r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11469
Expires: Thu, 06 Oct 2022 12:39:38 GMT
Date: Thu, 06 Oct 2022 09:28:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8eAJxGA3crVjJ1EiYRISW7nqC3B3FrSX_v6LDn0TzFrmWUY-5jy0pA==
Age: 63671
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14305
Expires: Thu, 06 Oct 2022 13:26:54 GMT
Date: Thu, 06 Oct 2022 09:28:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: USZ0zjfb2ttTYGyBSQHUH6NbWlUiMtfR6T9+HY7yy2CvHtBx4BohIenycy6hVvTu24WKQPZHiLQ=
x-amz-request-id: HQXWDTGN30JHENZP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 08:30:42 GMT
age: 3467
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 09:28:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.ndvadvisers.com/vladmodels-katya-y117-47-154/
200 OK 16 kB URL HTTP/1.1 www.ndvadvisers.com/vladmodels-katya-y117-47-154/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3799), with CRLF, LF line terminators
Hash c76451e24f744a0a634496fb273718d4
fb29566c6cd7a09757fcd99c83fb95d61eaab09f
97b2197768d3e97c7740e755a5fa174c4290a44163d5f149c718d16185f001e1
Analyzer Verdict Alert fortinet Phishing
GET /vladmodels-katya-y117-47-154/ HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:28 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
X-Pingback: http://www.ndvadvisers.com/xmlrpc.php
Link: <http://www.ndvadvisers.com/wp-json/>; rel="https://api.w.org/", <http://www.ndvadvisers.com/wp-json/wp/v2/posts/51874>; rel="alternate"; type="application/json", <http://www.ndvadvisers.com/?p=51874>; rel=shortlink
Set-Cookie: pll_language=en; expires=Fri, 06-Oct-2023 09:28:28 GMT; Max-Age=31536000; path=/; SameSite=Lax
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16043
Content-Type: text/html; charset=UTF-8
X-Varnish: 285247401
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Accept-Ranges: bytes
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.12
200 OK 1.3 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.12
IP
File type ASCII text, with very long lines (679), with CRLF line terminators
Hash b7cd5bb4d0d6e084f06e613e98fbbbbe
9be5c3c6f6166b553565dc6c14fcc9d478df480d
8f7ec5a74851e2ee02d6b1f7cdd9ff3436c223258e68d7714176f3a351f21904
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.12 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 02:34:09 GMT
ETag: "1060-5d90ae216f7e3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1268
Content-Type: text/css
X-Varnish: 312803580
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
fonts.googleapis.com/css?family=Poppins%3A300%2Cregular%2C500%2C600%2C700%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CRoboto+Slab%3A100%2C300%2Cregular%2C700%7CJosefin+Slab&ver=5.5.10
200 OK 1.6 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Poppins%3A300%2Cregular%2C500%2C600%2C700%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CRoboto+Slab%3A100%2C300%2Cregular%2C700%7CJosefin+Slab&ver=5.5.10
IP
Hash 8283345c21cc7b7082715b5dced1bca0
ee3abeb289b152734639da6cb81653e6a3105ae0
8a2e2e7b43ab53c1d16cc73626e12299072e4cf51e14c309aa3f5ee23a7f6852
GET /css?family=Poppins%3A300%2Cregular%2C500%2C600%2C700%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CRoboto+Slab%3A100%2C300%2Cregular%2C700%7CJosefin+Slab&ver=5.5.10 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 06 Oct 2022 09:28:29 GMT
Date: Thu, 06 Oct 2022 09:28:29 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.ndvadvisers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
200 OK 932 B URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP
Hash b1eb322499f2dbc18499a9a46edd88fd
47213d17cb0eb45bd12ede49ee77e6c384b3664a
e3ec4292fd6b24707fe8b93f5d423120dcbc25aa702e7d434749910f947e4060
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 14 Jul 2021 14:56:13 GMT
ETag: "a50-5c7168e402ee4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 932
Content-Type: text/css
X-Varnish: 198419710
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
platform.linkedin.com/in.js
200 OK 163 kB URL HTTP/1.1 platform.linkedin.com/in.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (41593)
Size 163 kB (163351 bytes)
Hash 9d16208bb13d55b4d200a410ab1c30be
94898d3509789831acf5c3a5aad57dba0250bc45
2e1f19d74ff9c03b05b8073e5a0c7aef279bf624b81164016b0aea38d4aa5ab9
GET /in.js HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
HTTP/1.1 200 OK
Server: Play
Expires: Thu, 6 Oct 2022 09:49:51 GMT
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Content-Length: 163351
X-Li-Fabric: prod-lor1
X-Li-Pop: prod-lor1-x
X-LI-Proto: http/1.1
X-LI-UUID: AAXqWcbIOP92waSnyYVryw==
Date: Thu, 06 Oct 2022 09:28:29 GMT
Connection: keep-alive
Vary: Accept-Encoding
X-CDN-CLIENT-IP-VERSION: IPV4
X-CDN: AKAM
www.ndvadvisers.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
200 OK 7.1 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1
IP
File type ASCII text, with very long lines (29701)
Hash 951ca749bc707f714ca8394267d16f20
4030559605649c69db165d9715ccc19d10bd1428
761753b529103705781bb5316ca58f4d0d2450d77091923bf01865b6d3c7091c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5.1 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Mon, 21 Aug 2017 18:27:10 GMT
ETag: "756c-55747a076fb80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7116
Content-Type: text/css
X-Varnish: 273421137
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/style.css?ver=4.18.0
200 OK 506 B URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/style.css?ver=4.18.0
IP
File type ASCII text, with CRLF line terminators
Hash d252559ae35d890899ae4a247af95b98
68a78dcf93378465fdbc8132b962e8963a8a5e9a
ad555153b416d5d02501b4544fb33189875b6f8e333664eef2882f80fde79586
