firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 22:09:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ghjq9v-sYKo7mNNEOZXIA9sm3gPPNvDF2NUgqc4ChW7s9oH1177xNA==
Age: 2973
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Thu, 15 Sep 2022 00:22:35 GMT
Date: Wed, 14 Sep 2022 22:59:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PhOm3lH6YqvV9Nen0zK10QsLhFvOIDZ5sQJSwF-lTAzzxj3q-8Q0qw==
age: 66257
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.merryquant.com/
301 Moved Permanently 235 B IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6cffe03ed5b0eb6cd13070c9b7745b56
c776513a0d4c2c9291ff30abc6b43098c49ebbb0
f0007f14b94d3077e6129ff42dba098f4e9d289b1568c4bb49cd8c6ac09caee1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 22:59:32 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 235
Location: https://www.merryquant.com/
X-Server-Cache: true
X-Proxy-Cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 22:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 22:12:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qxOjgqEFaWc9eRk1bjAmF-UtGEAh6ko04-FHD9FU2dtUSsoL01SVNg==
Age: 3370
ocsp.digicert.com/
200 OK 471 B IP
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4357
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:33 GMT
Last-Modified: Wed, 14 Sep 2022 21:46:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7de29802037ca4fa56dfc5ddbff31573
7eb26e755f4b48b6a2aa7bcde325c0e3e5ca6596
085897999f602f4f5abf011eda69c03266fe2e282f5077830bbcce182306c8e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "085897999F602F4F5ABF011EDA69C03266FE2E282F5077830BBCCE182306C8E0"
Last-Modified: Wed, 14 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Sep 2022 04:59:33 GMT
Date: Wed, 14 Sep 2022 22:59:33 GMT
Connection: keep-alive
www.merryquant.com/
301 Moved Permanently 0 B IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
x-redirect-by: WordPress
location: https://merryquant.com/
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fZ9CixkpUwpKBuIIJ3LSiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ta9kPocqopZF6fyn1U+fPSf5GlI=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
merryquant.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css
200 OK 4.5 kB URL HTTP/2 merryquant.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21597)
Hash 7f01d3c2dd8fdc231241f6a3b10def8c
76646b14e9ce97d384b9adb20c622f09c7ecd140
999c4a983cd4b5a1a7652aa436630a18c1a6dbf91de090c903ab507b07df536a
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 18:08:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4487
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo-child/style.css
200 OK 175 B URL HTTP/2 merryquant.com/wp-content/themes/dondo-child/style.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 963c592070a88794c067aa324db8d5ec
8e475f64162bdfb79e595186c2dccb4abdb63f32
961aa4accbfd6c778ae61ed75c30e4fcd6297a11f584da927bfd4f7001d6a6db
GET /wp-content/themes/dondo-child/style.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:45:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 175
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/css/social-icons.css
200 OK 5.0 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/css/social-icons.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (20944), with no line terminators
Hash 43add5dee8e48dc1d8eb6262029505dc
e29a1a3cc0fb097fed68420cd78b9c51713f4b72
3b4d011973b14c560a680abf0fcacbcdd6341427a4c3e4bedd4c2abd869f8de1
GET /wp-content/themes/dondo/assets/css/social-icons.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5021
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/css/et-line-icons.css
200 OK 1.7 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/css/et-line-icons.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5862), with no line terminators
Hash 308f943bfb03c77bdbc60b408dc8431e
7ea33c21ba53a597c91c604cf4b5f84f2e1bce49
fdd13412bc9190d9f277d55a43e091079fb6bd12811e6d5b03c283ded5ba2778
GET /wp-content/themes/dondo/assets/css/et-line-icons.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1652
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/css/flaticon.css
200 OK 290 B URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/css/flaticon.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (689), with no line terminators
Hash 697c2778594d3cd577dc33d0ebb3fed1
a623ad4e9fd7a9480a629595f2b6eedaf01153c3
65a39a08330738339467e41d2e5d9efbf22d2c17cb5670efdf0a25f7386d772b
GET /wp-content/themes/dondo/assets/css/flaticon.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 290
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/js/prettyPhoto/css/prettyPhoto.css
200 OK 3.9 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/js/prettyPhoto/css/prettyPhoto.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (402)
Hash b9d9c1a1ba53f3987b0074a21c5e8c50
0de9fe5cad5a4d55285f1bb6c733c6995b514aad
364a2f2f697d7c232f3405aa124886dec0ead94a84848991285a84cccd47a626
GET /wp-content/themes/dondo/assets/js/prettyPhoto/css/prettyPhoto.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3901
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/css/jquery.mCustomScrollbar.min.css
200 OK 6.5 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/css/jquery.mCustomScrollbar.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43184), with no line terminators
Hash 17fda83709494b2fc3ee465cd97c6c86
28f7165fc97c6c51e7d96f475794b14327a0dcf6
18f17f071f0e912f488b2e2aa3e1e4c73f6c5312ca144571bdc34817231692af
GET /wp-content/themes/dondo/assets/css/jquery.mCustomScrollbar.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6472
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css
200 OK 1.6 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13766)
Hash 13f5ebc99b21456a01b4805bd18082e6
da0d8434f392c68a4fa74cdeb41fb257de193e4c
2c7a49b6fb945a1305d1547888d88fe0ce6b31be99be7339af884c999ac2faca
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1608
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css
200 OK 4.4 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26516)
Hash fdd462f58aee3f9349eabdefb5ca0b57
bb6e017d5537630516ccb98952593690a8c69864
ca51806fcedbe90dd613c4c28673af8693381806a5cb3b43dce2ea4f43e8b314
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4436
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 620db029748cd95c04543d45c7884a97
9fc4085c48eb7b4f0e39feeb0d5142f4ca3a5071
