWp0UzFWazhaTE55T3hWMUw1Umw5Tnp2SnFQWjRSSmRqUjd6bWltSnlxL0E3TkMvUWdnekE4RExZSTdGcmRRbUQ5LzlpU3cwY1kwVXIwRDJUUXBSUXhNQlVtKy9Ba0grRHBJY0xON3c5WENGZnRuZDJEamR2azlBYnFhYmxlU1lVKzBtNXJjZ0VROVI2cDZJWGlNZUgwSDcwYVduRlVQM1Bvb1Vtbk4reG1KbEdYQnk2RWxsR1lBOG9BL29iUUIrZEFCd0dUNkJXdmNvSWVkbkxWQjI2UGtjbGllUlRmZTFWWktDblRmWEVJL3lvbGdPL3c0TmNqSFRpTzZVWkJkaHVhbTFiUWFoYmFRaXFOT0dwVzl6ZmlQdGRjMzFEOGQ3OGV0R1lLamh5dGJVRkUyK1JjdVdaWHNlUW93Y21rMDdMUWsvbERIeVVVUi9HSGVwOVAxQ1RYYzRZU2Nya0xRUVlJVGJNQUxmRkFOMUZ3ejI3eENEVHFhaU9hUm9acUxkTis3VEhQMTF2RmcxblNvcXVROWFrcXBXY3pPZTd1NGRGZUVkSm5iSVhDU1k0TW5OcUwwZUh3S2NUM0s5QUJEQUVUS2FlZTBPemFEd0lzZFRjQjB6azFxL0pjMG51emQ3eWRKRHBYcXM5akgxOFJraWhNM0dLRktZLzNRPT0tLTdncElFNVpVaURPaUhTdXE1bFdlaUE9PQ%3D%3D--16a8611f6809f4553e82045593967111a1ff0f25
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"114c6d241419144e65581118e9a3eac4"
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 4d07d1ef-2b40-45b9-b516-fc6ba5f4b1bf
ETag: W/"b68983fb39f921f086bad06dc72fcde4"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.051961
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:15 GMT
Set-Cookie: _agentformula_session=MTdHN2RwZjFyUG1hZE9tQzZRbnhoTHRCdkFpelB2TTJSYWlaRXcvSTVXQ21ZV3lrd2hSUjZqT0xDN1RpaGRsV1FoS2NrR2VaNllMbllYNjQ5eWxvR3JZS0ZDUWRUYVBSVFdrZWQwVEt5N1FSdVJDR0pkbkZ1WWVRYUJLRlhyZzdjMUJHM3o2My9qdGQrVDF5amVOWVRqd1FNb1ZMVWlwTjJaeXRmeWFsaGUzL1E1dzI4bEVRbmx0QnNjSlhUNUc0ZXRMS250V1N2V1VadHowdm5ORy9nU2ZhV2krdTEwTmxYUU1zaWs5bmliT3pDTGh2VXErUXozN0lTaTJBcWVNSTRwNGZZWWFZeE8xelVEaEJIMldTbUxKQWJZOXRyamtLY2hqNDFMck0vV1B5eWtMcEVNV2tOR2kwa042N1lwQjcvNitPWFRSM1dFeWFJNWhqeW55Mk1NWVhXaUxIV3lrL1pLODVMcGwzZS9UM3Q0NlNsTE9SY0NXT0ZObloybnUxLS1XZy90aWdueWsvblRQdmFRZFZvcHVBPT0%3D--86e327544bfafa1fe53a3a021325fbd0d4e4d00b; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
assets-jpcust.jwpsrv.com/player/6/6124956/ping.js
151.101.194.114200 OK 607 B URL HTTP/2 assets-jpcust.jwpsrv.com/player/6/6124956/ping.js
IP 151.101.194.114:0
Hash d1d1fc49ccfb4d91c37273a430c32f5e
60133823a61cc17786f41cf8972f43a91c48c7cc
89489534f6930a6138a08d0423facc7e4df58bf68d00a0098054146e1abf8fc6
GET /player/6/6124956/ping.js HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 12 Jan 2017 21:15:49 GMT
etag: "e11f4da88a8186056c01979bc54a55e5"
x-amz-meta-s3cmd-attrs: uid:1138/gname:michael/uname:michael/gid:1000/mode:33204/mtime:1484255728/atime:1484255728/md5:e11f4da88a8186056c01979bc54a55e5/ctime:1484255729
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-type: text/plain
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:15 GMT
age: 226
x-served-by: cache-iad-kcgs7200166-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 71, 1
x-timer: S1670626275.199950,VS0,VE91
vary: Accept-Encoding
server: nginx
content-length: 607
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
104.16.124.96200 OK 236 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP 104.16.124.96:0
Hash 6887067fe60d2119f489db3bd43610e8
e6047f91dbe6afc671f3ae174afcad77b74159a3
260de1a83b3ff279d3dcf4eb132f5b0098039e5d971e7c2acf428c3077baa43c
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pennycronelasvegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:15 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 77714debf863b518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js
151.101.194.114200 OK 8.4 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js
IP 151.101.194.114:0
File type ASCII text, with very long lines (21404), with no line terminators
Hash ec9bf2f3aacbc76caaabe523203abee7
5388667bf1463c4e67cbd62d40996063b83fcdc3
62253e24591e4dddf2abf0ebdea58a6ede0274d17b8267c30d36df0debe09025
GET /player/v/7.0.3/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 15:40:27 GMT
etag: "2a7ba57974f06d8fa1764d6a954539f3"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670626275.202143,VS0,VE241
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 8445
X-Firefox-Spdy: h2