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/style.css?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:58 GMT
ETag: "31e-5b2b661d5190e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Content-Type: text/css
X-Varnish: 249369520
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/framework/zion-builder/assets/css/znb_frontend.css?ver=1.0.29
200 OK 6.3 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/framework/zion-builder/assets/css/znb_frontend.css?ver=1.0.29
IP
File type ASCII text, with very long lines (35243)
Hash 9bc035f9870da3c2b7ec63ae4a1b2cae
1fd36e8e2a09787ae882bb913ec670fd10a39063
3c874d5bad0bfe4ce72038eaacdf2e9fa6a22799891d363c8dcf5bee891aecb0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/framework/zion-builder/assets/css/znb_frontend.css?ver=1.0.29 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:56 GMT
ETag: "89ea-5b2b661ace404-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6346
Content-Type: text/css
X-Varnish: 198419712
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
200 OK 34 kB URL HTTP/1.1 www.ndvadvisers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Sat, 18 Apr 2020 03:56:25 GMT
ETag: "17a69-5a388a661c77d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33776
Content-Type: application/javascript
X-Varnish: 312803582
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/uploads/zn_dynamic.css?ver=1657443294
200 OK 7.4 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/uploads/zn_dynamic.css?ver=1657443294
IP
File type ASCII text, with very long lines (35427), with no line terminators
Hash c5982a4d8301c48db54fd91f73518e67
f5344ea7a157bb5c9faca0aef05212eaf176939a
6ad3048ddf5e265a5a3f088070f788e7b54f4d8f07f92e4768bdae422cd2ffb7
GET /wp-content/uploads/zn_dynamic.css?ver=1657443294 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Sun, 10 Jul 2022 08:54:54 GMT
ETag: "8a63-5e36f96cf9758-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7427
Content-Type: text/css
X-Varnish: 198419714
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/uploads/zion-builder/cache/51874-layout.css?ver=6e64e0ead414a5dea1b3b679af3e1d06
200 OK 5.3 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/uploads/zion-builder/cache/51874-layout.css?ver=6e64e0ead414a5dea1b3b679af3e1d06
IP
File type ASCII text, with very long lines (30979), with no line terminators
Hash 670d6115510b5a591c0d52b431d402a0
84755f4e9328eaf83167fdf70f4953dd0c4e4ad0
cdc2f60f7322de1f66f41bbf7149b4a0ac888c2d5c6218ad5b2bc4cb80e18de7
GET /wp-content/uploads/zion-builder/cache/51874-layout.css?ver=6e64e0ead414a5dea1b3b679af3e1d06 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 19:44:46 GMT
ETag: "7903-5e5d42a2bef09-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5310
Content-Type: text/css
X-Varnish: 273421139
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas-child/style.css?ver=4.18.0
200 OK 291 B URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas-child/style.css?ver=4.18.0
IP
Hash dcae9fbc5e13c00e33981df082e7ae25
d07a0d293290d2f653bbdefa201adfbfd4e983b7
5c26fdf796ca91abf8052ea92805a4b71d1677959a6a05f6867c06f1d9193904
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas-child/style.css?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Mon, 21 Aug 2017 18:27:10 GMT
ETag: "1d7-55747a076fb80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 291
Content-Type: text/css
X-Varnish: 249369522
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/css/bootstrap.min.css?ver=4.18.0
200 OK 15 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/css/bootstrap.min.css?ver=4.18.0
IP
File type ASCII text, with very long lines (64996), with CRLF line terminators
Hash e2e9227761bcd063ea2208b22f7fd8b0
77a79e6da05dfd8ee0a944825f7693b6c837c5ff
ff3b91b5cf355a679da7e2e50215dea221662bc8c6c23949b1f8e083f9a6a58e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/css/bootstrap.min.css?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:55 GMT
ETag: "13a7c-5b2b661a92308-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14745
Content-Type: text/css
X-Varnish: 298943389
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/css/template.min.css?ver=4.18.0
200 OK 32 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/css/template.min.css?ver=4.18.0
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 77e9747f984f54eb034d89d3fd3fc422
f1d382f4e4d01a188d5f4ae3901fe37205842852
e42ea5bed963d51cd7c2342f025c4117d958db40b53df93f8888263b757058b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/css/template.min.css?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:55 GMT
ETag: "2e752-5b2b661a94680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32350
Content-Type: text/css
X-Varnish: 218768741
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/contact-form-7-signature-addon/public/js/signature_pad.min.js?ver=4.2.2
200 OK 3.0 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/contact-form-7-signature-addon/public/js/signature_pad.min.js?ver=4.2.2
IP
File type ASCII text, with very long lines (8868)
Hash d8a6f3c910ecdf969567eec9a9fe97eb
63320df671267283493c933a3a4c4db03782b856
1975b2b132ec75d2d36f492b3d2947618f90115bb517c50d1e9b01e348106fbc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7-signature-addon/public/js/signature_pad.min.js?ver=4.2.2 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Sat, 18 Apr 2020 03:53:44 GMT
ETag: "22a5-5a3889cc911de-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3042
Content-Type: application/javascript
X-Varnish: 243209364
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/contact-form-7-signature-addon/public/js/scripts.js?ver=4.2.2
