Report - pennycronelasvegas.com/

Report Overview

Submitted URL
pennycronelasvegas.com/
IP
96.126.99.100
ASN
#63949 Linode, LLC
Submitted
2022-12-09 22:51:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	11 kB	104.17.25.14
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	143.204.42.156
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
www.cloudflare.com	6775	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	561 B	104.16.124.96
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	4.3 kB	142.250.74.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	216.58.211.3
content.jwplatform.com	3255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	650 B	143.204.55.18
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	807 B	216.58.211.14
ssl.p.jwpcdn.com	2512	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	8.9 kB	151.101.194.114
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.0 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.136.21
s3.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	307 kB	52.216.154.246
d2s0ek76zke5go.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	277 kB	54.230.245.99
jwpltx.com	2651	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	877 B	199 B	151.101.194.114
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	759 B	1.5 kB	142.250.74.106
pennycronelasvegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	771 kB	96.126.99.100
images.dmca.com	11903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	769 B	3.8 kB	151.139.128.10
www.lasvegasrealtor.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	2.7 kB	74.208.20.193
dtd26ob4sfq17.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	32 kB	143.204.42.87
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
assets-jpcust.jwpsrv.com	2881	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	736 B	29 kB	151.101.194.114

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	pennycronelasvegas.com/	Phishing
2022-12-09	medium	pennycronelasvegas.com/	Phishing
2022-12-09	medium	pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js	Phishing
2022-12-09	medium	pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js	Phishing
2022-12-09	medium	pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js	Phishing
2022-12-09	medium	pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js	Phishing
2022-12-09	medium	pennycronelasvegas.com/fonts/avenir.woff	Phishing
2022-12-09	medium	pennycronelasvegas.com/	Phishing
2022-12-09	medium	pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js	Phishing
2022-12-09	medium	pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0	Phishing
2022-12-09	medium	pennycronelasvegas.com/fonts/avenir.ttf	Phishing
2022-12-09	medium	pennycronelasvegas.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	77 kB	2023-03-09	2023-03-09
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:31:47 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 3f4c11f067be8cf115884a9458755b87 c451eaff33fdac700c29550451e48c4cb66e75b5 1cd708e59e936efcac8fa227d19095307da054e811ebb8515a10333c7612037a Loading...

	pennycronelasvegas.com/	209 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 2af9da39d76b51c75fcd84f6cc6ba7be 9e4ad2566d7810cf4595b522c6d36b8d87763176 967dd175901a9fb3926686d6626866f31278fd3b4d59601d6e83b006a5736cb0 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 15:28:04 Times Seen37021288 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pennycronelasvegas.com/	695 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 4808651d4cc57c52fee33893cafdffc0 9173f37c4af58548cdb9958e69b053050067fb44 f4f2f5eb390148dede0682260552de7c18594ecaad4452bd222e19151fa3f8e1 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main	212 kB	2023-03-08	2023-12-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:09 Last Seen2023-12-02 15:44:19 Times Seen21 Hash 8bf322278cc4d5349d9f216543dad348 836605271acad0b93010bf2a97c2b4d2cdab6527 dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816 Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js	43 kB	2023-03-08	2023-03-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-13 12:48:18 Times Seen1 Hash 68b2488f42895575f623b54a2780d9ef 9a3999eabe2e99f967b44ac8f92703fa282d497b 9f07468af03f49be1ee3e7b224a68874d6583f8906aad815b86aa52d8fb14845 Loading...

	pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js	38 kB	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 42173c874591f88f85ab701df850d0e7 da2c85886430dd508ab6daa683411c3381666fdf fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b Loading...

	images.dmca.com/Badges/DMCABadgeHelper.min.js	465 B	2023-03-07	2024-04-21
Pretty URL images.dmca.com/Badges/DMCABadgeHelper.min.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-21 23:33:39 Times Seen3912 Hash bac6fb686027b93b6565e1b1e5e8e213 e585bdd95488444f0ce2888d8281dbdaf73ca2ea e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Loading...

	pennycronelasvegas.com/	789 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 1d135f2ed376c3fed7023cddac2959f6 3d06346c7c7a29915dce039435c7f2e24aa6879f 3966403f7c0241d4e4f4820177e1b4bd943a3e8016e5e1d1da3576d39f4d78dd Loading...

	assets-jpcust.jwpsrv.com/player/6/6124956/ping.js	1.4 kB	2023-03-08	2023-03-09
Pretty URL assets-jpcust.jwpsrv.com/player/6/6124956/ping.js IP 151.101.194.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash e11f4da88a8186056c01979bc54a55e5 414e25ac51174d4ace1f84d7a30517f121b9eabb c2e45ab0ed7253b725b6bc57913232b65477d5ecf11ed866f587bc4df8474f12 Loading...

	pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js	7.8 kB	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 6a8c64a9816c52d01a5c9a66f50a031e 6f7a2119a28757a936a3ad2d8ffd4553c1abcb2a e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc Loading...

	pennycronelasvegas.com/	299 B	2023-03-08	2023-04-24
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-04-24 10:59:11 Times Seen4 Hash 016c4c546ab696415f51879acdbfc5d2 aff0d3cd18302c209832fb2559b1cdc91d15efab 5d9139b2fccde0ef1f88ae647165636e2b22dcb6c9fc68ef64f0954ed7c74a5a Loading...

	pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js	483 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 8b69d038e9da700ec36148024782ba23 863f41c47cf9d843abfe8ce2b5514a691a57742a 4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e Loading...

	pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js	4.0 kB	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 70a774951af96e61e57cde64b49b66f7 bf9f3470f5ca10b7968b19656fcf692939e35caf d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14 Loading...

	ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js	21 kB	2023-03-08	2024-04-07
Pretty URL ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js IP 151.101.194.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2024-04-07 09:57:52 Times Seen57 Hash 2a7ba57974f06d8fa1764d6a954539f3 ff371f9b0ddd85521c96b66b21bd89e0dc8fce1a 88b95e41889181d10a0b4e76f249843790dd7ff53c5df0bea4233412111ab1de Loading...

		Size	First Seen	Last Seen
	#1 Eval - 444bcb3a3fcf8389296c49467f27e1d6	2 B	2023-03-08	2024-04-23
Pretty Observations First Seen2023-03-08 02:32:37 Last Seen2024-04-23 12:37:54 Times Seen107243 Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Loading...

HTTP Transactions (79)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Sat, 10 Dec 2022 01:37:08 GMT
Date: Fri, 09 Dec 2022 22:51:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2593
Expires: Fri, 09 Dec 2022 23:34:25 GMT
Date: Fri, 09 Dec 2022 22:51:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 22:33:14 GMT
content-type: application/json
age: 1078
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

pennycronelasvegas.com/

96.126.99.100

301 Moved Permanently

169 B

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
4d5df04587b6abb07e32aa83f8da135a
6692cd0836d1ee08ec23820ed703dd959c92e3f8
6df3768e22eccc33abe2a50cb4650dbfb5f4f5884d80c82508e62665d29dd6d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
server: nginx/1.17.3
date: Fri, 09 Dec 2022 22:51:12 GMT
content-type: text/html
content-length: 169
location: https://pennycronelasvegas.com/
access-control-allow-methods: POST, GET, OPTIONS
referrer-policy: no-referrer
set-cookie: NB_SRVID=srv1656166; path=/
cache-control: private
connection: close