d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg
54.230.245.99200 OK 277 kB URL HTTP/1.1 d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg
IP 54.230.245.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 973x730, components 3\012- data
Size 277 kB (276582 bytes)
Hash 98b48b014a9e0de112d6e44c7d36e820
c6d7362ab6783767b6ff90e99bfaf0e9a5a246dd
f369ed133fc0dd61576218d708e09825ff0c6ee328d2d48956ca441a18e78ef2
GET /backgrounds/main/55/las-vegas-home.jpg HTTP/1.1
Host: d2s0ek76zke5go.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 276582
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2013 22:49:03 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 09 Dec 2022 16:14:53 GMT
ETag: "98b48b014a9e0de112d6e44c7d36e820"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7Cn8yfw2-Eyu6Xvb1hPHjXIH9kNn8Z2vm0Z2hsdzLqOePdH1TmUmkw==
Age: 23783
dtd26ob4sfq17.cloudfront.net/graphics/icons.png
143.204.42.87200 OK 23 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons.png
IP 143.204.42.87:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f2d04895a3acecc9b674e1b359873552
8757a776f5481d815e920d4f35636e0121bb70e8
1cb040b5c2fe6d7aaa5ea9ae707232973439d5838481e339aa91d155254adefe
GET /graphics/icons.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 23031
Connection: keep-alive
Date: Fri, 09 Dec 2022 15:40:34 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:23 GMT
ETag: "f2d04895a3acecc9b674e1b359873552"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HnSasL3W4xYCrTIQHErxFtwQ1D0R5Zjnm7IFTSjtnzUdOZYpcaKW5Q==
Age: 25842
dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png
143.204.42.87200 OK 1.1 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png
IP 143.204.42.87:0
File type PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 05907b6bb1325e05cdf3301298d63ee4
5b9d3e42fd2908d2a3b9fdd2020671238a630e78
f1e2855e03bdae7ab6e4acc4cd8c805ec150029cc053c040994113b6092da278
GET /graphics/icons/person.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1066
Connection: keep-alive
Date: Fri, 09 Dec 2022 03:25:48 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:18 GMT
ETag: "05907b6bb1325e05cdf3301298d63ee4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PacVPKwI6NtZaeZ8e--A-nnv3f6CEmRkw-qddENj5XyIKlit4YmilA==
Age: 69928
dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png
143.204.42.87200 OK 1.1 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png
IP 143.204.42.87:0
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 7038033dcfc63585fddbf32d5b5cbb05
d911fec0a2d87807514141d2232585202047413d
afac238c5c5371119bea5317bc4a3ce8ed29041b6db6bdc2edfdbe375ab5b5b3
GET /graphics/icons/phone.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1108
Connection: keep-alive
Date: Fri, 09 Dec 2022 06:06:14 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:20 GMT
ETag: "7038033dcfc63585fddbf32d5b5cbb05"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vDyF-YE9AA3pFcEh80gPkWCDuROQF40Sfl4xVsEntqdWfDOs1sF9Fw==
Age: 60302
pennycronelasvegas.com/favicon.ico
96.126.99.100200 OK 1.2 kB URL HTTP/1.1 pennycronelasvegas.com/favicon.ico
IP 96.126.99.100:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 29ceaf045e68c6ad5712cc20077dafb4
c6b11f6e1771a1c2688dc1599e4c4241c1544543
2138186dfa4453368676ca8a6e95248e8e5b93f411798c083a968502893a9baf