200 OK 1.3 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/contact-form-7-signature-addon/public/js/scripts.js?ver=4.2.2
IP
Hash 2384aef8de747e4ec560819a29f4f5c7
5001370da8368738ea046a17b91150c81a3aa309
253235604b8296ecfa440a1694114f37b5d00a8bb42f853ccc0643ef2c0c699a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7-signature-addon/public/js/scripts.js?ver=4.2.2 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Sat, 18 Apr 2020 03:53:44 GMT
ETag: "ead-5a3889cc90a06-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1330
Content-Type: application/javascript
X-Varnish: 134239385
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/fullworks-anti-spam/frontend/js/frontend.js?ver=1.3.4
200 OK 899 B URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/fullworks-anti-spam/frontend/js/frontend.js?ver=1.3.4
IP
Hash 33abdb3a856b7d6c43d031c018bcf1c2
c4fa57c113a3e70d294f599bb22d3fcfa6e0b40c
5b2064e9ef5794345178f751e68a208dfe4d321ee7a414182a0c770a2b6c001d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/fullworks-anti-spam/frontend/js/frontend.js?ver=1.3.4 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Sat, 09 Jul 2022 05:24:14 GMT
ETag: "83f-5e358878cdd0d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 899
Content-Type: application/javascript
X-Varnish: 259199327
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1
200 OK 38 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1
IP
File type ASCII text, with very long lines (27287)
Hash c9b431a7f70f3cf8e66d19585f15b268
d35340f58704f257d948654c63b09f94fe8b93fd
1cacdd67748db096e5b2d26b47e003992ed034e9661371cbe227d2485d471c02
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5.1 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Mon, 21 Aug 2017 18:27:10 GMT
ETag: "1af52-55747a076fb80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 38310
Content-Type: application/javascript
X-Varnish: 294291543
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1
200 OK 18 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1
IP
File type ASCII text, with very long lines (64561)
Hash 23e13c1af8bb2efec23fcd90ebae6e94
d1680a2eb9ce43c8e1ee0a34e804ce6eb84bd491
d644e0e9e137b42d091eb4266b69bbbb2f6930137ced8512b69b657ffef56c07
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5.1 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Mon, 21 Aug 2017 18:27:10 GMT
ETag: "fd7a-55747a076fb80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17978
Content-Type: application/javascript
X-Varnish: 276075434
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.12
200 OK 432 B URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.12
IP
Hash 29c994328c11477538ddd48bfb18a60e
182a2a8765a4fb48717ecaa451e6eb4a4663362b
06c7ed1a51e802e172fddabbcc8aec00269fa7f4482a38ecccc44fd462c18f7b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.12 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 02:34:09 GMT
ETag: "45f-5d90ae21703b8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 432
Content-Type: application/javascript
X-Varnish: 269160166
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.10
200 OK 4.7 kB URL HTTP/1.1 www.ndvadvisers.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.10
IP
File type ASCII text, with very long lines (11272)
Hash 80712bcce465dea429e6ff1e5c35bbc1
daff29755ee729dbeb0d30c93570f1fc9b673972
f444c094422ff2d56c4f52a022881e68e1f07d567e0fb3969f80259452995f8f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.10 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 14:52:05 GMT
ETag: "3795-5c00401bd3835-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4662
Content-Type: application/javascript
X-Varnish: 211431500
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
200 OK 4.1 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP
File type ASCII text, with very long lines (12987), with no line terminators
Hash d1e444a515befe59b1fc5fac59bbf91f
9a58b94f9281ad353d5ba8267f6192e570c1c9ac
b80e69017ad712ec753504c48ce9005f79f5a27a7cd8f1262f3c20b9d00faa33
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 14 Jul 2021 14:56:13 GMT
ETag: "32bb-5c7168e41212d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4071
Content-Type: application/javascript
X-Varnish: 306348773
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/js/plugins.min.js?ver=4.18.0
200 OK 11 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/js/plugins.min.js?ver=4.18.0
IP
File type HTML document, ASCII text, with very long lines (33193), with no line terminators
Hash 4a8e5eef912cffa50af66371199e075b
27f8ee5c9a6d986ec10988e2fa444b399d12c7bb
4cc230ec56afe3e8029ef0a01812b18c391683fe625f5f58a648336e9898eb4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/js/plugins.min.js?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:56 GMT
ETag: "81a9-5b2b661bac311-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11016
Content-Type: application/javascript
X-Varnish: 198227118
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
200 OK 34 kB URL HTTP/1.1 www.ndvadvisers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP
File type Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Hash b997c3b6fc35923443dd6dcc360e920e
aa470c21b5ae916b986a022e4bd7f42670d72381
d8a171bcb9c7360ecbb08248184892a5aca2c27ba83d62778e36f507c76cef29
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:45:57 GMT
ETag: "183ee-5b2b65a9cfbba-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 34241
Content-Type: application/javascript
X-Varnish: 264048653
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-includes/js/comment-reply.min.js?ver=5.5.10
200 OK 1.3 kB URL HTTP/1.1 www.ndvadvisers.com/wp-includes/js/comment-reply.min.js?ver=5.5.10