755459facc35f3678d115b1dec7c7b0b2971aa53b6c96c0892b9912277e98de6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "755459FACC35F3678D115B1DEC7C7B0B2971AA53B6C96C0892B9912277E98DE6"
Last-Modified: Wed, 14 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Thu, 15 Sep 2022 04:58:48 GMT
Date: Wed, 14 Sep 2022 22:59:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cf8e05aef51545593d189f16121599d4
d775ea6a6804cc361f5db5362067a58f2a8a23b8
8e2b37c13bcb0d4ea351155c9ded414477b20f366becd8300d5e4bda5e95656d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E2B37C13BCB0D4EA351155C9DED414477B20F366BECD8300D5E4BDA5E95656D"
Last-Modified: Wed, 14 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Thu, 15 Sep 2022 04:58:49 GMT
Date: Wed, 14 Sep 2022 22:59:33 GMT
Connection: keep-alive
theme-dutch.com/presents/dondo/wp-content/themes/dondo/tdframework/admin/images/mobile-logo.png
200 OK 1.4 kB URL HTTP/2 theme-dutch.com/presents/dondo/wp-content/themes/dondo/tdframework/admin/images/mobile-logo.png
IP
File type PNG image data, 40 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a55082fb89bc3dea5e1fd69d22cb9e0
85ae438a26bfccb84d44a0b02d69e768b5637fde
5711b98775ffd4e128e09c1b58666526824822e4a74e0bf35f6f201464e71dfe
GET /presents/dondo/wp-content/themes/dondo/tdframework/admin/images/mobile-logo.png HTTP/1.1
Host: theme-dutch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 21 Sep 2022 22:59:33 GMT
content-type: image/png
last-modified: Thu, 01 Oct 2020 22:42:58 GMT
etag: "549-5f765b72-70d385efbee52671;;;"
accept-ranges: bytes
content-length: 1353
date: Wed, 14 Sep 2022 22:59:33 GMT
server: LiteSpeed
x-powered-by: PleskLin
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
theme-dutch.com/presents/dondo/wp-content/themes/dondo/tdframework/admin/images/logo.png
200 OK 3.5 kB URL HTTP/2 theme-dutch.com/presents/dondo/wp-content/themes/dondo/tdframework/admin/images/logo.png
IP
File type PNG image data, 330 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 096ac2f2b9b5c7c6064a7cc93c3fb78a
8e08620bfab9bf3acc24b3e9186c9544c06eb0ba
14c4da4173a9534af5d4889e21c6094252bdfd9f022df010a45814211d9a4ff2
GET /presents/dondo/wp-content/themes/dondo/tdframework/admin/images/logo.png HTTP/1.1
Host: theme-dutch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 21 Sep 2022 22:59:34 GMT
content-type: image/png
last-modified: Thu, 01 Oct 2020 22:42:58 GMT
etag: "dc8-5f765b72-ac856cf2398f5bfe;;;"
accept-ranges: bytes
content-length: 3528
date: Wed, 14 Sep 2022 22:59:34 GMT
server: LiteSpeed
x-powered-by: PleskLin
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cf8e05aef51545593d189f16121599d4
d775ea6a6804cc361f5db5362067a58f2a8a23b8
8e2b37c13bcb0d4ea351155c9ded414477b20f366becd8300d5e4bda5e95656d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E2B37C13BCB0D4EA351155C9DED414477B20F366BECD8300D5E4BDA5E95656D"
Last-Modified: Wed, 14 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Thu, 15 Sep 2022 04:58:49 GMT
Date: Wed, 14 Sep 2022 22:59:34 GMT
Connection: keep-alive
merryquant.com/wp-content/uploads/elementor/css/post-848.css
200 OK 6.1 kB URL HTTP/2 merryquant.com/wp-content/uploads/elementor/css/post-848.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31456), with no line terminators
Hash d56b9dac72efb1e57e704e9b22ce9e1f
036256763050198048d091830c5fcebc2d386ae7
d8987c0f6da113503e4ac76a2054d0ef9cb9218517ecab3388167bbca09116d0
GET /wp-content/uploads/elementor/css/post-848.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 16:46:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6086
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
200 OK 7.1 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7112
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/elementor/css/global.css
200 OK 5.5 kB URL HTTP/2 merryquant.com/wp-content/uploads/elementor/css/global.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31060)
Hash 46591fe67f5ab38d5c7d893f08ec72c8
2ca06baf6cbb390559632e91e7188eda31d63640
c4da96e7b17cbfa5151633c8cf8b59737a2a3fdd8bf2447338d9d05220d1d3aa
GET /wp-content/uploads/elementor/css/global.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 16:46:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5454
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css
200 OK 900 B URL HTTP/2 merryquant.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3432)
Hash 1e0ef5b4ebd931aecd01564980628978
e618b92e03a6c4bd4abffed22abb1e835c05a601
1deef467f6db854d82e8c6288086664c7cf60a41b18bb7216d63bb83061ba878
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 16:28:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 900
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
200 OK 4.0 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4008
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/td-shortcodes/inc/css/animate.min.css
200 OK 6.0 kB URL HTTP/2 merryquant.com/wp-content/plugins/td-shortcodes/inc/css/animate.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (54696), with CRLF line terminators
Hash f66ab40a7e81aed0b1699fb412daa7cc
37c60afc62aa392651ad6ca4d04757c6eea3e5a8
ee243b46bae2e7a1dc4104cf1d0e35b73f1c7124537a69d4a4751501d2e37cbc
GET /wp-content/plugins/td-shortcodes/inc/css/animate.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 01:27:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6025
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/instagram-feed/img/placeholder.png
200 OK 176 B URL HTTP/2 merryquant.com/wp-content/plugins/instagram-feed/img/placeholder.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1000 x 560, 1-bit colormap, non-interlaced\012- data
Hash a5443c5bb9bd40f1b1e6652eedce9925
aefb6c761d953a69c8b7ee7d98cad00545d74364
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
GET /wp-content/plugins/instagram-feed/img/placeholder.png HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 18:08:38 GMT
accept-ranges: bytes
content-length: 176
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/js/prettyPhoto/js/jquery.prettyPhoto.js
200 OK 7.5 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/js/prettyPhoto/js/jquery.prettyPhoto.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21223)
Hash 943defc85539a3513d3a76442d5c3307
2633f53e5a6b04544a803961504327fe059f357a
31658dc37ad1feeeee8137866f0476b43894725ff63f62db3c2e0f6b9d4ee2b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dondo/assets/js/prettyPhoto/js/jquery.prettyPhoto.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7455