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4843
Expires: Sat, 10 Dec 2022 00:11:55 GMT
Date: Fri, 09 Dec 2022 22:51:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WD+9n2IqUTafevMG9EOD8Qchevso8gPgUDDXz2RJqFj8aAjej52SH1f/8RvXU8qdeskza0G69Bg=
x-amz-request-id: X1AW2FYKYWZC3A9D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 22:48:33 GMT
age: 159
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 22:51:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 22:07:55 GMT
age: 2598
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5f120d7ebbbd8e854a0c542056947ad5
be81ac727cc582cfd6ed4af83c58f7f42239977d
48a1e62461c7885cb870dc89e9ad5ed8be95e416ed5d46081a001f5498bbf09c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48A1E62461C7885CB870DC89E9AD5ED8BE95E416ED5D46081A001F5498BBF09C"
Last-Modified: Fri, 09 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Sat, 10 Dec 2022 04:50:47 GMT
Date: Fri, 09 Dec 2022 22:51:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5928
Cache-Control: max-age=129270
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:45:43 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pennycronelasvegas.com/

96.126.99.100

200 OK

18 kB

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
18 kB (17763 bytes)
Hash
fd11d0a3289b58c5addd615614433d2c
6c8ac2396edc1d444138eef9ecb786c8f81c5813
c237fd1b38d14a137d434af6f48617dfb6c2ff464b9fdb6a19a2ad224eb541d7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 74a50d5e-8da3-47c9-a256-2c924cfceed9
ETag: W/"8537edf04ad7b38a42d74d6dc556530a"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.100053
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:13 GMT
Set-Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

push.services.mozilla.com/

35.161.136.21

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.136.21:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8sK3ZnolPXqY4q72NLDo8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QdSDxr12ZLaNqPzwhPp2nUIcTKw=

cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js

104.17.25.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32072)
Size
10 kB (10318 bytes)
Hash
b1d38b850f2d249ecb6bc995eecc9d96
30facf94c44ca45e7521a25e5e73273c26fa7ddd
8097499101c6c88640c1bc49c3f00179c32f842d6ce79482fa3ccb48a23203d2

HTTP Headers

GET /ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 10318
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8f-a750"
last-modified: Mon, 04 May 2020 16:06:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1676391
expires: Wed, 29 Nov 2023 22:51:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrGKy7vI7F3ojyLuxHR2z%2FsZ6BDTb%2F5YEXq%2B7v8QxWoXC0JwBpV3mZTygHEoePbY%2B4RdmlQPvKN3kDk9ZWG43o%2F8QmUauS%2B2erDsYJN%2FecJ%2FAsq7AKqXp0I%2FWvDoPf1zJBri5PoW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77714de2bc8bb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

images.dmca.com/Badges/DMCABadgeHelper.min.js

151.139.128.10

200 OK

395 B

URL HTTP/2
images.dmca.com/Badges/DMCABadgeHelper.min.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
395 B (395 bytes)
Hash
365ad8f83802168e7326b29df6a22f4a
a096aa3c7e46525c7b7c54cb6b7987f01559b688
dafd787e6bf2c7ed10cb6c14f36ada4e5e9b7c15ffe7393cd6000acb946ebf13

HTTP Headers

GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:13 GMT
content-encoding: gzip
content-length: 395
content-type: application/javascript
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1670626273.cds002.sk1.hn,1670626273.cds225.sk1.c
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2

images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496

151.139.128.10

200 OK

2.4 kB

URL HTTP/2
images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 100 x 20, 8-bit/color RGBA, interlaced\012- data
Size
2.4 kB (2390 bytes)
Hash
521db716019fc733b48f77f9822b30ee
8f8e11a44c38076713fd1a0233ef7de9f68498ed
2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1

HTTP Headers

GET /Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:13 GMT
content-length: 2390
content-type: image/png
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "70d0a63aace6d11:0"
x-powered-by: ASP.NET
x-hw: 1670626273.cds002.sk1.hn,1670626273.cds223.sk1.c
link: <https://www.dmca.com/Badges/dmca-badge-w100-5x1-11.png>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css

96.126.99.100

200 OK

9.2 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (36298)
Size
9.2 kB (9222 bytes)
Hash
d0edbc8e14faba86270de87d51cf4754
4f5d3c04af596b132b3def377d64ec541b46ee69
658fe67b2b2682a29798888db2473811ea843bd934022be7c0dfb83d7effb2d2

HTTP Headers

GET /assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: a62ecbf5-3536-44e8-9f41-cfa365bf5309
ETag: W/"a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667"
X-Runtime: 0.001232
Date: Fri, 09 Dec 2022 22:51:13 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c459cb4a805ba31e6a15ee485439eb00
70c5747293ae3678ca9563e3371cc7cdc163057b
809a60149b8908418157eb8c17dfc159c507c3e39238ee8118df92b3339614a1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 22:51:13 GMT
Last-Modified: Fri, 09 Dec 2022 21:11:11 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BhrdnsgIiVlbCLpZZq2pu8xUy3XmDjZF7pJDGWcZA2fH3hwszmICwA==
Age: 6002

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c459cb4a805ba31e6a15ee485439eb00
70c5747293ae3678ca9563e3371cc7cdc163057b
809a60149b8908418157eb8c17dfc159c507c3e39238ee8118df92b3339614a1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141254
Date: Fri, 09 Dec 2022 22:51:13 GMT
Etag: "63932938-1d7"
Expires: Sun, 11 Dec 2022 14:05:27 GMT
Last-Modified: Fri, 09 Dec 2022 12:25:28 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FWH0bfveqMO8VwWERhXmSQKc7WsZw7dwQnP4xIJzJ6QUoYLM8eUS0w==
Age: 5999

pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css

96.126.99.100

200 OK

1.4 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (4127)
Size
1.4 kB (1369 bytes)
Hash
f4897cf23e898fdd0fd4dfa22dd511a9
65816d4b1762d14f53486744ebf7ab451c063224
5860c6897bb7389941d3960bcdebb90c1a7b0fd0fb7c0f1285596b62f0f0e4e2

HTTP Headers

GET /assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: fca643ec-3240-48f3-877e-c6d73fc43bd1
ETag: W/"86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2"
X-Runtime: 0.001210
Date: Fri, 09 Dec 2022 22:51:13 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css

96.126.99.100

200 OK

3.1 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (12653)
Size
3.1 kB (3083 bytes)
Hash
14e02d2509c4e9c021da0ac5141ff383
c8cdc88b7b962aec32ec75a168058e1af2b4c1a1
343373f029bc431ff0c944aed6c9838897107cb5b62dae0b002ca355fe4ae535

HTTP Headers

GET /assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: f78aec50-feef-40fd-895a-e99f005eb148
ETag: W/"1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36"
X-Runtime: 0.000873
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js

96.126.99.100

200 OK

38 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (33913)
Size
38 kB (38476 bytes)
Hash
42173c874591f88f85ab701df850d0e7
da2c85886430dd508ab6daa683411c3381666fdf
fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 38476
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 60d75a44-2826-4830-866e-e8548660b23d
ETag: "fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b"
X-Runtime: 0.001250
Date: Fri, 09 Dec 2022 22:51:13 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js

96.126.99.100

200 OK

7.8 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (7836), with no line terminators
Size
7.8 kB (7836 bytes)
Hash
6a8c64a9816c52d01a5c9a66f50a031e
6f7a2119a28757a936a3ad2d8ffd4553c1abcb2a
e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7836
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: df264ddb-0dc1-45d3-a3b1-34646fdf0ef4
ETag: "e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc"
X-Runtime: 0.001282
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js

96.126.99.100

200 OK

483 B

URL HTTP/1.1
pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (483), with no line terminators
Size
483 B (483 bytes)
Hash
8b69d038e9da700ec36148024782ba23
863f41c47cf9d843abfe8ce2b5514a691a57742a
4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 483
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: e0262421-5c9a-49c4-913d-f05f5f180fba
ETag: "4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e"
X-Runtime: 0.001401
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js