IP
File type ASCII text, with very long lines (2949)
Hash 1cf4c3e8e70de8171ff6d4530d1fec31
e45846b00f185fb3e3d16b61d6073c961c2dcf50
bcb5aef7cf39483421bc74866fb39786953559ff5fa9e9d003743b33702d64b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=5.5.10 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 14:52:05 GMT
ETag: "ba8-5c00401bc1338-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1346
Content-Type: application/javascript
X-Varnish: 276075436
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/addons/scrollmagic/scrollmagic.js?ver=4.18.0
200 OK 6.1 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/addons/scrollmagic/scrollmagic.js?ver=4.18.0
IP
File type ASCII text, with very long lines (17490), with CRLF line terminators
Hash eb040f88c6a38a69f327c33c52bd1010
e03d244bdd96330979a2c4cff6b650acffec6200
31a1e744d0f8bd2e08ec9d046d264e4f86fb3946005a20ad18eda8f79abcf404
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/addons/scrollmagic/scrollmagic.js?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:55 GMT
ETag: "44b8-5b2b661a61dc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6127
Content-Type: application/javascript
X-Varnish: 269160168
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/js/znscript.min.js?ver=4.18.0
200 OK 14 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/js/znscript.min.js?ver=4.18.0
IP
File type ASCII text, with very long lines (46058), with no line terminators
Hash 165a0d7433b89f284c04b219346243d6
6bd85472291cf1b2b997f30ef7059b675ec19ee1
2474459280b3c81377b06334411aff1386a3f7b5c0952df936f114f9e2bf5c53
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/js/znscript.min.js?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:56 GMT
ETag: "b3ea-5b2b661bad2ca-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13947
Content-Type: application/javascript
X-Varnish: 211431502
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/framework/zion-builder/dist/znpb_frontend.bundle.js?ver=1.0.29
200 OK 15 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/framework/zion-builder/dist/znpb_frontend.bundle.js?ver=1.0.29
IP
File type ASCII text, with very long lines (48331), with no line terminators
Hash d84ff88f909f397a527f9ebc4c00d460
5b6356a7c7d9f502796579dc9f0f414255dbbf61
9f9bd6d807a4a720c8402c67874bb0224f53c5e7d5499eee7876bb2f437e3b97
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/framework/zion-builder/dist/znpb_frontend.bundle.js?ver=1.0.29 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:56 GMT
ETag: "bccb-5b2b661aea176-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14809
Content-Type: application/javascript
X-Varnish: 264048655
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/addons/smooth_scroll/SmoothScroll.min.js?ver=4.18.0
200 OK 3.1 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/addons/smooth_scroll/SmoothScroll.min.js?ver=4.18.0
IP
File type ASCII text, with very long lines (7234), with no line terminators
Hash f1162420a67f91d9cce042b3d5b57560
1c98cc9ce85cb35664b2c0b9c2780f6ab9ae1b4a
07a79502a25db9c76c6768a859ecc4acacc4f718dbb5b5f67f06049950bb2b37
GET /wp-content/themes/kallyas/addons/smooth_scroll/SmoothScroll.min.js?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:55 GMT
ETag: "1c42-5b2b661a64c7c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3129
Content-Type: application/javascript
X-Varnish: 306348775
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/themes/kallyas/addons/slick/slick.min.js?ver=4.18.0
200 OK 10 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/addons/slick/slick.min.js?ver=4.18.0
IP
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash b85930f19e6ddab27aecf0b74ba4d69b
2a459e83535035c0f0f9f09e68d0d1f7838744e5
27f59fc7fbb34fc991341a966e38784c1be7ffdf100a3a4aa1307b2f95f9cbc0
GET /wp-content/themes/kallyas/addons/slick/slick.min.js?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:55 GMT
ETag: "a770-5b2b661a63510-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10445
Content-Type: application/javascript
X-Varnish: 198227120
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-includes/js/wp-embed.min.js?ver=5.5.10
200 OK 765 B URL HTTP/1.1 www.ndvadvisers.com/wp-includes/js/wp-embed.min.js?ver=5.5.10
IP
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
GET /wp-includes/js/wp-embed.min.js?ver=5.5.10 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 14:52:05 GMT
ETag: "592-5c00401bd24ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 765
Content-Type: application/javascript
X-Varnish: 313295098
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
www.ndvadvisers.com/wp-content/uploads/2017/09/logo-white.png
200 OK 7.8 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/uploads/2017/09/logo-white.png
IP
File type PNG image data, 220 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash ea8b1ecc52d4aaa0d6d9fd0fde4bd28f
3d409d9a2bb8aad5cb59ba43616d67a29cba44df
10900674f457e16b23d179ec7f0b25a6c13cefa8afb72679963fffe5ec2aad68
GET /wp-content/uploads/2017/09/logo-white.png HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Sun, 10 Sep 2017 07:13:50 GMT
ETag: "1e94-558d08d436780"
Accept-Ranges: bytes
Content-Length: 7828
Content-Type: image/png
X-Varnish: 264048657
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1742
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:29 GMT
Last-Modified: Thu, 06 Oct 2022 08:59:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.ndvadvisers.com/wp-content/themes/kallyas/css/print.css?ver=4.18.0
200 OK 688 B URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/css/print.css?ver=4.18.0
IP