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/elementor/css/post-2229.css
200 OK 444 B URL HTTP/2 merryquant.com/wp-content/uploads/elementor/css/post-2229.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1313), with no line terminators
Hash 58e00b6abb109b3136394b43fce3b42b
39c20fb5f9015ca8fe147e9ff10b913c7d36a93d
0c3a27a7b9caeed858cd9e6b55082b297565b06fee7b7098f3fda1677184a132
GET /wp-content/uploads/elementor/css/post-2229.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 16:46:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 444
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/contact-form-7/includes/css/styles.css
409 Conflict 83 B URL HTTP/2 merryquant.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
merryquant.com/wp-includes/js/wp-emoji-release.min.js
200 OK 5.3 kB URL HTTP/2 merryquant.com/wp-includes/js/wp-emoji-release.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Jun 2022 04:41:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/js/modernizr-min.js
200 OK 3.8 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/js/modernizr-min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (7648)
Hash 970787c9cf9dc7623528db6b7419ca9c
f197c4383f622bc165e444cc4bfd28401f8f6891
c800c1e7714a89aa0f1d83ccb93b2bba6918bdd1d2c04ba840782af4b17516e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dondo/assets/js/modernizr-min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3780
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js
200 OK 4.4 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14869)
Hash 7bab7ad64ffbd7846dd6819250b93e2e
c924918d540389aff62220088b6761f38a5da272
045250efe67364c953a91f6a60cf407ebb5cfdb2da04e84c3d98e5bab5eca9ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4359
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
200 OK 13 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12862
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/td-shortcodes/css/shortcodes.css
200 OK 17 kB URL HTTP/2 merryquant.com/wp-content/plugins/td-shortcodes/css/shortcodes.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 40031449de27430480f36f01e225fffc
511090f8080827348071a267eab69995096a4000
c950189a1a40ad01bebe8db231ee24f5d6e8ea0d63f967d78cbf0edb3e3653fc
GET /wp-content/plugins/td-shortcodes/css/shortcodes.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 01:27:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16838
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/reading-progress.min.css
200 OK 242 B URL HTTP/2 merryquant.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/reading-progress.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (839)
Hash 0e6c84d247e48c8f1d6168487d5e2f44
609143dc8c93514467e3d16b7954ff7adaf8f7b6
288c413ee68286dc29b9bee5c42d944075cb7fc8d462df1a2674d34c40913699
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/reading-progress.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 16:28:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 242
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
409 Conflict 83 B URL HTTP/2 merryquant.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/td-shortcodes/inc/js/jquery.countTo.js
200 OK 1.1 kB URL HTTP/2 merryquant.com/wp-content/plugins/td-shortcodes/inc/js/jquery.countTo.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5719a672df50e9889b6c54466cc082ca
713778c0aea64b663c1541e0ea18dd1aa20a3588
8b17f0fd6114c44efad47b4ae45bd3afb372769acd7771f7af54b66bad26649b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/td-shortcodes/inc/js/jquery.countTo.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 01:27:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1077
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/td-shortcodes/inc/js/jquery.appear.js
200 OK 1.0 kB URL HTTP/2 merryquant.com/wp-content/plugins/td-shortcodes/inc/js/jquery.appear.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash bbe7a9994f6112d2c924e6a029e491ce
f0adbc437510c9f8f49d68dc6aad675bb35dda9b
f8d13f4fd5f3c10860b5fd09dabcdf33f090379d1b75390912fa6d38503f79ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/td-shortcodes/inc/js/jquery.appear.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 01:27:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1033
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
200 OK 3.0 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2997
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/contact-form-7/includes/js/index.js
409 Conflict 83 B URL HTTP/2 merryquant.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/reading-progress.min.js
200 OK 575 B URL HTTP/2 merryquant.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/reading-progress.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1215), with no line terminators
Hash 5b3b2d3aa18349eb3e96edf6ab532206
8c8a19b04c0fc9a30ee3886b5cbb4e272a56d6ce
61827459b2dc1f0637d71dc4d58289e84226883383cdfb754b98bf8dcadb9039
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/reading-progress.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 16:28:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 575
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3Anormal%2C500%2C100&subset=latin
200 OK 3.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3Anormal%2C500%2C100&subset=latin
IP
File type ASCII text, with very long lines (504), with CRLF, LF line terminators
Hash 77b4c194a48c9d8d6cf1ba3ce7f48656
2c7fd8d29506b700911f23dbca79923b9700bd5a
8d0b60af62e732923581368c6aea05f8cbd0983f92191801a73be32e2e9c2e3d
GET /css?family=Raleway%3Anormal%2C500%2C100&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 22:59:33 GMT
date: Wed, 14 Sep 2022 22:59:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js
200 OK 330 B URL HTTP/2 merryquant.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash ee15b925f136014f4c8e9b5a5eed06b1
a2e987e94941e875ef57fb35208d31744cb55955
ee909102fb9f079a1dca03a0a5d890f2e6682e45aa55189334e0190a79cb995d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Feb 2021 23:49:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 330
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
200 OK 2.3 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash 3ba9e7acbaac75ed8dcd94cf7ccd8dfe
f4e54da2405e2769cfd504160ae80f4733c327d4
08ba8395c2fda99339aa5bc733dba575be45094ee9435e36c74d7ad67377dd7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2313
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3Aitalic&subset=latin