96.126.99.100

200 OK

4.0 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (4026), with no line terminators
Size
4.0 kB (4026 bytes)
Hash
70a774951af96e61e57cde64b49b66f7
bf9f3470f5ca10b7968b19656fcf692939e35caf
d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4026
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: c5b0edcf-0763-4131-a9dd-c25eab1887d5
ETag: "d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14"
X-Runtime: 0.001329
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css

96.126.99.100

200 OK

45 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65368)
Size
45 kB (44710 bytes)
Hash
557969dc5021dde6791ead6c0422c4d7
7a50d476d4aa201371555069667e59ceb63e74f2
6a121afb31f6d5c8321e1bd2c0d1e030ac127c716f1bbb5aa8003a0b75f07e16

HTTP Headers

GET /assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 0aebccc5-dc55-4aa1-9164-c6e7ef9b7d63
ETag: W/"0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9"
X-Runtime: 0.000748
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png

96.126.99.100

200 OK

937 B

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
PNG image data, 1 x 45, 8-bit/color RGB, non-interlaced\012- data
Size
937 B (937 bytes)
Hash
4fdb1b014f02b9d864a630c39c2ef13a
ce10cd2e9ef878dbc42532b94eb3b9f95a7e798b
bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7

HTTP Headers

GET /assets/themes/realtyone/bg-bar-active.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 937
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: 706d33aa-f6c4-4d08-b35c-9c6cb29f8ac0
ETag: "bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7"
X-Runtime: 0.001047
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif

96.126.99.100

200 OK

1.3 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
GIF image data, version 89a, 1 x 45\012- data
Size
1.3 kB (1320 bytes)
Hash
993f232f9ea938ed9ea9d9ecbc32cbb6
0f7295588657c3e50c6090c67057bfbef32f9514
83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d

HTTP Headers

GET /assets/themes/realtyone/bg-bar.gif HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1320
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: 608bca11-63d8-4e0e-8c45-79cdc3f3a227
ETag: "83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d"
X-Runtime: 0.002780
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/fonts/avenir.woff

96.126.99.100

302 Found

97 B

URL HTTP/1.1
pennycronelasvegas.com/fonts/avenir.woff
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/avenir.woff HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 92a49c3a-805e-4ab5-af5c-6a10d8514784
Location: https://pennycronelasvegas.com/
X-Runtime: 0.012855
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:14 GMT
Set-Cookie: _agentformula_session=YnNGMHI2K21QUGhVeUppM1hldWRGeUhTM0lsZDVGSCtmTDhVVVhLQXVla3ZaMzJ5czVyVTMwNjVDQnI1RUZEY1VEVW5kNXRvTmdKRnhtOEJqM3NISEkrWUp5Nk5DS1gwOXUyZWVOS2V0bW9ORmwxVFpYZWtaMGFXa0xzS2MvMmZjRGJYYXZOMWJaanRqcW5QTXRrQ0hScVVBSnREUGRlL3ZxeFQzMmZNUTFEdWUwL21mTUt6ZjlPWmtPbCtOaTg3S0FuUVBhY1oyd3IvbzRMV0Z0Um5WTUZsN2oyR0pUU2NyL3Z0d3ZVbUJZbEliTVkyb2ZyTHpUVTQ3blFocDlkMzRKbjhPYjVkcHgza0YvVFM2RlZlcnp2bS8zTVFjckdNTzUvVkQrUzdvTmxoZmNFQndrZWUvSHNJaXBJS2JOSUExd2tSVVNGZFpOUkVKMXlQKzVqZWE4djZhRU5HYUdhU1piVWY3enhXUUg5K3FSZHExMElsS0pOTFZWNHJCdGNaT3VnbzJlSWhJOFhqSGFGZnQ0bEcva1hrRkVQeklJbSt5L1FzNnRjSWRjdC9JVGpJL0t0cTFvTGh5bXZZcXMybGtsbFVXY3kvemUxYVQ4VElwWmt6WXdWeDNuRW9vSklNbmUzM2tWNHlORmpTNFZxL0xDRXJrNUtwbm10ZW1rN1VjcHZQLzZWOU9EaDRjMDdYeHRjTGdQbkhaYnFZc0YyWG00SE51MUk1OUw1cFphWjdpNmRHMElFczBMNXVacGN6NHNtQjJENlQ5a0RWODdMbjhldzZnaEFka3d3MlRiQnJLK0o3QUxGdW9YSXcvQ2gwMmdQa21vRkpXa2VTbTg5ejgvM1V4ZkYyTllVM3RMWkNBVUhzanJIcE5Pb3hLQzJQd2NXM0E2cVR3eFF1Y3pNNDVrVVFjZU9jZFJsRlBCTzVpVVl3TGVoT0psOUk0bGJvVFE1ZFpBPT0tLUNjNlVuclRTTGdjU21KMStRTVdvS0E9PQ%3D%3D--9f3ff6fabdb12de6a8c40e46ba6d14bab682f7ed; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg

52.216.154.246

200 OK

90 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=2592, bps=182, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 40D, orientation=upper-left, width=3888], baseline, precision 8, 325x252, components 3\012- data
Size
90 kB (89780 bytes)
Hash
0e9c43a2b1edd19fd678777ea7a0ea7c
744e5a6caa285f62e9c10a32ca6fd96d25813c65
26790e6caf160c0d32bc952c10d34cb2cf7f5b743884d3739c38b4c1598ee929

HTTP Headers

GET /glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Ll39dH6aSnI9nH0iPP83+s+FrDfGegsu78ViD8wLVdMIqrOaQGhZ7agxsLqidIQrvycVuc8YaXc=
x-amz-request-id: EA9FQTTAC99BEW0C
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Thu, 19 May 2016 01:50:38 GMT
ETag: "0e9c43a2b1edd19fd678777ea7a0ea7c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 89780

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4e9bab6dc8633c251d9a411cc1da0a96
af925889c86bb53a5b96e21c2a06653e6fb33edc
406df07af23d77c710d7675f869da89a4e36c0aad44c58f26bf00eb58987e253

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:14 GMT
Server: ECS (amb/6B8B)
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6636
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 22:51:14 GMT
Connection: keep-alive

pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png

96.126.99.100

200 OK

26 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
PNG image data, 80 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25760 bytes)
Hash
bef2baa6d19968878b9c24b337bb6d51
a61917f66a760bddade27d336c64c1982cf216a5
c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad

HTTP Headers

GET /assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Fri, 09 Dec 2022 22:51:14 GMT
Content-Type: image/png
Content-Length: 25760
Last-Modified: Thu, 08 Oct 2020 11:52:47 GMT
Connection: keep-alive
ETag: "5f7efd8f-64a0"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12990 bytes)
Hash
e8a5e9d0cddf26cf3a1478d2942f2478
e8a228a857a414f04108c84670ed7bc74534407c
3a15851f412000f1647057745348bc6f6e2f0cfe481ca7a72f6e94fab8d5e52e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12990
x-amzn-requestid: 2e4f71f3-b81d-4822-a13a-e8367a76aa20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMREp3IAMFRJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-447650995616ab6a09780380;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D3mXg-fDM59RiUxg-BxZNdAQG4_iGSTcxhleWiDkSmwlOdxS8SGhDA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
age: 3343
etag: "e8a228a857a414f04108c84670ed7bc74534407c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7444 bytes)
Hash
00ad01d32ff690b4a28f6d0555c7e146
c607a2782213afcc058882ffa11a08860a6de034
b5896253222e132fa68f11fba133195a20e4aad94f8cdbfef747ded7e9243b0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7444
x-amzn-requestid: eaf9e585-6b52-46c3-a62a-fa591bbf2204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5f7BEV6IAMFbIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ad13-3cab7e35787037ec74ff6e31;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:48:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q-JwtoYGsFkpCudY52QAzpwi-93TU1Eh_1szsnTQp1jHpILapcn5PQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
etag: "c607a2782213afcc058882ffa11a08860a6de034"
content-type: image/jpeg
age: 3343
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 67447
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8473 bytes)
Hash
afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oe1qgsBhixlxqlLZdNtuON-CMoWDhGTH1SQhmQQhLGYTmp_R9FKaEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:41 GMT
age: 3333
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12743 bytes)
Hash
0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 2857
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8841 bytes)
Hash
9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F_FNF6MAvQjqQ9kTGvu8lERPdurC-ZyLWtxQ5Ezs1OBUUmejNwiQ4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:13 GMT
age: 3061
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg

52.216.154.246

200 OK

21 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 325x252, components 3\012- data
Size
21 kB (21398 bytes)
Hash
ffff00465ef2c4e8095b2b1513a4e2b9
93b89366b1bff61f66a951987f2c84f9dff724ff
fd028a4ff9ec99488d7fcb7aab6ca42ef271f1c4b65e2a9c5ff80f11c7b92ab7

HTTP Headers

GET /glvar-photos/callouts/small/1/nosy.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: uMs90iOQZIw/Mb6sm9btQ7TfdxQ7hLsnD+wp/tAlIl4LqkgWYrteThxwPHyIHK+4Z0fWgcNu/JA=
x-amz-request-id: EA92QTCBTHDWVKYM
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 30 Nov 2015 02:53:29 GMT
ETag: "ffff00465ef2c4e8095b2b1513a4e2b9"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21398

s3.amazonaws.com/glvar-photos/logos/original/1108/download.png

52.216.154.246

200 OK

5.8 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/logos/original/1108/download.png
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type
PNG image data, 325 x 155, 8-bit colormap, non-interlaced\012- data
Size
5.8 kB (5754 bytes)
Hash
73eba774f375c4f8da31cb0867e39b4f
042175818c35094c650d9dcb3cfabc466c22012b
67a439992bd17b27eea80162579a0b6ee57e82ad3708c3d8fc26acd2c42401f6

HTTP Headers

GET /glvar-photos/logos/original/1108/download.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: xPERNJxdUqVs/phYZW6QYkJCR1QJR+1j7ZJkh15unZT4/mc0nep2wMosKdZbZzDXGNbbTbvVm0Q=
x-amz-request-id: EA9813Q67G37FX6P
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Tue, 07 Apr 2020 23:30:46 GMT
ETag: "73eba774f375c4f8da31cb0867e39b4f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5754

s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png

52.216.154.246

200 OK

152 kB

URL HTTP/1.1
s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 510x600, components 3\012- data
Size
152 kB (152094 bytes)
Hash
c39d9c1050ca677a6f1a8fe6a5b65f1b
ec88a3e52e1c8d5c2a232fac2adc1ebf1ea250c8
1362f9581bda10f2d48d782bdf044eeb8c30cb8c61b9e6b11c4aeb6d815ef236

HTTP Headers

GET /photo-gallery.agentformula.com/1/housebullet2.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: PJzdz4Q9FmM5YxcR3wocUbhC1kK9y3PzlEgKMG7e39M1HkRjmwFKbWUkn6JuvLOQ42pLamkwfbs=
x-amz-request-id: EA90JSJCW1DX8HVR
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Sun, 31 May 2020 06:51:10 GMT
ETag: "c39d9c1050ca677a6f1a8fe6a5b65f1b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 152094

pennycronelasvegas.com/

96.126.99.100

200 OK

18 kB

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
18 kB (17772 bytes)
Hash
58fd568f481ab05c08e3ee637202aaee
c9405e2f9ff7d1b915d1eae6a31adbdfb5ca9507
a3c70c04e0cec648da786bbcf928087c0a0139f6b70e14f74c8192e75ded6578

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=YnNGMHI2K21QUGhVeUppM1hldWRGeUhTM0lsZDVGSCtmTDhVVVhLQXVla3ZaMzJ5czVyVTMwNjVDQnI1RUZEY1VEVW5kNXRvTmdKRnhtOEJqM3NISEkrWUp5Nk5DS1gwOXUyZWVOS2V0bW9ORmwxVFpYZWtaMGFXa0xzS2MvMmZjRGJYYXZOMWJaanRqcW5QTXRrQ0hScVVBSnREUGRlL3ZxeFQzMmZNUTFEdWUwL21mTUt6ZjlPWmtPbCtOaTg3S0FuUVBhY1oyd3IvbzRMV0Z0Um5WTUZsN2oyR0pUU2NyL3Z0d3ZVbUJZbEliTVkyb2ZyTHpUVTQ3blFocDlkMzRKbjhPYjVkcHgza0YvVFM2RlZlcnp2bS8zTVFjckdNTzUvVkQrUzdvTmxoZmNFQndrZWUvSHNJaXBJS2JOSUExd2tSVVNGZFpOUkVKMXlQKzVqZWE4djZhRU5HYUdhU1piVWY3enhXUUg5K3FSZHExMElsS0pOTFZWNHJCdGNaT3VnbzJlSWhJOFhqSGFGZnQ0bEcva1hrRkVQeklJbSt5L1FzNnRjSWRjdC9JVGpJL0t0cTFvTGh5bXZZcXMybGtsbFVXY3kvemUxYVQ4VElwWmt6WXdWeDNuRW9vSklNbmUzM2tWNHlORmpTNFZxL0xDRXJrNUtwbm10ZW1rN1VjcHZQLzZWOU9EaDRjMDdYeHRjTGdQbkhaYnFZc0YyWG00SE51MUk1OUw1cFphWjdpNmRHMElFczBMNXVacGN6NHNtQjJENlQ5a0RWODdMbjhldzZnaEFka3d3MlRiQnJLK0o3QUxGdW9YSXcvQ2gwMmdQa21vRkpXa2VTbTg5ejgvM1V4ZkYyTllVM3RMWkNBVUhzanJIcE5Pb3hLQzJQd2NXM0E2cVR3eFF1Y3pNNDVrVVFjZU9jZFJsRlBCTzVpVVl3TGVoT0psOUk0bGJvVFE1ZFpBPT0tLUNjNlVuclRTTGdjU21KMStRTVdvS0E9PQ%3D%3D--9f3ff6fabdb12de6a8c40e46ba6d14bab682f7ed
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"8537edf04ad7b38a42d74d6dc556530a"

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 00916456-cbf5-484a-8f16-4fffc0c8a251
ETag: W/"114c6d241419144e65581118e9a3eac4"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.055767
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:14 GMT
Set-Cookie: _agentformula_session=K3NRSFozQzNmSVJOYVJJYllUMDFBVVNBZk1PMXZ5NGxTNlFDeFZvNmxHNHJDSG5zVVFLSXJGMlplclVjbUFQbU1pNzFpeFB2Q1UyNXpCNWJ3eVRtN1d6SzB3b0VVYjFUQk1keWtlOVd2WHFzRDZXbGhOUjBqYlR0MkNKNmNxMG9Rc3ZqYitPdXZocUpicDN0ZVRNTTU2QzdUQ0hBUzU2and3enFuejJ4aHpQN1hwekxTV04ray84Zk5XVm5HYi9aZWc4VllhRExGbERTdlZMOXBpMjhLdTFUMW1YWENnUmVVd3NaYmFPeUtGNDd5WUpKQzVlSEJOOTVWM3pKbEZkSFp5R294RWtYQkxtRDEvaGw2bWwwd2J6TnlobUZYVG5GcjNPNEYrZHlCbllMMGxhU1UwUEp4MFNpaXZkek1hRHBpendXS1lJTXhuM2VPYnNTaGVmZDNlQXRzeVI4N3dRYkRIOW5rYWlrOEpXeUxwN2F1bWl0dG9ucEw5OVhqSVlSLS1kR0NDc3BwczRvRXFjWVRvbzgvUThRPT0%3D--99a78a32070f9f57401a6297ae963806b8344c9d; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png