File type ASCII text, with CRLF line terminators
Hash decc129324f3b47de233b9eec1988d13
da7797adec2a5849c317597d35ac9bc947319a3a
b5ebbea91c2bd2661f2059b61c44bb1aea76b26471f0d50f7f44e944a6f1fb22
GET /wp-content/themes/kallyas/css/print.css?ver=4.18.0 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:29 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:55 GMT
ETag: "789-5b2b661a92edf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 688
Content-Type: text/css
X-Varnish: 238949985
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=kallyasOnloadCallback&hl=en&ver=1
200 OK 581 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=kallyasOnloadCallback&hl=en&ver=1
IP
File type ASCII text, with very long lines (914), with no line terminators
Hash f7e28d0400871a8362a16717b1634591
0deecc5ca50cedaaf840e59ecc24bf9d2163c6d8
cbcb89a8ff46dea10d5f33c3aeb69fec19b9d4681da4b62d4e58924a25668718
GET /recaptcha/api.js?onload=kallyasOnloadCallback&hl=en&ver=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 06 Oct 2022 09:28:29 GMT
date: Thu, 06 Oct 2022 09:28:29 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: saknSquTK4V8p33BbBIiYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: k8FP5j8q1IJorNrTloONYHzkw5E=
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ndvadvisers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7884
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 06 Oct 2022 00:42:37 GMT
Expires: Fri, 06 Oct 2023 00:42:37 GMT
Cache-Control: public, max-age=31536000
Age: 31553
Last-Modified: Wed, 27 Apr 2022 17:03:52 GMT
Content-Type: font/woff2
www.ndvadvisers.com/wp-content/themes/kallyas/template_helpers/icons/glyphicons_halflingsregular/glyphicons_halflingsregular.woff2
200 OK 18 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/template_helpers/icons/glyphicons_halflingsregular/glyphicons_halflingsregular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/template_helpers/icons/glyphicons_halflingsregular/glyphicons_halflingsregular.woff2 HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ndvadvisers.com/wp-content/themes/kallyas/css/bootstrap.min.css?ver=4.18.0
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:30 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:58 GMT
ETag: "466c-5b2b661cf258f"
Accept-Ranges: bytes
Content-Length: 18028
X-Varnish: 110905802
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ndvadvisers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 03 Oct 2022 21:39:33 GMT
Expires: Tue, 03 Oct 2023 21:39:33 GMT
Cache-Control: public, max-age=31536000
Age: 215337
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
200 OK 33 kB URL HTTP/1.1 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ndvadvisers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 32860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 17:29:45 GMT
Expires: Fri, 29 Sep 2023 17:29:45 GMT
Cache-Control: public, max-age=31536000
Age: 575925
Last-Modified: Mon, 11 Jul 2022 19:12:50 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ndvadvisers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7816
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 23:29:33 GMT
Expires: Thu, 05 Oct 2023 23:29:33 GMT
Cache-Control: public, max-age=31536000
Age: 35937
Last-Modified: Wed, 27 Apr 2022 16:11:40 GMT
Content-Type: font/woff2
www.ndvadvisers.com/wp-content/themes/kallyas/template_helpers/icons/kl-social-icons/kl-social-icons.woff
200 OK 36 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/themes/kallyas/template_helpers/icons/kl-social-icons/kl-social-icons.woff
IP
File type Web Open Font Format, TrueType, length 35660, version 1.0\012- data
Hash de16fa93cbb50189f9938501958f3b73
ad7b67cfe7057a51a1251fe0cc91e44373b58104
48e790953bced1366395dc72cece5711083d395af66da0a9986e5e8cd3fd2f59
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kallyas/template_helpers/icons/kl-social-icons/kl-social-icons.woff HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ndvadvisers.com/wp-content/uploads/zn_dynamic.css?ver=1657443294
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:30 GMT
Server: Apache
Last-Modified: Wed, 28 Oct 2020 07:47:58 GMT
ETag: "8b4c-5b2b661cf6c0b"
Accept-Ranges: bytes
Content-Length: 35660
Content-Type: application/font-woff
X-Varnish: 110905804
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ndvadvisers.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8000
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 23:43:38 GMT
Expires: Thu, 05 Oct 2023 23:43:38 GMT
Cache-Control: public, max-age=31536000
Age: 35092
Last-Modified: Wed, 27 Apr 2022 16:59:07 GMT
Content-Type: font/woff2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 39589846419c42f833c688f1e64f29be
fd0e808c8512249def272c5918ded6a5526cf84a
02b6fa8d13db8ba3fbdbd511951a33f29ad3799deacac8efb1ccfd41074c53e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02B6FA8D13DB8BA3FBDBD511951A33F29AD3799DEACAC8EFB1CCFD41074C53E7"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7283
Expires: Thu, 06 Oct 2022 11:29:53 GMT
Date: Thu, 06 Oct 2022 09:28:30 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0024/9803/5810/products/586387-Product-0-I-637838086977296232_1024x1024.jpg
200 OK 94 kB URL HTTP/2 cdn.shopify.com/s/files/1/0024/9803/5810/products/586387-Product-0-I-637838086977296232_1024x1024.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cd90589de05d437ee1af2e141d7cfece
7db36fb71090029e8f482ba0788cbfd7b490832b
b4a29aa41ec669d450c66d9e6d2f5b1a2c608bfe1d3d4abd87aa210670834342
GET /s/files/1/0024/9803/5810/products/586387-Product-0-I-637838086977296232_1024x1024.jpg HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ndvadvisers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:28:30 GMT