200 OK 3.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3Aitalic&subset=latin
IP
File type ASCII text, with very long lines (8016)
Hash 51a0f3ee60e9d51d296bf9cbd50a6809
d77d00c740ff8b4e4987ffd556b8e889d7008d33
8705a87138ad33ed97bec5cfd889738edd5a953bf845d34f86ae63f25a07afc8
GET /css?family=Lato%3Aitalic&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 22:59:33 GMT
date: Wed, 14 Sep 2022 22:59:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/js/f4d-theme-scripts-min.js
200 OK 17 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/js/f4d-theme-scripts-min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash c930f575b19a5c309ac206acbbce2fcc
964ab569ccda0d280262dedb1239e049ae14dd93
59191f2c6ff8b79d47dc062db2c185cc1a45bb9882b9bc5dcc11ed1a275940b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dondo/assets/js/f4d-theme-scripts-min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16977
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
200 OK 2.5 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5141)
Hash ca104fa1d73653188a2b5fa43006e74d
7ed04628cb95a6e691d6a01b05e8aee31334a571
1aefbbf136d8d8e1a8e917a4b654a0aa49cd4dd2297148849346a31c74565c36
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 06:10:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2451
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js
200 OK 9.8 kB URL HTTP/2 merryquant.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27578)
Hash 0ed40f6324a5b865c2420ef2ee54e122
1f437f4efc895cb01d41aed4bb6fa5cb1c26df15
b30f9ec7831aa91b205849c4e45d7ccb20d3fb3a7f157b53bedbed9221f78585
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/instagram-feed/js/sbi-scripts.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 18:08:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 9776
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.1/css/jetpack.css
200 OK 29 kB URL HTTP/2 c0.wp.com/p/jetpack/11.3.1/css/jetpack.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash fde25dc3749f6510f34f32dececbb79e
a19728d9e9d090da3b0c8c7af1b341387ae92dd9
f4f102fb3e30c5a53ea706536ba6a5e9a16b3974a5bd68896c1bf83fcea298aa
GET /p/jetpack/11.3.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 17:25:16 GMT
content-encoding: br
expires: Thu, 14 Sep 2023 22:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/js/jquery.mCustomScrollbar.concat.min.js
200 OK 16 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/js/jquery.mCustomScrollbar.concat.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32108)
Hash fb68056c075358107080799b278809f5
94b94da4be885a77adfb80ca3d9eae261e4527a0
44cdbc6edacc41b2c4f6a3cc53bff07a6eb2ce2e85bcec12b807f3454732e62f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dondo/assets/js/jquery.mCustomScrollbar.concat.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 15857
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js
200 OK 1.2 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2620), with no line terminators
Hash 55936584085d0d310919b755eda1ab3f
be317c3b2ed5143669375295b3107e591bf708da
aad2265c39cafa6e01b791b1ef5025a2d237ee91346ef446beb722fdcd578d58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1187
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js
200 OK 1.7 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3703)
Hash a94d97f8e8fb7ad382918f892fb7ab3f
fed47123b6dbbd43644ddede3d891b03e4a678cc
a0c4bae3be34ab2fa9b0d2e171044615fc2a877def9a508e10018953b56cd956
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 06:10:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1680
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js
200 OK 4.2 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10544)
Hash 552977febe8ef2c71b0806dfaefd2552
01baebfd09383c5d44f066e7b5540fcca6a5eae4
7895907f5a4f54c08c4705b1a194e21c556d68027c5e0a70d4c05b377e712b1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4200
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
200 OK 3.7 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3747
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
200 OK 27 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
IP
File type ASCII text, with very long lines (43771)
Hash 8b441532d7e33a451987d58087bdca2c
c00069878e4a0b867df1adbfe68f8e9d6a911e62
8bee46fca0bc927ace8c5e286d576e904602d48a0e1f4bae874ba20bf5cc24a7
GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Thu, 14 Sep 2023 22:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 18 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
File type ASCII text, with very long lines (4186), with no line terminators
Hash fc1f0eaf2b3803cbcc278ed99c0b99a5
6d263a3834df556034ac83ebb60974dddd62ae9b
07613caad328ea53da368d2c5ec2cf8df7eab86ca3bdd913e02d148a6d2512bf
GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Thu, 14 Sep 2023 22:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
merryquant.com/
200 OK 48 kB IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25685)
Hash dccfe0e8a144a30a470eedbe701cd011
eff71e80a32f43fa40c7d5cc5155e0b74f226e75
1c99e7e43dc9d972553f6144d327ea7969e196c00220b73b83a7af3cfafb6674
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://merryquant.com/wp-json/>; rel="https://api.w.org/", <https://merryquant.com/wp-json/wp/v2/pages/848>; rel="alternate"; type="application/json", <https://merryquant.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/css/styles.css
200 OK 58 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/css/styles.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash c05dc7df29c2bb1c45419917150350eb
13975af88284a123c497c4f2d3ee7ec599f3cbbf
ed6b1e9b22153599e576d41cba718de9ff4966ef2b53c679af180b73632ef487
GET /wp-content/themes/dondo/assets/css/styles.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
merryquant.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css
200 OK 74 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash ab8394264db7313ecccc84b53ef2b25c
466cd9754370603c9ca24b5410fd30d5569731b7
0a379fb4691290820ef782a41e5457c15fb714159a304f09b7d890f143c3385f
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 06:10:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merryquant.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:13:12 GMT
expires: Tue, 12 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 179182
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merryquant.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 12326