74.208.20.193

200 OK

2.4 kB

URL HTTP/1.1
www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png
IP
74.208.20.193:0
ASN
#8560 IONOS SE

File type
PNG image data, 66 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2372 bytes)
Hash
187543743a882dd72f205bc0c9a2e6c9
838981cecda56c5be272e373e4d5b3908bfb9270
9679bad0c044970f4b45c9911a09d889ac63ef586fa22eeec6b62da4c71ef6b2

HTTP Headers

GET /img/logos/lvr-logo-66x27.png HTTP/1.1
Host: www.lasvegasrealtor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 22:51:14 GMT
Server: Apache/2.4.41 (Win64) PHP/7.3.12 OpenSSL/1.1.1c
Last-Modified: Wed, 12 Feb 2020 00:49:29 GMT
ETag: "944-59e5658475840"
Accept-Ranges: bytes
Content-Length: 2372
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg

52.216.154.246

200 OK

7.8 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, PhotometricIntepretation=RGB, xresolution=122, yresolution=130, resolutionunit=2, software=Photos 4.0, datetime=2020:02:11 16:53:56], baseline, precision 8, 99x116, components 3\012- data
Size
7.8 kB (7807 bytes)
Hash
93f5b5d231a0c545d0d346da11221ff4
058455e7e7ae4e618d9b0906fd5a7ebe089915b7
ad2634edd7983f1cfb6c38bf0f07f7c7935d5eee8f28a4924fc2f55bed0e5699

HTTP Headers

GET /glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2U5Rt/waAGI0QScTEziAOFO45B4UeD5N7bGzbp0npFluVni246d8riuZYi2WBfrNyTKO0XCeqsk=
x-amz-request-id: EA9DHC07BRXG1SGR
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 01 Nov 2021 19:10:23 GMT
ETag: "93f5b5d231a0c545d0d346da11221ff4"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7807

pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js

96.126.99.100

200 OK

498 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (32832)
Size
498 kB (497568 bytes)
Hash
474514ae84592eed4cee7100e55fe4f9
d23d44d24f16d2e8fe7659c8a7d0dbfbe3265d6b
c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 497568
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: fd8ad9a7-ad55-4cf7-9535-7762128d4f08
ETag: "c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585"
X-Runtime: 0.000656
Date: Fri, 09 Dec 2022 22:51:14 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png

52.216.154.246

200 OK

28 kB

URL HTTP/1.1
s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type
PNG image data, 595 x 149, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27690 bytes)
Hash
47a6f19c07360806ebd0e2251f8f61bb
51373f28e7f3ff1eb950d261048097ba525a1a14
d75e93d9bc3280d7e4df4078f7236499ce6b5475280232fa5e03b9c065511ac8

HTTP Headers

GET /photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: RLzBlm/YIg+6UCKWNKVkRbU8jNSAinjWj4Zl/wahAzNxyRHRv051NMgQ0LHmeMGUWouWe86TUFk=
x-amz-request-id: EA951NKQCGVH3R4S
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 13 Jun 2022 21:43:19 GMT
ETag: "47a6f19c07360806ebd0e2251f8f61bb"
Accept-Ranges: bytes
Content-Type: 
Server: AmazonS3
Content-Length: 27690

pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0

96.126.99.100

200 OK

67 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0 HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=eCs0NUk1L2J5a2NaWDROL25FZ3QzVHpSRkZLRFByVVhrT01iTnRydWFRTzdaSEU0YkhFOHBLSU5TekpVaWJkMWdsNHM0eHVweUFTeVp2STQrWThucnViUTc1UnRvVkdxWTVSY2xsYkVoVmFCVkRJVXlUeTNLRkI1ZWpZOW5uT1FXK3RpcXh5bWZ2b1lMbUpKd3lwU1h2MFVIMzVIWldMdjFZMHp5d0VMdExaVjZOQXJGMWZTUUpqZmNxOHpORzJDSDIyL0lKdVR6RzNiNVpuVG1taWc2aGhCUjNVeVY3SFZhOWcwTnpxRDFUdHZKZjkwZVcvNllNQkx6OFBLa3UrbWcydXNGVnVmdTc4SFNsRDJHWXI5dDZ5RUt1clQ5MVp6QTI1amI1OEhGOXI4RWhPM2pnWkhmRjh2QU5GNjREOGFLVmkvRm1tS3UveGNpNTYzeUhtRjlkQTVzMFpsaklMUnZ1YnYxQTZtVzNLaGx4UHpvS2hzUWRvOUJIV1RlV0VLLS1UdFNkL2M5QTUzK1ZIVTY1WTJ6V3N3PT0%3D--2cfaf510d60be25e171c22a112d596468eba0593
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Fri, 09 Dec 2022 22:51:14 GMT
Content-Type: font/woff2
Content-Length: 66624
Last-Modified: Mon, 24 Feb 2020 17:10:36 GMT
Connection: keep-alive
ETag: "5e54038c-10440"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes

pennycronelasvegas.com/fonts/avenir.ttf

96.126.99.100

302 Found

97 B

URL HTTP/1.1
pennycronelasvegas.com/fonts/avenir.ttf
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/avenir.ttf HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=K3NRSFozQzNmSVJOYVJJYllUMDFBVVNBZk1PMXZ5NGxTNlFDeFZvNmxHNHJDSG5zVVFLSXJGMlplclVjbUFQbU1pNzFpeFB2Q1UyNXpCNWJ3eVRtN1d6SzB3b0VVYjFUQk1keWtlOVd2WHFzRDZXbGhOUjBqYlR0MkNKNmNxMG9Rc3ZqYitPdXZocUpicDN0ZVRNTTU2QzdUQ0hBUzU2and3enFuejJ4aHpQN1hwekxTV04ray84Zk5XVm5HYi9aZWc4VllhRExGbERTdlZMOXBpMjhLdTFUMW1YWENnUmVVd3NaYmFPeUtGNDd5WUpKQzVlSEJOOTVWM3pKbEZkSFp5R294RWtYQkxtRDEvaGw2bWwwd2J6TnlobUZYVG5GcjNPNEYrZHlCbllMMGxhU1UwUEp4MFNpaXZkek1hRHBpendXS1lJTXhuM2VPYnNTaGVmZDNlQXRzeVI4N3dRYkRIOW5rYWlrOEpXeUxwN2F1bWl0dG9ucEw5OVhqSVlSLS1kR0NDc3BwczRvRXFjWVRvbzgvUThRPT0%3D--99a78a32070f9f57401a6297ae963806b8344c9d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 6cb30cf4-8791-4c7a-86a0-ad7734565080
Location: https://pennycronelasvegas.com/
X-Runtime: 0.010505
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:14 GMT
Set-Cookie: _agentformula_session=ZGg5dXplQ2gwOXRrV1MrdE9rb2MrM2ZpYlN6ZUwyYStmeDZvTWJmaUtyRkpTNmtxa25LZFNmcWlHVlRobXJudHUwOUFPZE45MEcxNG1SOUMxQzVxbE85eTNmZmVTVldBcnBndWowMnI4R2hIVUxPeDk5aXNwZ3R6b09maHhYS2t2b1dIZnFPcHFNU1NRbDkyVFVWOUdMQmVTOFcrOUk2cXZENmhla1NFbkVxeitpaGU1T1l0a1JmRmh3c0o3VmNkbXI0K0NqVmxvQ3VNbys3MS9WblVXR0p3eWt6bWp0UzFWazhaTE55T3hWMUw1Umw5Tnp2SnFQWjRSSmRqUjd6bWltSnlxL0E3TkMvUWdnekE4RExZSTdGcmRRbUQ5LzlpU3cwY1kwVXIwRDJUUXBSUXhNQlVtKy9Ba0grRHBJY0xON3c5WENGZnRuZDJEamR2azlBYnFhYmxlU1lVKzBtNXJjZ0VROVI2cDZJWGlNZUgwSDcwYVduRlVQM1Bvb1Vtbk4reG1KbEdYQnk2RWxsR1lBOG9BL29iUUIrZEFCd0dUNkJXdmNvSWVkbkxWQjI2UGtjbGllUlRmZTFWWktDblRmWEVJL3lvbGdPL3c0TmNqSFRpTzZVWkJkaHVhbTFiUWFoYmFRaXFOT0dwVzl6ZmlQdGRjMzFEOGQ3OGV0R1lLamh5dGJVRkUyK1JjdVdaWHNlUW93Y21rMDdMUWsvbERIeVVVUi9HSGVwOVAxQ1RYYzRZU2Nya0xRUVlJVGJNQUxmRkFOMUZ3ejI3eENEVHFhaU9hUm9acUxkTis3VEhQMTF2RmcxblNvcXVROWFrcXBXY3pPZTd1NGRGZUVkSm5iSVhDU1k0TW5OcUwwZUh3S2NUM0s5QUJEQUVUS2FlZTBPemFEd0lzZFRjQjB6azFxL0pjMG51emQ3eWRKRHBYcXM5akgxOFJraWhNM0dLRktZLzNRPT0tLTdncElFNVpVaURPaUhTdXE1bFdlaUE9PQ%3D%3D--16a8611f6809f4553e82045593967111a1ff0f25; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e9d006b90824c97342cc37829f8ffc4b
88e267e94f6d9d44877182a349c9702fe763fb45
ed1b527765c8090e33241a246be3c3a3acb3419ef63599b68c50180b073705e2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5816
Cache-Control: max-age=129535
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Etag: "6392fc2b-117"
Expires: Sun, 11 Dec 2022 10:50:10 GMT
Last-Modified: Fri, 09 Dec 2022 09:13:15 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

pennycronelasvegas.com/

96.126.99.100

200 OK

18 kB

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
18 kB (17773 bytes)
Hash
efd95318dbde411db5e3a661a6edd397
e78831810ba3014327f19bd3f605eaea0d6644f5
8ad7e8ffb04840f543faa78ca28af8f836802199a6196726fc4347f84938182a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=ZGg5dXplQ2gwOXRrV1MrdE9rb2MrM2ZpYlN6ZUwyYStmeDZvTWJmaUtyRkpTNmtxa25LZFNmcWlHVlRobXJudHUwOUFPZE45MEcxNG1SOUMxQzVxbE85eTNmZmVTVldBcnBndWowMnI4R2hIVUxPeDk5aXNwZ3R6b09maHhYS2t2b1dIZnFPcHFNU1NRbDkyVFVWOUdMQmVTOFcrOUk2cXZENmhla1NFbkVxeitpaGU1T1l0a1JmRmh3c0o3VmNkbXI0K0NqVmxvQ3VNbys3MS9WblVXR0p3eWt6bWp0UzFWazhaTE55T3hWMUw1Umw5Tnp2SnFQWjRSSmRqUjd6bWltSnlxL0E3TkMvUWdnekE4RExZSTdGcmRRbUQ5LzlpU3cwY1kwVXIwRDJUUXBSUXhNQlVtKy9Ba0grRHBJY0xON3c5WENGZnRuZDJEamR2azlBYnFhYmxlU1lVKzBtNXJjZ0VROVI2cDZJWGlNZUgwSDcwYVduRlVQM1Bvb1Vtbk4reG1KbEdYQnk2RWxsR1lBOG9BL29iUUIrZEFCd0dUNkJXdmNvSWVkbkxWQjI2UGtjbGllUlRmZTFWWktDblRmWEVJL3lvbGdPL3c0TmNqSFRpTzZVWkJkaHVhbTFiUWFoYmFRaXFOT0dwVzl6ZmlQdGRjMzFEOGQ3OGV0R1lLamh5dGJVRkUyK1JjdVdaWHNlUW93Y21rMDdMUWsvbERIeVVVUi9HSGVwOVAxQ1RYYzRZU2Nya0xRUVlJVGJNQUxmRkFOMUZ3ejI3eENEVHFhaU9hUm9acUxkTis3VEhQMTF2RmcxblNvcXVROWFrcXBXY3pPZTd1NGRGZUVkSm5iSVhDU1k0TW5OcUwwZUh3S2NUM0s5QUJEQUVUS2FlZTBPemFEd0lzZFRjQjB6azFxL0pjMG51emQ3eWRKRHBYcXM5akgxOFJraWhNM0dLRktZLzNRPT0tLTdncElFNVpVaURPaUhTdXE1bFdlaUE9PQ%3D%3D--16a8611f6809f4553e82045593967111a1ff0f25
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"114c6d241419144e65581118e9a3eac4"

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 4d07d1ef-2b40-45b9-b516-fc6ba5f4b1bf
ETag: W/"b68983fb39f921f086bad06dc72fcde4"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.051961
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 22:51:15 GMT
Set-Cookie: _agentformula_session=MTdHN2RwZjFyUG1hZE9tQzZRbnhoTHRCdkFpelB2TTJSYWlaRXcvSTVXQ21ZV3lrd2hSUjZqT0xDN1RpaGRsV1FoS2NrR2VaNllMbllYNjQ5eWxvR3JZS0ZDUWRUYVBSVFdrZWQwVEt5N1FSdVJDR0pkbkZ1WWVRYUJLRlhyZzdjMUJHM3o2My9qdGQrVDF5amVOWVRqd1FNb1ZMVWlwTjJaeXRmeWFsaGUzL1E1dzI4bEVRbmx0QnNjSlhUNUc0ZXRMS250V1N2V1VadHowdm5ORy9nU2ZhV2krdTEwTmxYUU1zaWs5bmliT3pDTGh2VXErUXozN0lTaTJBcWVNSTRwNGZZWWFZeE8xelVEaEJIMldTbUxKQWJZOXRyamtLY2hqNDFMck0vV1B5eWtMcEVNV2tOR2kwa042N1lwQjcvNitPWFRSM1dFeWFJNWhqeW55Mk1NWVhXaUxIV3lrL1pLODVMcGwzZS9UM3Q0NlNsTE9SY0NXT0ZObloybnUxLS1XZy90aWdueWsvblRQdmFRZFZvcHVBPT0%3D--86e327544bfafa1fe53a3a021325fbd0d4e4d00b; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

assets-jpcust.jwpsrv.com/player/6/6124956/ping.js

151.101.194.114

200 OK

607 B

URL HTTP/2
assets-jpcust.jwpsrv.com/player/6/6124956/ping.js
IP
151.101.194.114:0
ASN
#54113 FASTLY

File type
ASCII text
Size
607 B (607 bytes)
Hash
d1d1fc49ccfb4d91c37273a430c32f5e
60133823a61cc17786f41cf8972f43a91c48c7cc
89489534f6930a6138a08d0423facc7e4df58bf68d00a0098054146e1abf8fc6