GET /favicon.ico HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=UEF1dG1YWmNJdEdaSGlYTmZBbUIrRGxZVzAvZWN2OFZORTU0SDFtOTFIU0NXTWpQWWF3V0VhZVVObjVqUjNVdUZGRzU4Vnkrbk04TFR6NWFCVTg3SjdaUkNHMXc1MWNtOExlc0poWGRZZjA4NnRyK3JjU0x1YmZGcFVGS3ZhODNGUFRSbEtnVnhoRUh0OCt1YjkrN0xuYUFhMW0rM0dlNHRLam1yKzhpVG8yaFl1aFptSDJnaTVBVGNFelFtNjNjUFVkYUVla0FtRGdXWCs3eDVOV1ZjQUIvODNwMVRxcDJPL2llZnhzZys1TDBqOEpDMHdqV2lDbkJiN1UvVldFMlJGdW1TUVRvOVR3cEtKVHJSMGU3c0FCYm54amZQblhoREdCdFJYVmx6N3N4ZmhZNndOVDlTUGNaL0I3MlVLaVkvMTNYc2djSGV0bUNJdXk2aEFtRW8zRkdicDdOYlA0MElmcWlzeHNydHNONXlXYVpOaldRNVArYWNZc1RzbS9rbTdDRGltT0huSm1YMTc5UDJOMjVFWGFzM1F6UTJNQk93ZXpsQjZuQ3p4cE9EYjU2ZzVnYlZLaXF1OEhLeGl4VEcxTXpOZ2JQdUdXQ0lWY1N1NVNXeGl3YUhTUkhtQWZrUEFHaHVWNmRQR21ZSTVBSVRRUU5Tb3k1NTBKRkF2aVNLd2E3WXE5R1dyanllMzFVTjBvbVpiM2tpRGJLOXFkK0lpTEhaNlp4MTVtMGJLdG5yR1VsRi9jTGN0clNiamRxSldvRTR0cDZxOGVjQ3lFL3VNa00zdjFVc1dBKzUvbmJJUUdBZjI0akRicFVOdndWcDU0VzJtcy9oRVEvMmM1RVk4YldkelJiT095Vk9mYnVuNlNXbTltcWxDZzcvWWZGZEhqcXBCazlEZ0tNNmZvdzFiMVl6amh1eU1KKzgwYldaUklEdTNkcVJDK256QktBN1Y4N3lBPT0tLTZZNVI0RFZ3ZjFzeWM0a3diWDBjMVE9PQ%3D%3D--bf14d4a7eb43422a5e8d86bb774ecf8af6b57b8d; pennycronelasvegas.com=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Fri, 09 Dec 2022 22:51:15 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 16 Nov 2022 20:26:03 GMT
Connection: keep-alive
ETag: "6375475b-47e"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 18:42:08 GMT
expires: Sat, 09 Dec 2023 18:42:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 14947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 33484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png
143.204.42.87200 OK 1.1 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png
IP 143.204.42.87:0
File type PNG image data, 15 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash 22b8c3f79865bd8b5b76a7b64ee8f773
ae8121cb8dd5091b8a4e687b7bf88248a238b45a
b79f36abeb8193e42be1cd9aa732224e72390b968788bf4259258234c37f1314
GET /graphics/icons/email.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1118
Connection: keep-alive
Date: Fri, 09 Dec 2022 22:51:16 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:24 GMT
ETag: "22b8c3f79865bd8b5b76a7b64ee8f773"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ibPk-akshfAFAU-7G1fxfw96ZsCBh_9CGu5kZ2PQLJU5CZWWhYc0Og==
dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png
143.204.42.87200 OK 2.4 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png
IP 143.204.42.87:0
File type PNG image data, 34 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash f14d7380ba9be0a4929361f6f671db79
4dd6daa55e18da77d63263c090f09aa0ed74e5e0
8c8ab58ccdbce4cbd047f65c5fc8d2164e0c19b1c6c0a77cef3ec9a52f4a9115
GET /graphics/ico-home.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2447
Connection: keep-alive
Date: Fri, 09 Dec 2022 22:51:16 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:22 GMT
ETag: "f14d7380ba9be0a4929361f6f671db79"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IB5eMS89ZRfJKVhbh5aNuVvAEewhm57AiUFsiHwmgltPXiz8PjkQ8w==
dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png
143.204.42.87200 OK 960 B URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png
IP 143.204.42.87:0
File type PNG image data, 3 x 6, 8-bit/color RGBA, non-interlaced\012- data
Hash bdd44b7aa14603803b2a86bf58ca4e08
970a73a2e0b9f310c2c92ba707d239f423e5d376
8ce0ad22308424363b02ac37b3e85133b7d4f7e50e1e170154af032dc1fe1c95
GET /graphics/icons/nav-arrow.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 960
Connection: keep-alive
Date: Fri, 09 Dec 2022 22:51:16 GMT
Last-Modified: Tue, 08 Sep 2015 00:17:16 GMT
ETag: "bdd44b7aa14603803b2a86bf58ca4e08"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O-ldDqArqeEQO5frhoiAgs1YkiOJ-IERxvM79bxeB-bLmJEXG-SZpA==
content.jwplatform.com/thumbs/Ktl62Zxz-720.jpg
143.204.55.18302 Found 0 B URL HTTP/2 content.jwplatform.com/thumbs/Ktl62Zxz-720.jpg
IP 143.204.55.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/Ktl62Zxz-720.jpg HTTP/1.1
Host: content.jwplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: image/jpeg
content-length: 0
location: https://assets-jpcust.jwpsrv.com/thumbnails/9a8didp6-720.jpg
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
date: Fri, 09 Dec 2022 22:51:16 GMT
server: openresty
x-robots-tag: noindex, indexifembedded
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Hh4fepqjt1_kaV8_6E3v6QdfG5OoddyVBoA-nId2Kcute-BWEq5Y_g==
X-Firefox-Spdy: h2
assets-jpcust.jwpsrv.com/thumbnails/9a8didp6-720.jpg