content-type: image/webp
content-length: 94272
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0024/9803/5810/products/586387-Product-0-I-637838086977296232_1024x1024.jpg>; rel="canonical"
server-timing: imagery;dur=455.183, imageryFetch;dur=66.630, imageryProcess;dur=387.563;desc="image"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 14fed7a8-78bf-4491-a748-61468c12937e
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 15 Sep 2022 06:26:52 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33OlbQl%2FJbYpSjqOMktySKfUr3lJNnwUHuqjlYKYptE28SKnsAJPJvdVB9s61nHOyDN8DNTKxGYWoiuc%2B%2Fr9It8lQQI%2FKgacbSfy8FEmwvlA%2BlxUIKM4SLIsHZkMhFc1nA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755d5e04bb2fb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 39589846419c42f833c688f1e64f29be
fd0e808c8512249def272c5918ded6a5526cf84a
02b6fa8d13db8ba3fbdbd511951a33f29ad3799deacac8efb1ccfd41074c53e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02B6FA8D13DB8BA3FBDBD511951A33F29AD3799DEACAC8EFB1CCFD41074C53E7"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7283
Expires: Thu, 06 Oct 2022 11:29:53 GMT
Date: Thu, 06 Oct 2022 09:28:30 GMT
Connection: keep-alive
wednesdayswithnic.com/wp-content/uploads/2011/09/WalingWaling-Aug-12-2009.jpg
200 OK 75 kB URL HTTP/1.1 wednesdayswithnic.com/wp-content/uploads/2011/09/WalingWaling-Aug-12-2009.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, manufacturer=Canon, model=Canon PowerShot S3 IS, orientation=upper-left, xresolution=234, yresolution=242, resolutionunit=2, datetime=2009:08:12 12:02:23], baseline, precision 8, 640x480, components 3\012- data
Hash 8b0d966275ea094aa4936fcb0695a0ac
39a55450347c2a040b6f2e73fdb39761855c41fa
5e44f4b0dccba42b4e65a14be66307eb244f6f519ffadb0e5f74150f3217fe08
GET /wp-content/uploads/2011/09/WalingWaling-Aug-12-2009.jpg HTTP/1.1
Host: wednesdayswithnic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 15 Sep 2011 00:03:29 GMT
Accept-Ranges: bytes
Content-Length: 75210
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg
www.ndvadvisers.com/wp-content/uploads/2017/09/Fav.png
200 OK 9.8 kB URL HTTP/1.1 www.ndvadvisers.com/wp-content/uploads/2017/09/Fav.png
IP
File type PNG image data, 92 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash 8703c47fbd7bf2f435301bd4f99dd811
d401dcc2eeb44477be4166b0a45beb90cc5bdfe7
b695783f2e656843fd90e5b2c4ce4eedbbaa39a3d1f364b16fd6483710df3425
GET /wp-content/uploads/2017/09/Fav.png HTTP/1.1
Host: www.ndvadvisers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/vladmodels-katya-y117-47-154/
Cookie: pll_language=en
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:28:30 GMT
Server: Apache
Last-Modified: Sat, 09 Sep 2017 08:47:37 GMT
ETag: "266d-558bdbed13c40"
Accept-Ranges: bytes
Content-Length: 9837
Content-Type: image/png
X-Varnish: 287705936
Age: 0
Via: 1.1 webcache1 (Varnish/trunk)
Connection: keep-alive
assets.pinterest.com/js/pinit.js
200 OK 290 B URL HTTP/1.1 assets.pinterest.com/js/pinit.js
IP
File type ASCII text, with very long lines (361), with no line terminators
Hash 82bfd941d2c9b3b9e0650a27c9d11737
2eb742a101e79067c9df4d15b518bde85e8eeb2e
3f6e9b85ad3ee165ec6c9587d98d2a43588f7ba0f63d31ad019a0d4cbfd3f3d1
GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 290
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
X-CDN: fastly
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Thu, 06 Oct 2022 09:28:30 GMT
ocsp.digicert.com/
200 OK 471 B IP
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5278
Cache-Control: max-age=90400
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:30 GMT
Etag: "633d4940-1d7"
Expires: Fri, 07 Oct 2022 10:35:10 GMT
Last-Modified: Wed, 05 Oct 2022 09:07:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
platform.twitter.com/widgets.js
200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 4022ee7b53654f65608ad9a3ba759687
cc243d089a8a77c0a7123434746ea36b054634dd
7af6243905b2256cb4f8fe0e77386c274592c322fb23b11784ecf86d250c7e09
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Thu, 06 Oct 2022 09:28:30 GMT
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29223
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1961)
Hash 7fb807d0d277226fd5c280e533d8f2cd
58cdd702d82f81b657ae06fba4fabd1bec453a00
ac0522cdc1ebd6e2ddcf98567d86f6fd92b1ba4fd5bb22811f3ee4e333038ed9
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8d9e1a996f325931f26133a46e83c753
etag: "84c3fb60bb604e8c9b16a172a4bd0b21"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 06 Oct 2022 09:40:58 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: f7gH0NJ3Im/VwoDlM9jyzQ==
x-fb-debug: eiJxHWTfYi/2Otv7ITtLNiOe6XCgvFD76sEi3xR+nnsbNRkBEhWiqdEHm+IeJ2VCLvMNHiWuyaVQZ/BnfrFAFA==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 2074150462
date: Thu, 06 Oct 2022 09:28:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 047374e90c9a1e02eb7294c0a9a316a2
3d043355314c0c408f547f1faafd3acd6d481f63
e01b0fb379931c35fd707f8cc75e2d6079f77fd5174c30b75934e130d68ed2a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
200 OK 159 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP
File type ASCII text, with very long lines (711)
Size 159 kB (158844 bytes)
Hash b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.ndvadvisers.com
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:02:07 GMT
expires: Thu, 05 Oct 2023 21:02:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 44783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5278
Cache-Control: max-age=90400
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:30 GMT
Etag: "633d4940-1d7"
Expires: Fri, 07 Oct 2022 10:35:10 GMT
Last-Modified: Wed, 05 Oct 2022 09:07:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
apis.google.com/js/plusone.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Thu, 06 Oct 2022 09:28:30 GMT
expires: Thu, 06 Oct 2022 09:28:30 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5f35d22782378ad2"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.pinterest.com/js/pinit_main.js?0.43031335333557974
200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js?0.43031335333557974
IP
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js?0.43031335333557974 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Thu, 06 Oct 2022 09:28:30 GMT
content-length: 18679
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=846734189bd70717100d007e8b66cc48
200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=846734189bd70717100d007e8b66cc48
IP
File type ASCII text, with very long lines (13192)
Hash 7717717c92dad9aeb73186fd5336a676
d5073c2795ebbde85046e74c37fe5a81521c0226
60aff3d44fb187836eaac386bbbfce5a46e59006f1881496d96729642c9a5237
GET /en_US/sdk.js?hash=846734189bd70717100d007e8b66cc48 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.ndvadvisers.com
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 032e52f2f42bb88efa022a47bbf6c90a
etag: "b52234f2f13bd580fece461d444fc479"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 06 Oct 2023 07:11:15 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: dxdxfJLa2a63MYb9Uzamdg==
x-fb-debug: +zl+eIJPw4j8C8hKAAYckfCB3xYmo3NHxjKjDFyw3Tfk7Nwkz3RKi8G4I4KIvHePiD0gc+mfkgPc3uRhCBzIRQ==
content-length: 86931
x-fb-trip-id: 2074150462
date: Thu, 06 Oct 2022 09:28:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 57614821c84e1cada877af8e72b2eb57
b2ed866ef41dafef82fa4c52bd8b2871055903db
14ba1136f29bbfa8970a9265fc449036d72e631303f44d3c2d17bfecbe06d247
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4796
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:30 GMT
Last-Modified: Thu, 06 Oct 2022 08:08:34 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
developers.google.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ndvadvisers.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: f2e993d22613019d972e520328803dd0
Date: Thu, 06 Oct 2022 09:28:30 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
syndication.twitter.com/settings?session_id=aabbe757dcbeb98f0351967a26df572a3475197f
200 OK 355 B URL HTTP/2 syndication.twitter.com/settings?session_id=aabbe757dcbeb98f0351967a26df572a3475197f
IP
File type JSON data\012- , ASCII text, with very long lines (851), with no line terminators
Hash 7cac009f8121486bc6c44991cf606190
ddae6074c908031f09b586d38a022e0e4add23b5
7825444c58d1293285c059256fb6e04dcd4bf7dff5a6a65972f65d55286b1e89
GET /settings?session_id=aabbe757dcbeb98f0351967a26df572a3475197f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:28:30 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Thu, 06 Oct 2022 09:28:30 GMT
content-length: 355
content-encoding: gzip
x-transaction-id: 06df58fb54ac7796
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: 61e80e2bd6d3ffce1a7bc22e889f312bea83a32cc6327213f9b2c026b15ecc78
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 075c0849a5739bda75763e3740fd5079
c59fbd5865bacc3857fcdfae28c7eaaa7ca1972b
24b54121bcf5221650c3127ee28ef7f92524d391f75639c1ad25d678e7a99d2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:28:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lenti.hr/img/cms/gafas-vista-hawkers-PROVENCE-HPR05RX-L.jpg
200 OK 7.7 MB URL HTTP/1.1 lenti.hr/img/cms/gafas-vista-hawkers-PROVENCE-HPR05RX-L.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=4339, bps=206, compression=none, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, width=3413], baseline, precision 8, 3413x4339, components 3\012- data
Size 7.7 MB (7650458 bytes)
Hash ef0364ba8bf3701184761c2c42ab5444
8d0419d6745e1d31247db588ca263067cfc5774f
3c51bfd17624a653abde1aa0a7911a6f936256fc19a962842dff7735d7be9ef6
GET /img/cms/gafas-vista-hawkers-PROVENCE-HPR05RX-L.jpg HTTP/1.1
Host: lenti.hr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 09:28:30 GMT
Content-Type: image/jpeg
Content-Length: 7650458
Last-Modified: Tue, 05 May 2020 10:39:02 GMT
Connection: keep-alive
ETag: "5eb14246-74bc9a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP
File type ASCII text, with very long lines (7017), with no line terminators
Hash 5d0940862723a20bb4f2dab2b7af9bb4
c1aab96ed293f46fb5a53aa6b1109dd280c430b3
dbe59da44cbbbc83c10daf0c0a53d1c4c53105f82b77fecd0beb84a67c13525a
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 559429
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Thu, 06 Oct 2022 09:28:31 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18881
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18881
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18881
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18881
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:28:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18881
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:28:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 40753
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash dcb83b699eb06319b25d6358a99ebf24
b3e7a54a54ff64f7ab997a0695eb3edec5efc180
ca69f6c092f02935c8dbf6bd7ba33325e6343052396cff6b4e08f544194a5a16
GET /widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 559428
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Oct 2022 09:28:31 GMT
Etag: "5f5bf2b99100f854c01f4f321282f861+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:24 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 41375