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merryquant.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:14:36 GMT
expires: Tue, 12 Sep 2023 21:14:36 GMT
cache-control: public, max-age=31536000
age: 179098
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/antic/v19/TuGfUVB8XY5DRZZMq9k.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/antic/v19/TuGfUVB8XY5DRZZMq9k.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13600, version 1.0\012- data
Hash c2572d29a57a5601cb5a63554cc95079
71faad9352e35494321327bafcb04afb2c616e62
0176504491001ceef8c408e33132b91158574bd334890561f8ccc8080ec6f48f
GET /s/antic/v19/TuGfUVB8XY5DRZZMq9k.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merryquant.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:51:31 GMT
expires: Thu, 14 Sep 2023 19:51:31 GMT
cache-control: public, max-age=31536000
age: 11283
last-modified: Tue, 19 Apr 2022 19:32:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merryquant.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:40:18 GMT
expires: Fri, 08 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 541156
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merryquant.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:21 GMT
expires: Thu, 14 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 12313
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merryquant.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 02:02:22 GMT
expires: Sun, 10 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 421032
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
merryquant.com/wp-content/themes/dondo/assets/fonts/flaticon.woff
200 OK 1.6 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/fonts/flaticon.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 1628, version 0.0\012- data
Hash bbaf82c856701d246585ccd099b7da71
7863481000bbc4ecf4c0168bf62d215d49ac192f
e8ff36deea3056f211ffccedf6648cd6521417dba7fba43cdc458bdad2320d11
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dondo/assets/fonts/flaticon.woff HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://merryquant.com/wp-content/themes/dondo/assets/css/flaticon.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:47 GMT
accept-ranges: bytes
content-length: 1628
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5557
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:59:34 GMT
Connection: keep-alive
merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
content-length: 77160
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5557
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:59:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5557
Expires: Thu, 15 Sep 2022 00:32:11 GMT
Date: Wed, 14 Sep 2022 22:59:34 GMT
Connection: keep-alive
merryquant.com/wp-content/themes/dondo/assets/js/TweenLite.min.js
200 OK 30 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/js/TweenLite.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 890a7678ace38c67040d7363727aaf10
dd1805aa4813ad90b366dbe39ae1dffe0ea578bf
9c6c472121011628ad931ed79e9625a6d6b02d5e464ac4f79b2f55a6aac69e2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dondo/assets/js/TweenLite.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/js/theme-scripts-min.js
200 OK 76 kB URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/js/theme-scripts-min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2815f7ccf06f2e43b31f0e03a2128686
f0dfa3b0bbe099fccd9bd61b4a17d1caebb0aec5
a45367a78f412d737ccc94310b666b12c27cf69f3978e9333c806f9e3368f6e6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dondo/assets/js/theme-scripts-min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vlo8vCUrKDtvhAGHSYKMmPk-wVNgx9OlU3ZVrpgG0tgk8ZBllAtXNQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:58 GMT
age: 9456
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb7c9c7f4257ab79526157f3ba507d6e
098d000aebd7ba0637fe420b9dfdacd2146af240
74fd95bcffcaf6919e8bca4184978340bef089528f9d184e7d88e1fd4c83288b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e20bf1d-c24c-4dc0-9796-f2f870591ff2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6484
x-amzn-requestid: cefd7270-c8ca-4ced-b9bd-52353fbefa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBIIUHOZIAMF9wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316ba35-7d4c4c53090c83ea3fadbf4e;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 03:10:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V0CJvbFSNJT2eHVOeCkdZNStr6eZg3EO0YTNyTUsmiirYMm9gfzBKg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:19 GMT
age: 4635
etag: "098d000aebd7ba0637fe420b9dfdacd2146af240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f42b72c3fd66a6758ebcf0ca8cc1a046
13d42d455f5131b7b861b97eb3f0e91236d4d222
4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10633
x-amzn-requestid: 2a8ec7f2-8704-440e-9966-ae4643d6aa5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YdyhcF6RIAMFTEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322313c-4d1bfab72580e62231978193;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 19:53:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Dr0K5GobFSc2ooWzPsbe6tfoTbF_NglaVuT8z-cM-B0AufMh_PohhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 9501
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:04 GMT
age: 4650
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcede4553-e9f1-4ab1-9d0e-2f0bfae52d09.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcede4553-e9f1-4ab1-9d0e-2f0bfae52d09.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a76383eca28732b4f7847139f12a5cb
6c1ed76ca3c29af41ef4031eaea6b9040465517b
5d205ffc5a3177111f640f270fd0204eef790e531f69299d3de075f9387df966
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcede4553-e9f1-4ab1-9d0e-2f0bfae52d09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8010
x-amzn-requestid: 498e0a9a-7fd6-4a08-9111-91020cbebdf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB59FiWIAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249d9-737b49125f659cb64d1de09a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ByjIeUOe8ws46kVoLkd08LpLIdiWkKJoIFxeXTGaHYB863tOGGlBuQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:39:22 GMT
age: 4812
etag: "6c1ed76ca3c29af41ef4031eaea6b9040465517b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/contact-form-7/includes/js/index.js
409 Conflict 83 B URL HTTP/2 merryquant.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=193309271&post=848&tz=0&srv=merryquant.com&host=merryquant.com&ref=&fcp=2302&rand=0.6597584853076893