HTTP Headers

GET /player/6/6124956/ping.js HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 12 Jan 2017 21:15:49 GMT
etag: "e11f4da88a8186056c01979bc54a55e5"
x-amz-meta-s3cmd-attrs: uid:1138/gname:michael/uname:michael/gid:1000/mode:33204/mtime:1484255728/atime:1484255728/md5:e11f4da88a8186056c01979bc54a55e5/ctime:1484255729
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-type: text/plain
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:15 GMT
age: 226
x-served-by: cache-iad-kcgs7200166-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 71, 1
x-timer: S1670626275.199950,VS0,VE91
vary: Accept-Encoding
server: nginx
content-length: 607
X-Firefox-Spdy: h2

www.cloudflare.com/cdn-cgi/trace

104.16.124.96

200 OK

236 B

URL HTTP/2
www.cloudflare.com/cdn-cgi/trace
IP
104.16.124.96:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
236 B (236 bytes)
Hash
6887067fe60d2119f489db3bd43610e8
e6047f91dbe6afc671f3ae174afcad77b74159a3
260de1a83b3ff279d3dcf4eb132f5b0098039e5d971e7c2acf428c3077baa43c

HTTP Headers

GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pennycronelasvegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Dec 2022 22:51:15 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 77714debf863b518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js

151.101.194.114

200 OK

8.4 kB

URL HTTP/2
ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js
IP
151.101.194.114:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21404), with no line terminators
Size
8.4 kB (8445 bytes)
Hash
ec9bf2f3aacbc76caaabe523203abee7
5388667bf1463c4e67cbd62d40996063b83fcdc3
62253e24591e4dddf2abf0ebdea58a6ede0274d17b8267c30d36df0debe09025

HTTP Headers

GET /player/v/7.0.3/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 15:40:27 GMT
etag: "2a7ba57974f06d8fa1764d6a954539f3"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670626275.202143,VS0,VE241
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 8445
X-Firefox-Spdy: h2

d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg

54.230.245.99

200 OK

277 kB

URL HTTP/1.1
d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg
IP
54.230.245.99:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 973x730, components 3\012- data
Size
277 kB (276582 bytes)
Hash
98b48b014a9e0de112d6e44c7d36e820
c6d7362ab6783767b6ff90e99bfaf0e9a5a246dd
f369ed133fc0dd61576218d708e09825ff0c6ee328d2d48956ca441a18e78ef2

HTTP Headers

GET /backgrounds/main/55/las-vegas-home.jpg HTTP/1.1
Host: d2s0ek76zke5go.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 276582
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2013 22:49:03 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 09 Dec 2022 16:14:53 GMT
ETag: "98b48b014a9e0de112d6e44c7d36e820"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7Cn8yfw2-Eyu6Xvb1hPHjXIH9kNn8Z2vm0Z2hsdzLqOePdH1TmUmkw==
Age: 23783

dtd26ob4sfq17.cloudfront.net/graphics/icons.png

143.204.42.87

200 OK

23 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons.png
IP
143.204.42.87:0
ASN
#16509 AMAZON-02

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (23031 bytes)
Hash
f2d04895a3acecc9b674e1b359873552
8757a776f5481d815e920d4f35636e0121bb70e8
1cb040b5c2fe6d7aaa5ea9ae707232973439d5838481e339aa91d155254adefe

HTTP Headers

GET /graphics/icons.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 23031
Connection: keep-alive
Date: Fri, 09 Dec 2022 15:40:34 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:23 GMT
ETag: "f2d04895a3acecc9b674e1b359873552"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HnSasL3W4xYCrTIQHErxFtwQ1D0R5Zjnm7IFTSjtnzUdOZYpcaKW5Q==
Age: 25842

dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png

143.204.42.87

200 OK

1.1 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png
IP
143.204.42.87:0
ASN
#16509 AMAZON-02

File type
PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1066 bytes)
Hash
05907b6bb1325e05cdf3301298d63ee4
5b9d3e42fd2908d2a3b9fdd2020671238a630e78
f1e2855e03bdae7ab6e4acc4cd8c805ec150029cc053c040994113b6092da278

HTTP Headers

GET /graphics/icons/person.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1066
Connection: keep-alive
Date: Fri, 09 Dec 2022 03:25:48 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:18 GMT
ETag: "05907b6bb1325e05cdf3301298d63ee4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PacVPKwI6NtZaeZ8e--A-nnv3f6CEmRkw-qddENj5XyIKlit4YmilA==
Age: 69928

dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png

143.204.42.87

200 OK

1.1 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png
IP
143.204.42.87:0
ASN
#16509 AMAZON-02

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1108 bytes)
Hash
7038033dcfc63585fddbf32d5b5cbb05
d911fec0a2d87807514141d2232585202047413d
afac238c5c5371119bea5317bc4a3ce8ed29041b6db6bdc2edfdbe375ab5b5b3

HTTP Headers

GET /graphics/icons/phone.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1108
Connection: keep-alive
Date: Fri, 09 Dec 2022 06:06:14 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:20 GMT
ETag: "7038033dcfc63585fddbf32d5b5cbb05"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vDyF-YE9AA3pFcEh80gPkWCDuROQF40Sfl4xVsEntqdWfDOs1sF9Fw==
Age: 60302

pennycronelasvegas.com/favicon.ico

96.126.99.100

200 OK

1.2 kB

URL HTTP/1.1
pennycronelasvegas.com/favicon.ico
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
29ceaf045e68c6ad5712cc20077dafb4
c6b11f6e1771a1c2688dc1599e4c4241c1544543
2138186dfa4453368676ca8a6e95248e8e5b93f411798c083a968502893a9baf

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=UEF1dG1YWmNJdEdaSGlYTmZBbUIrRGxZVzAvZWN2OFZORTU0SDFtOTFIU0NXTWpQWWF3V0VhZVVObjVqUjNVdUZGRzU4Vnkrbk04TFR6NWFCVTg3SjdaUkNHMXc1MWNtOExlc0poWGRZZjA4NnRyK3JjU0x1YmZGcFVGS3ZhODNGUFRSbEtnVnhoRUh0OCt1YjkrN0xuYUFhMW0rM0dlNHRLam1yKzhpVG8yaFl1aFptSDJnaTVBVGNFelFtNjNjUFVkYUVla0FtRGdXWCs3eDVOV1ZjQUIvODNwMVRxcDJPL2llZnhzZys1TDBqOEpDMHdqV2lDbkJiN1UvVldFMlJGdW1TUVRvOVR3cEtKVHJSMGU3c0FCYm54amZQblhoREdCdFJYVmx6N3N4ZmhZNndOVDlTUGNaL0I3MlVLaVkvMTNYc2djSGV0bUNJdXk2aEFtRW8zRkdicDdOYlA0MElmcWlzeHNydHNONXlXYVpOaldRNVArYWNZc1RzbS9rbTdDRGltT0huSm1YMTc5UDJOMjVFWGFzM1F6UTJNQk93ZXpsQjZuQ3p4cE9EYjU2ZzVnYlZLaXF1OEhLeGl4VEcxTXpOZ2JQdUdXQ0lWY1N1NVNXeGl3YUhTUkhtQWZrUEFHaHVWNmRQR21ZSTVBSVRRUU5Tb3k1NTBKRkF2aVNLd2E3WXE5R1dyanllMzFVTjBvbVpiM2tpRGJLOXFkK0lpTEhaNlp4MTVtMGJLdG5yR1VsRi9jTGN0clNiamRxSldvRTR0cDZxOGVjQ3lFL3VNa00zdjFVc1dBKzUvbmJJUUdBZjI0akRicFVOdndWcDU0VzJtcy9oRVEvMmM1RVk4YldkelJiT095Vk9mYnVuNlNXbTltcWxDZzcvWWZGZEhqcXBCazlEZ0tNNmZvdzFiMVl6amh1eU1KKzgwYldaUklEdTNkcVJDK256QktBN1Y4N3lBPT0tLTZZNVI0RFZ3ZjFzeWM0a3diWDBjMVE9PQ%3D%3D--bf14d4a7eb43422a5e8d86bb774ecf8af6b57b8d; pennycronelasvegas.com=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Fri, 09 Dec 2022 22:51:15 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 16 Nov 2022 20:26:03 GMT
Connection: keep-alive
ETag: "6375475b-47e"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 18:42:08 GMT
expires: Sat, 09 Dec 2023 18:42:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 14947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.35