151.101.194.114200 OK 27 kB URL HTTP/2 assets-jpcust.jwpsrv.com/thumbnails/9a8didp6-720.jpg
IP 151.101.194.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.24.102", baseline, precision 8, 720x404, components 3\012- data
Hash 68ac5c477870bf831758fcd62f43f8bf
8120d2f3e3f00b5994228a49271611d843ddc574
bf4d812ecb196a6132d562ec34c533dd8e4e578768456ad13a19ece305041e4e
GET /thumbnails/9a8didp6-720.jpg HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 29 Oct 2017 09:19:25 GMT
etag: "db16d83d9df9129e693cdc46f10f79ec"
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:16 GMT
age: 0
x-served-by: cache-iad-kiad7000058-IAD, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1670626276.364484,VS0,VE149
vary: Accept-Encoding
server: nginx
content-length: 26793
X-Firefox-Spdy: h2
jwpltx.com/v1/jwplayer6/ping.gif?h=972424200&tv=2.6.0&n=1114836317863236&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Halloween%20In%20Las%20Vegas&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=392&hls=&cp=0&sdk=0&emi=aa6ukhg2mub0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2FKtl62Zxz-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=Ktl62Zxz&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart
151.101.194.114204 No Content 0 B URL HTTP/2 jwpltx.com/v1/jwplayer6/ping.gif?h=972424200&tv=2.6.0&n=1114836317863236&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Halloween%20In%20Las%20Vegas&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=392&hls=&cp=0&sdk=0&emi=aa6ukhg2mub0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2FKtl62Zxz-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=Ktl62Zxz&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart
IP 151.101.194.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/jwplayer6/ping.gif?h=972424200&tv=2.6.0&n=1114836317863236&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Halloween%20In%20Las%20Vegas&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=392&hls=&cp=0&sdk=0&emi=aa6ukhg2mub0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2FKtl62Zxz-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=Ktl62Zxz&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart HTTP/1.1
Host: jwpltx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 22:51:13 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+419; expires=Sun, 08-Dec-2024 22:51:13 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg
52.216.154.246200 OK 0 B URL HTTP/1.1 s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg
IP 52.216.154.246:0
GET /glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /+na6iq6f9rY/J5MWdm3MwlLIdNvz697H9CZzX0P/iGvmcXcpGizbMlSGD7v+lOg53+9AvhTiIw=
x-amz-request-id: EA9C9VTRWD3DAH03
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 30 Nov 2015 02:55:12 GMT
ETag: "517180675348875d42a029031b8d4f81"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20263
s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg
52.216.154.246200 OK 0 B URL HTTP/1.1 s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg
IP 52.216.154.246:0
GET /glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2K/R3TNmb1pgaLhW4X1+5kiZTyj/hEizP91pObhLDqMsmIyfjOz4QtxcYE+M/w67R5xxyAajAis=
x-amz-request-id: EA91Q4PB80GFH57N
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 01 Nov 2021 19:11:21 GMT
ETag: "03e76aa23591f601b791db719befda45"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19716
fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic
IP 142.250.74.106:0
GET /css?family=Playfair+Display:400,400italic,700,700italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:51:13 GMT
date: Fri, 09 Dec 2022 22:51:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quicksand
IP 142.250.74.106:0
GET /css?family=Quicksand HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:51:13 GMT
date: Fri, 09 Dec 2022 22:51:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2