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=193309271&post=848&tz=0&srv=merryquant.com&host=merryquant.com&ref=&fcp=2302&rand=0.6597584853076893
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.1&blog=193309271&post=848&tz=0&srv=merryquant.com&host=merryquant.com&ref=&fcp=2302&rand=0.6597584853076893 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:35 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/243253024_162875569359248_6406537407301621543_nlow.jpg
200 OK 9.9 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/243253024_162875569359248_6406537407301621543_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 722a95c5c5fd65823c19f4aa74681772
5ab799a568949fa579575a4726ff2a5fd9251529
0ab86cf2d86027e694de5bccae4af114a450366afe4ab3c8f2da4d92162245d0
GET /wp-content/uploads/sb-instagram-feed-images/243253024_162875569359248_6406537407301621543_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:01 GMT
accept-ranges: bytes
content-length: 9919
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/242512306_634135881094772_5555724350008989410_nlow.jpg
200 OK 16 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/242512306_634135881094772_5555724350008989410_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x320, components 3\012- data
Hash cd86042cc7e53fcd76b6bf3fa7732892
fa8c47e897abadcbb7021577abb9442ea07f42e7
781716b0d4dd57a43c52417508a860a10f623832678132f592f5ee4560d1e1f8
GET /wp-content/uploads/sb-instagram-feed-images/242512306_634135881094772_5555724350008989410_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:01 GMT
accept-ranges: bytes
content-length: 15458
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/184975825_2630104967290219_5176990290897195044_nlow.jpg
200 OK 16 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/184975825_2630104967290219_5176990290897195044_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x320, components 3\012- data
Hash 2fde5e8f89413ec9333ccbbc1a7f641c
f8a400d09c3461038e4b065f756a83d3b3966d86
90d5d6ec811fd80e7ed58ab993a469dec578a033ba69e079cd764af3ec632292
GET /wp-content/uploads/sb-instagram-feed-images/184975825_2630104967290219_5176990290897195044_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:03 GMT
accept-ranges: bytes
content-length: 15468
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/184768366_2910403022530083_8925838957691501012_nlow.jpg
200 OK 9.7 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/184768366_2910403022530083_8925838957691501012_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x320, components 3\012- data
Hash 0b1dd4ce9ad7754a9b412864532417df
6fcba2f63b6c309d2d6ce95b811ee47000339ac6
3c816c66c70e81ee923d389d8d079325ebe1f774c437593fdb6de68427b75389
GET /wp-content/uploads/sb-instagram-feed-images/184768366_2910403022530083_8925838957691501012_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:04 GMT
accept-ranges: bytes
content-length: 9722
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/186286102_3918823351505615_3460973847333496042_nlow.jpg
200 OK 14 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/186286102_3918823351505615_3460973847333496042_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x320, components 3\012- data
Hash 5298967456f93dbd3fdd2ad23f05e663
0dfcc87b66ebf447110c8da51c1ff1e48a94034d
f030cd883da009c14271bd23258f29a3007501984b3e2296ea6cd153c4cf7a1e
GET /wp-content/uploads/sb-instagram-feed-images/186286102_3918823351505615_3460973847333496042_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:03 GMT
accept-ranges: bytes
content-length: 14243
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/295373259_121711710433888_4564128499829541846_nlow.jpg
200 OK 15 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/295373259_121711710433888_4564128499829541846_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 035a3e5a447bfd2f22011eba7886d8f2
2067527e7f665753c48e92f4ae1af24217938a96
524831e31500734098fdb775fdaf3f442e7f417a0fbc9d36095bff9a343077b9
GET /wp-content/uploads/sb-instagram-feed-images/295373259_121711710433888_4564128499829541846_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Jul 2022 13:00:23 GMT
accept-ranges: bytes
content-length: 15377
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/243295294_457319125507108_2006618256382294369_nlow.jpg
200 OK 16 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/243295294_457319125507108_2006618256382294369_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 4aa062660363612f37e8b12cb867a2b5
097d9693de2379cfef3220f9a3488812569044bf
5c9a750c0cb271efdce2cf1621595cc42f5727059c10ef876487a7ec32ac9eda
GET /wp-content/uploads/sb-instagram-feed-images/243295294_457319125507108_2006618256382294369_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:00 GMT
accept-ranges: bytes
content-length: 16062
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/ui/core.min.js
200 OK 20 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/ui/core.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 1c55c5a2529d4c0d73f55ea2cf6bde8b
d786c4cdb5ea5d95c18283298f3f30d5943b55b1
d97718db5883a3aa35c455355e9fed95ca4c89189fe3e7e1833784569e611379
GET /c/6.0.2/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Thu, 14 Sep 2023 22:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 71 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
File type ASCII text, with very long lines (11256), with no line terminators
Hash baedceaa487634464d41cab547632e76
128c8ac5acb7e41b6480fe40ae5cae01fbadd35b
fb3186e36a2752bf4a81383c641e11f346fc5491a8719a8cb36bc8d764141c00
GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Thu, 14 Sep 2023 22:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/305107402_868018680832284_8907061913958449776_nlow.jpg
200 OK 29 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/305107402_868018680832284_8907061913958449776_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x569, components 3\012- data
Hash d9fe1dc11593335b4a63fa772da58af2
973574999b2fd2cba1781d403ad5ab72a939d711
6cda77a67671fffdd773b1928fe4078bafe9a00e793ec85433279a1cad669d44
GET /wp-content/uploads/sb-instagram-feed-images/305107402_868018680832284_8907061913958449776_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 01:00:18 GMT
accept-ranges: bytes
content-length: 28756
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/185466400_3047850422119192_8696518235891382584_nlow.jpg
200 OK 17 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/185466400_3047850422119192_8696518235891382584_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x320, components 3\012- data
Hash 569ccd6cb100b22134961b406ed105ff
b085773b2115c89242d7434365eabfe6ccad3a14
b8196bcbdff8da8f749135bdd48f6570c531b78af15b087510a1e7425acd0bf7
GET /wp-content/uploads/sb-instagram-feed-images/185466400_3047850422119192_8696518235891382584_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:04 GMT
accept-ranges: bytes
content-length: 17368
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/305423937_512825110654623_4397815287075913771_nlow.jpg
200 OK 23 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/305423937_512825110654623_4397815287075913771_nlow.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x569, components 3\012- data
Hash 2de37776e4bb884266dfd6f4760773da
1e50479a83c1a2cb6955610c652b5933f1aec59c
34f4c3254bf6e840a24147de6181008dc476647bc25c7c8b2094c55adc754c92
GET /wp-content/uploads/sb-instagram-feed-images/305423937_512825110654623_4397815287075913771_nlow.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 01:00:16 GMT
accept-ranges: bytes
content-length: 22840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
200 OK 78 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://merryquant.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
content-length: 78196
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Wed, 14 Sep 2022 22:59:36 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6971ad04397ebe0a117d03ae5c1de8c5
5179eab2d14b4c8c52c00fd6bf2953fb98ad5b8f
97a64e5b9bf5e3e347b23e4bbf41aa0fe6ffd379d50b379770f5c7347e6bb248
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6971ad04397ebe0a117d03ae5c1de8c5
5179eab2d14b4c8c52c00fd6bf2953fb98ad5b8f
97a64e5b9bf5e3e347b23e4bbf41aa0fe6ffd379d50b379770f5c7347e6bb248
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
merryquant.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js
200 OK 77 kB URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3206ff699663b59c95e3c11d86688405
8135badc99a021465f72b1479d1e55658fd02b2c
174e5d5a26848b90c6f472c92d0afc4e3755b369fd0d89c0799967fe0cf1e395
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 383260
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/243253024_162875569359248_6406537407301621543_nfull.jpg
200 OK 29 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/243253024_162875569359248_6406537407301621543_nfull.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x359, components 3\012- data
Hash 1cb139e086428e7de759f8dbf25c036d
5b348037c8da4307a06d1af6fcd8cc1cac3433f9
989f7a1239736399b6ab1bfb1c97530e71e55a697df57a1d0ffe07de7e413867
GET /wp-content/uploads/sb-instagram-feed-images/243253024_162875569359248_6406537407301621543_nfull.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:00 GMT
accept-ranges: bytes
content-length: 29446
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:37 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/295373259_121711710433888_4564128499829541846_nfull.jpg
200 OK 46 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/295373259_121711710433888_4564128499829541846_nfull.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Hash d50facabcf83cf000f730358ec748c63
4835323b44083f68c0b150ba45027e896e0abcb5
97bb19b30daf13f6ad5e8a25b6eff59150dad6afb3e1028177a0fd37d6c72d71
GET /wp-content/uploads/sb-instagram-feed-images/295373259_121711710433888_4564128499829541846_nfull.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Jul 2022 13:00:22 GMT
accept-ranges: bytes
content-length: 45511
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:37 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/sb-instagram-feed-images/243295294_457319125507108_2006618256382294369_nfull.jpg
200 OK 53 kB URL HTTP/2 merryquant.com/wp-content/uploads/sb-instagram-feed-images/243295294_457319125507108_2006618256382294369_nfull.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Hash ce32b8c4e67c3ac1e854e1a10b31dc22
8c59e5d831739fd0bd568014a4eb2090b1bd789d
34af1fca1129bbd671e48b3cfc619b89ab2bbab0b8bd440edd5d11f1eceec83b
GET /wp-content/uploads/sb-instagram-feed-images/243295294_457319125507108_2006618256382294369_nfull.jpg HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Jan 2022 02:55:00 GMT
accept-ranges: bytes
content-length: 53352
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 14 Sep 2022 22:59:37 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 14 Sep 2022 22:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 14 Sep 2022 22:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 22:59:23 GMT
expires: Wed, 14 Sep 2022 23:14:23 GMT
cache-control: public, max-age=900
age: 16
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 14 Sep 2022 22:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 14 Sep 2022 22:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
merryquant.com/wp-content/uploads/2021/06/Merryquant_Agency_Media_Kit_p_8-3.png
200 OK 0 B URL HTTP/2 merryquant.com/wp-content/uploads/2021/06/Merryquant_Agency_Media_Kit_p_8-3.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2021/06/Merryquant_Agency_Media_Kit_p_8-3.png HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 06 Jun 2021 07:46:54 GMT
accept-ranges: bytes
content-length: 18748419
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 14 Sep 2022 22:59:34 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ed97a4b82680caefc4ffdebf786e12fc
a638a68f346844709bac57a92bf3d2c28043165e
b81ed44963f5d8b54c62e7fe18db301d3c8eeaf8fbbfb099270562156e12fdc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash acec4dcd9fd9902d369a838dadadc817
35c9e729483ef1b5cf3ecfaa5414d4e7d425a892
20d7635ec2744ef82043dd65c66062fe551a97c3272df118b40a8ff892c74637
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 14 Sep 2022 22:59:39 GMT
server: ESF
cache-control: private
content-length: 30565
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
IP
File type ASCII text, with very long lines (35918)
Hash b600177efe473664fb627ad35ffbc4db
b85f65be40c923277d1455e64a33966ee9fa0838
ec20323b3d03a9e3cb135ab17c27cee75eab248b40f3ebed5062d80ef18f961f
GET /js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:03:05 GMT
expires: Thu, 14 Sep 2023 05:03:05 GMT
cache-control: public, max-age=31536000
age: 64594
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 52ce6d0d2f7ad959ede3776eb9ba1830
03c3bd4d89ab44323351f300bf4bcce7079d1dc6
6b8aa58f7341894c5b83fafa5385464b8a55c34b0ffe7f9d93aaacbf5386e3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/r7Gx2OPRsEU/sddefault.webp
200 OK 15 kB URL HTTP/2 i.ytimg.com/vi_webp/r7Gx2OPRsEU/sddefault.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c16a435310a605ee48392b05fea350c
866e7fa1c771e9ce9cec9caeef06e46867b6d5c3
075a67da2d222ea52f55f349ba09bc4f7d2d9cf3a475cccf59865892e0fee4df
GET /vi_webp/r7Gx2OPRsEU/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 15038
date: Wed, 14 Sep 2022 22:59:39 GMT
expires: Thu, 15 Sep 2022 00:59:39 GMT
cache-control: public, max-age=7200
etag: "1638913439"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3a1cecf88463021fe38a911a9e70c043
741d8825454d383b3fa132a914f2063fe9f88804
fba5761d10394a42938c346b7f9814704692e61f59aae39ba077419905f78ce4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 52ce6d0d2f7ad959ede3776eb9ba1830
03c3bd4d89ab44323351f300bf4bcce7079d1dc6
6b8aa58f7341894c5b83fafa5385464b8a55c34b0ffe7f9d93aaacbf5386e3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c014d9de6306a9ea3d333ec96c9b1efc
6ae84b3a941f10ec9ca177dc9bdcdecf8173ff65
4d71e9cc4c40bffdb7791db0b07d5365dff4680ec9be48dc27c788fe01250780
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 14 Sep 2022 22:59:39 GMT
server: ESF
cache-control: private
content-length: 30689
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu8E5HKZwpK1SzaaVRbpmYuniQXpwnLgc1Ru_1rr=s68-c-k-c0x00ffffff-no-rj
200 OK 2.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8E5HKZwpK1SzaaVRbpmYuniQXpwnLgc1Ru_1rr=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash d2ae5c019532a4ef96a535c30ef5e5e8
c2189c0781bc756ea66f787fe692b3553f742be9
422a51d8ccb46e5ba4c39e1eebc470fb22cacc14a89880b01fb3c36e95d30d59
GET /ytc/AMLnZu8E5HKZwpK1SzaaVRbpmYuniQXpwnLgc1Ru_1rr=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vb"
expires: Thu, 15 Sep 2022 22:59:39 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 14 Sep 2022 22:59:39 GMT
server: fife
content-length: 1954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3a1cecf88463021fe38a911a9e70c043
741d8825454d383b3fa132a914f2063fe9f88804
fba5761d10394a42938c346b7f9814704692e61f59aae39ba077419905f78ce4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52159404-0704-4df5-9f35-e4a1f747570b.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52159404-0704-4df5-9f35-e4a1f747570b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7082899e630002ee0b8c99889b989e0
b17c656ba220024540ab04f8d246cafd017cf728
15ccc20ac18b381beb84ad39f684fceea311243c9497e1d5f512aafe95cae863
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52159404-0704-4df5-9f35-e4a1f747570b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9814
x-amzn-requestid: 9a7523fc-5b9c-449a-b9a4-493f63a1a6fa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUhGnHQFIAMFyOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e7bc3-26ddc5e62dc268832dc9c24d;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 00:22:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5Hza1jsNo902Lcr9SW8-WMSidAJKfc3lVqxqbS7d_tDZqwv_4rcMzA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:43:54 GMT
age: 4547
etag: "b17c656ba220024540ab04f8d246cafd017cf728"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
merryquant.com/wp-content/themes/dondo/assets/css/f4d-styles.css
200 OK 0 B URL HTTP/2 merryquant.com/wp-content/themes/dondo/assets/css/f4d-styles.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/dondo/assets/css/f4d-styles.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Sep 2020 00:46:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/elementor/assets/css/frontend.min.css
200 OK 0 B URL HTTP/2 merryquant.com/wp-content/plugins/elementor/assets/css/frontend.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/elementor/assets/css/frontend.min.css HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 18:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP
GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Thu, 14 Sep 2023 22:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAntic%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAntic%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto
IP
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAntic%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 22:59:33 GMT
date: Wed, 14 Sep 2022 22:59:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
merryquant.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js
200 OK 0 B URL HTTP/2 merryquant.com/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js HTTP/1.1
Host: merryquant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Feb 2021 23:49:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy:
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2524
content-type: application/javascript
date: Wed, 14 Sep 2022 22:59:33 GMT
server: Apache
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
IP
GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Thu, 14 Sep 2023 22:59:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 0 B IP
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 22:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.powr.io/powr.js?external-type=wordpress
200 OK 0 B URL HTTP/2 www.powr.io/powr.js?external-type=wordpress
IP
GET /powr.js?external-type=wordpress HTTP/1.1
Host: www.powr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: application/javascript
cache-control: max-age=604800, public
cf-bgj: minify
expires: Thu, 14 Sep 2023 08:35:44 GMT
last-modified: Wed, 14 Sep 2022 08:35:36 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
age: 36627
server: cloudflare
cf-ray: 74acbbd7c84b0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/e-202237.js
200 OK 0 B IP
GET /e-202237.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 22:59:33 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Sep 2023 22:56:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merryquant.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Wed, 14 Sep 2022 22:59:37 GMT
date: Wed, 14 Sep 2022 22:59:37 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8wcCa5kK9FM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=MRMhiFZ5XFY; Domain=.youtube.com; Expires=Mon, 13-Mar-2023 22:59:37 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+633; expires=Fri, 13-Sep-2024 22:59:37 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
162.241.252.86
93.184.220.29
23.36.76.226
5.196.198.174
0.0.0.0