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 42685
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72ad6f9b79e7a3d11e3ace6b0e969614
a9cd62230d4aabfcc2e8b2494e687d854254113e
1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 41745
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: 7ada8e43-9cb5-4793-9289-e308e9565e7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZoF7aIAMF43A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-73da01595d32809e08b93a83;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 14qQi5wDI-_EgyghHCMjRtdZliSj3L6veSqIeBoEjCTfdZfrKb-UzA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
age: 42685
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 13:22:17 GMT
expires: Thu, 05 Oct 2023 13:22:17 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 01 Oct 2022 02:06:56 GMT
content-type: text/javascript
age: 72374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665048511567%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=aabbe757dcbeb98f0351967a26df572a3475197f
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665048511567%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=aabbe757dcbeb98f0351967a26df572a3475197f
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665048511567%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=aabbe757dcbeb98f0351967a26df572a3475197f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:28:31 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Thu, 06 Oct 2022 09:28:31 GMT
content-length: 43
x-transaction-id: 6ba3c82b12f559b3
strict-transport-security: max-age=631138519
x-response-time: 109
x-connection-hash: 61e80e2bd6d3ffce1a7bc22e889f312bea83a32cc6327213f9b2c026b15ecc78
X-Firefox-Spdy: h2
log.pinterest.com/?type=pidget&guid=oSeTtN7Y15AQ&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&viaSrc=canonical
200 OK 0 B URL HTTP/2 log.pinterest.com/?type=pidget&guid=oSeTtN7Y15AQ&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&viaSrc=canonical
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=pidget&guid=oSeTtN7Y15AQ&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0§ion_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&viaSrc=canonical HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 2
server: envoy
x-pinterest-rid: 1782720204906971
accept-ranges: bytes
date: Thu, 06 Oct 2022 09:28:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665048512.841478,VS0,VE94
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/v3.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1396807b55e7aa%26domain%3Dwww.ndvadvisers.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.ndvadvisers.com%252Ff1ac1da154ca24e%26relation%3Dparent.parent&container_width=70&href=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
200 OK 0 B URL HTTP/2 www.facebook.com/v3.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1396807b55e7aa%26domain%3Dwww.ndvadvisers.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.ndvadvisers.com%252Ff1ac1da154ca24e%26relation%3Dparent.parent&container_width=70&href=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1396807b55e7aa%26domain%3Dwww.ndvadvisers.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.ndvadvisers.com%252Ff1ac1da154ca24e%26relation%3Dparent.parent&container_width=70&href=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: +nb1VFituh8ZRO/ikfTt4EPMxpkQ+aNTaDms+ASe5GSmt4LJiAvneCSr2HUTwGXgAvXYfisQP8tPXenpVeQJ4A==
content-length: 0
date: Thu, 06 Oct 2022 09:28:32 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&callback=PIN_1665048510815.f.callback[0]
200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&callback=PIN_1665048510815.f.callback[0]
IP
GET /v1/urls/count.json?url=http%3A%2F%2Fwww.ndvadvisers.com%2Fvladmodels-katya-y117-47-154%2F&callback=PIN_1665048510815.f.callback[0] HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Thu, 06 Oct 2022 09:43:31 GMT
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1075992146319193
date: Thu, 06 Oct 2022 09:28:31 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
developers.google.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ndvadvisers.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 04 Oct 2022 17:13:52 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.387975028.1665048512; Expires=Sat, 05 Oct 2024 09:28:32 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-PoipgUFjlk2Vq+X2TkRvIka+v7BRhH' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: c86675734df222d76890889c4e916713
vary: Accept-Encoding
date: Thu, 06 Oct 2022 09:28:32 GMT
server: Google Frontend
content-length: 21684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fwww.ndvadvisers.com
200 OK 0 B URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fwww.ndvadvisers.com
IP
GET /widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fwww.ndvadvisers.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 559430
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Oct 2022 09:28:30 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.ndvadvisers.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.ndvadvisers.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
IP
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.ndvadvisers.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ndvadvisers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 09:28:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-tFVDcOhCCooizgmmIRnLsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
77.111.240.150
142.250.74.174
31.13.72.36
23.36.76.226
93.184.220.29
104.16.254.71
185.103.219.62