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 33484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 22:51:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png

143.204.42.87

200 OK

1.1 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png
IP
143.204.42.87:0
ASN
#16509 AMAZON-02

File type
PNG image data, 15 x 9, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1118 bytes)
Hash
22b8c3f79865bd8b5b76a7b64ee8f773
ae8121cb8dd5091b8a4e687b7bf88248a238b45a
b79f36abeb8193e42be1cd9aa732224e72390b968788bf4259258234c37f1314

HTTP Headers

GET /graphics/icons/email.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1118
Connection: keep-alive
Date: Fri, 09 Dec 2022 22:51:16 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:24 GMT
ETag: "22b8c3f79865bd8b5b76a7b64ee8f773"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ibPk-akshfAFAU-7G1fxfw96ZsCBh_9CGu5kZ2PQLJU5CZWWhYc0Og==

dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png

143.204.42.87

200 OK

2.4 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png
IP
143.204.42.87:0
ASN
#16509 AMAZON-02

File type
PNG image data, 34 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2447 bytes)
Hash
f14d7380ba9be0a4929361f6f671db79
4dd6daa55e18da77d63263c090f09aa0ed74e5e0
8c8ab58ccdbce4cbd047f65c5fc8d2164e0c19b1c6c0a77cef3ec9a52f4a9115

HTTP Headers

GET /graphics/ico-home.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2447
Connection: keep-alive
Date: Fri, 09 Dec 2022 22:51:16 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:22 GMT
ETag: "f14d7380ba9be0a4929361f6f671db79"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IB5eMS89ZRfJKVhbh5aNuVvAEewhm57AiUFsiHwmgltPXiz8PjkQ8w==

dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png

143.204.42.87

200 OK

960 B

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png
IP
143.204.42.87:0
ASN
#16509 AMAZON-02

File type
PNG image data, 3 x 6, 8-bit/color RGBA, non-interlaced\012- data
Size
960 B (960 bytes)
Hash
bdd44b7aa14603803b2a86bf58ca4e08
970a73a2e0b9f310c2c92ba707d239f423e5d376
8ce0ad22308424363b02ac37b3e85133b7d4f7e50e1e170154af032dc1fe1c95

HTTP Headers

GET /graphics/icons/nav-arrow.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 960
Connection: keep-alive
Date: Fri, 09 Dec 2022 22:51:16 GMT
Last-Modified: Tue, 08 Sep 2015 00:17:16 GMT
ETag: "bdd44b7aa14603803b2a86bf58ca4e08"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O-ldDqArqeEQO5frhoiAgs1YkiOJ-IERxvM79bxeB-bLmJEXG-SZpA==

content.jwplatform.com/thumbs/Ktl62Zxz-720.jpg

143.204.55.18

302 Found

0 B

URL HTTP/2
content.jwplatform.com/thumbs/Ktl62Zxz-720.jpg
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbs/Ktl62Zxz-720.jpg HTTP/1.1
Host: content.jwplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: image/jpeg
content-length: 0
location: https://assets-jpcust.jwpsrv.com/thumbnails/9a8didp6-720.jpg
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
date: Fri, 09 Dec 2022 22:51:16 GMT
server: openresty
x-robots-tag: noindex, indexifembedded
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Hh4fepqjt1_kaV8_6E3v6QdfG5OoddyVBoA-nId2Kcute-BWEq5Y_g==
X-Firefox-Spdy: h2

assets-jpcust.jwpsrv.com/thumbnails/9a8didp6-720.jpg

151.101.194.114

200 OK

27 kB

URL HTTP/2
assets-jpcust.jwpsrv.com/thumbnails/9a8didp6-720.jpg
IP
151.101.194.114:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.24.102", baseline, precision 8, 720x404, components 3\012- data
Size
27 kB (26793 bytes)
Hash
68ac5c477870bf831758fcd62f43f8bf
8120d2f3e3f00b5994228a49271611d843ddc574
bf4d812ecb196a6132d562ec34c533dd8e4e578768456ad13a19ece305041e4e

HTTP Headers

GET /thumbnails/9a8didp6-720.jpg HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 29 Oct 2017 09:19:25 GMT
etag: "db16d83d9df9129e693cdc46f10f79ec"
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:16 GMT
age: 0
x-served-by: cache-iad-kiad7000058-IAD, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1670626276.364484,VS0,VE149
vary: Accept-Encoding
server: nginx
content-length: 26793
X-Firefox-Spdy: h2

jwpltx.com/v1/jwplayer6/ping.gif?h=972424200&tv=2.6.0&n=1114836317863236&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Halloween%20In%20Las%20Vegas&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=392&hls=&cp=0&sdk=0&emi=aa6ukhg2mub0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2FKtl62Zxz-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=Ktl62Zxz&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart

151.101.194.114

204 No Content

0 B

URL HTTP/2
jwpltx.com/v1/jwplayer6/ping.gif?h=972424200&tv=2.6.0&n=1114836317863236&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Halloween%20In%20Las%20Vegas&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=392&hls=&cp=0&sdk=0&emi=aa6ukhg2mub0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2FKtl62Zxz-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=Ktl62Zxz&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart
IP
151.101.194.114:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/jwplayer6/ping.gif?h=972424200&tv=2.6.0&n=1114836317863236&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Halloween%20In%20Las%20Vegas&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=392&hls=&cp=0&sdk=0&emi=aa6ukhg2mub0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2FKtl62Zxz-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=Ktl62Zxz&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart HTTP/1.1
Host: jwpltx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
accept-ranges: bytes
date: Fri, 09 Dec 2022 22:51:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 22:51:13 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+419; expires=Sun, 08-Dec-2024 22:51:13 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg

52.216.154.246

200 OK

0 B

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: /+na6iq6f9rY/J5MWdm3MwlLIdNvz697H9CZzX0P/iGvmcXcpGizbMlSGD7v+lOg53+9AvhTiIw=
x-amz-request-id: EA9C9VTRWD3DAH03
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 30 Nov 2015 02:55:12 GMT
ETag: "517180675348875d42a029031b8d4f81"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20263

s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg

52.216.154.246

200 OK

0 B

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg
IP
52.216.154.246:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2K/R3TNmb1pgaLhW4X1+5kiZTyj/hEizP91pObhLDqMsmIyfjOz4QtxcYE+M/w67R5xxyAajAis=
x-amz-request-id: EA91Q4PB80GFH57N
Date: Fri, 09 Dec 2022 22:51:15 GMT
Last-Modified: Mon, 01 Nov 2021 19:11:21 GMT
ETag: "03e76aa23591f601b791db719befda45"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19716

fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Playfair+Display:400,400italic,700,700italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:51:13 GMT
date: Fri, 09 Dec 2022 22:51:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Quicksand

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Quicksand
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Quicksand HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 22:51:13 GMT
date: Fri, 09 Dec 2022 22:51:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP