parisgroupsrealty.com/profilereview/document/resultcheking/?email=puertorico-sales@ecuworldwide.com/
91.235.116.232302 Found 6 B URL User Request GET HTTP/2 parisgroupsrealty.com/profilereview/document/resultcheking/?email=puertorico-sales@ecuworldwide.com/
IP 91.235.116.232:443
ASN #51177 THC Projects SRL
Certificate IssuerLet's Encrypt
Subject*.parisgroupsrealty.com
FingerprintED:EF:12:23:17:B0:95:47:6D:9B:EE:0F:20:E0:51:FE:5E:99:ED:C9
ValidityTue, 23 May 2023 08:15:14 GMT - Mon, 21 Aug 2023 08:15:13 GMT
File type ASCII text, with CRLF line terminators
Hash 81051bcc2cf1bedf378224b0a93e2877
ba8ab5a0280b953aa97435ff8946cbcbb2755a27
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
GET /profilereview/document/resultcheking/?email=puertorico-sales@ecuworldwide.com/ HTTP/1.1
Host: parisgroupsrealty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
content-type: text/html; charset=UTF-8
content-length: 6
content-encoding: br
vary: Accept-Encoding
date: Tue, 23 May 2023 20:54:15 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
91.235.116.232200 OK 1.2 kB URL User Request GET HTTP/2 parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
IP 91.235.116.232:443
ASN #51177 THC Projects SRL
Certificate IssuerLet's Encrypt
Subject*.parisgroupsrealty.com
FingerprintED:EF:12:23:17:B0:95:47:6D:9B:EE:0F:20:E0:51:FE:5E:99:ED:C9
ValidityTue, 23 May 2023 08:15:14 GMT - Mon, 21 Aug 2023 08:15:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d892152bac4ae4454803f3e99dea3354
c6c27ad8e6578ff247829ff9909351c7ca691dfb
bfe0f547db757b97f0ef908184c98b1837a782f6674b7889b6d5952ea85cd3cc
Analyzer Verdict Alert fortinet Phishing
GET /profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D HTTP/1.1
Host: parisgroupsrealty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 1172
content-encoding: br
vary: Accept-Encoding
date: Tue, 23 May 2023 20:54:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
parisgroupsrealty.com/profilereview/document/resultcheking/script.js
91.235.116.232200 OK 466 B URL GET HTTP/3 parisgroupsrealty.com/profilereview/document/resultcheking/script.js
IP 91.235.116.232:443
ASN #51177 THC Projects SRL
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerLet's Encrypt
Subject*.parisgroupsrealty.com
FingerprintED:EF:12:23:17:B0:95:47:6D:9B:EE:0F:20:E0:51:FE:5E:99:ED:C9
ValidityTue, 23 May 2023 08:15:14 GMT - Mon, 21 Aug 2023 08:15:13 GMT
File type ASCII text, with CRLF line terminators
Hash 211f8cf5a7bcd739db5dfcd593f44007
b274a28026a44e149ca5b702366e36c46b714fed
15b7340efe5017cea897a832b6d84c5c83b884e7971b08402455fae9ea323836
GET /profilereview/document/resultcheking/script.js HTTP/1.1
Host: parisgroupsrealty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 30 May 2023 20:54:15 GMT
content-type: application/javascript
last-modified: Fri, 09 Oct 2020 11:05:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 466
date: Tue, 23 May 2023 20:54:15 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 20:54:16 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 85068
expires: Sun, 12 May 2024 20:54:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK7dqC2gz3wMwBtvN2ohzr9KnOPw0fOBIoFZ302QE3dUyL1om%2FBqkyDk429uKS8fAbgJ%2B4JAI3z61N672AHQ0C2Mepn7DGr2BMKFHxMC9HVFX5wAGRUOLB1J%2Fy3KVSstingMjXAs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cc0316e3fc7b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.4 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://parisgroupsrealty.com
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 20:54:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 05/01/2023 15:40:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 93853f81ea8a788b2befa54431a5a121
cdn-cache: HIT
cf-cache-status: HIT
age: 32290
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cc0316dfe2b0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.42200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.42:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 14:34:00 GMT
expires: Sun, 19 May 2024 14:34:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 282016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 732ed209e10454157ef1d4fd0b1626ad
bfa02e7cac5d8912d0a7e41d13cc41096fc5fb61
7a1a679c21f79a9bd2df2fe75fdb6da354f0573a50dc14d425f939f176fe7ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 20:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash c61584e878bfd7b940857c8034341969
5a4bf27493126de5908b9f35a88873969eef7725
917a742ac9b9dc67eab723301c3cd0cafb14b00588879b91651a6c10105c106f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 20:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash c61584e878bfd7b940857c8034341969
5a4bf27493126de5908b9f35a88873969eef7725
917a742ac9b9dc67eab723301c3cd0cafb14b00588879b91651a6c10105c106f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 20:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/favicons?sz=32&domain_url=ecuworldwide.com/
216.58.207.228301 Moved Permanently 337 B URL GET HTTP/2 www.google.com/s2/favicons?sz=32&domain_url=ecuworldwide.com/
IP 216.58.207.228:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d13a107c93a6c1fd243ffcbd63eafc14
a4c489c94318695fd9e14d1c597bd18f453d5324
abd8cc4346adb9d76d7cc568a287b6b2ed01e3214fce238387ad8177d51cc1bd
GET /s2/favicons?sz=32&domain_url=ecuworldwide.com/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:54:16 GMT
expires: Tue, 23 May 2023 21:24:16 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?sz=32&domain_url=ecuworldwide.com/
216.58.207.228301 Moved Permanently 337 B URL GET HTTP/2 www.google.com/s2/favicons?sz=32&domain_url=ecuworldwide.com/
IP 216.58.207.228:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d13a107c93a6c1fd243ffcbd63eafc14
a4c489c94318695fd9e14d1c597bd18f453d5324
abd8cc4346adb9d76d7cc568a287b6b2ed01e3214fce238387ad8177d51cc1bd
GET /s2/favicons?sz=32&domain_url=ecuworldwide.com/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
x-content-type-options: nosniff
server: sffe
content-length: 337
x-xss-protection: 0
date: Tue, 23 May 2023 20:54:16 GMT
expires: Tue, 23 May 2023 21:24:16 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 9c817c68678aaebba402d2db22cb59c9
ccb1a8235ed5fa71f123f08f0552a3be32bdae68
f1049951525f8421e916796c132e3f5c91b252f24f3752dcf7db806b8ee84430
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 20:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
parisgroupsrealty.com/profilereview/document/resultcheking/img/default.jpg
91.235.116.232200 OK 1.2 MB URL GET HTTP/3 parisgroupsrealty.com/profilereview/document/resultcheking/img/default.jpg
IP 91.235.116.232:443
ASN #51177 THC Projects SRL
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerLet's Encrypt
Subject*.parisgroupsrealty.com
FingerprintED:EF:12:23:17:B0:95:47:6D:9B:EE:0F:20:E0:51:FE:5E:99:ED:C9
ValidityTue, 23 May 2023 08:15:14 GMT - Mon, 21 Aug 2023 08:15:13 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 1.2 MB (1151108 bytes)
Hash 5efc2b3dfffbd019548e9aede04ec1fe
5cacecc6d3765a9ca66ba8ab0fe40313c1bf9b3a
a6baa596c961ffab09d260ba7d7c743114ff7016e13e853b9b0f25bceac17255
GET /profilereview/document/resultcheking/img/default.jpg HTTP/1.1
Host: parisgroupsrealty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 30 May 2023 20:54:16 GMT
content-type: image/jpeg
last-modified: Fri, 09 Oct 2020 02:13:10 GMT
accept-ranges: bytes
content-length: 1151108
date: Tue, 23 May 2023 20:54:16 GMT
server: LiteSpeed
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
216.58.207.228 726 B URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
IP 216.58.207.228:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://parisgroupsrealty.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:54:17 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
216.58.207.228 726 B URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
IP 216.58.207.228:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://parisgroupsrealty.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:54:17 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ec5e2945678cfa7511125f457063f33d
b4b501c267d6bdc3f26d9fb93de3c562576dde94
e7bf71c2fc9c590f69f274f44eff79815790824351aa636fdd59d857adec92dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 20:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ec5e2945678cfa7511125f457063f33d
b4b501c267d6bdc3f26d9fb93de3c562576dde94
e7bf71c2fc9c590f69f274f44eff79815790824351aa636fdd59d857adec92dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 20:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ec5e2945678cfa7511125f457063f33d
b4b501c267d6bdc3f26d9fb93de3c562576dde94
e7bf71c2fc9c590f69f274f44eff79815790824351aa636fdd59d857adec92dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 20:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
104.18.11.207200 OK 40 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (39553)
Hash 2f34b630ffe30ba2ff2b91e3f3c322a1
b16fd8226bd6bfb08e568f1b1d0a21d60247cefb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
GET /bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 20:54:16 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 2021-08-01 19:19:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6923066369371d6997c92d232b1a01f3
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20496790
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cc0316e3aeafac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
216.58.207.228404 Not Found 726 B URL GET HTTP/3 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
IP 216.58.207.228:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://parisgroupsrealty.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:54:17 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
216.58.207.228404 Not Found 726 B URL GET HTTP/3 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32
IP 216.58.207.228:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ecuworldwide.com/&size=32 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://parisgroupsrealty.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:54:17 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
104.18.11.207200 OK 122 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
IP 104.18.11.207:443
Requested by https://parisgroupsrealty.com/profilereview/document/resultcheking/sign/?fixyouincominge_hjdhjsjhsnmw5455jhjhjs4454aha=cHVlcnRvcmljby1zYWxlc0BlY3V3b3JsZHdpZGUuY29tLw%3D%3D
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65369)
Size 122 kB (121457 bytes)
Hash 7f89537eaf606bff49f5cc1a7c24dbca
b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
GET /bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://parisgroupsrealty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 May 2023 20:54:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 2021-03-10 20:26:25
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 61d285a2b452357d1d833ab142fef512
cdn-cache: HIT
cf-cache-status: HIT
age: 2650032
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cc0316e4aedfac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2