r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17680
Expires: Wed, 22 Feb 2023 08:33:36 GMT
Date: Wed, 22 Feb 2023 03:38:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18767
Expires: Wed, 22 Feb 2023 08:51:43 GMT
Date: Wed, 22 Feb 2023 03:38:56 GMT
Connection: keep-alive
www.excel.bank/
301 Moved Permanently 162 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 22 Feb 2023 03:38:56 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.excel.bank/
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 02:53:46 GMT
content-type: application/json
age: 2710
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c926acb3daeb63b5374bdc352bbb679
167a2af5a3c8d1ec6d16c8f7ef1e063ce14ed481
e0bbf50d7d572d0b16ba4be51b190c4776777ecb572db9b25574b66d8e56ce36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0BBF50D7D572D0B16BA4BE51B190C4776777ECB572DB9B25574B66D8E56CE36"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17288
Expires: Wed, 22 Feb 2023 08:27:04 GMT
Date: Wed, 22 Feb 2023 03:38:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tLV3aRkc3wTQQWYQtUVDQcVVVae/RMAhm5PSgT9dmDYOZP5sRRhsGOX4Z0y0yC2y4WOXviQo/aM=
x-amz-request-id: J78CK8CKFGAV9T40
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Wed, 22 Feb 2023 02:53:11 GMT
age: 2745
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 6cfe169e2ef46be2ed890fdfdc499083
a94874b645761941d6dcbf6c0ec950b061a94e9f
28382523a254474785fb6aff01cb10006a04f528502aa67f628e4ec1233d229a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:56 GMT
Server: ECS (amb/6B85)
Content-Length: 727
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Feb 2023 02:51:26 GMT
age: 2850
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea9630f88377d01e5cebab9de9c3b89
18c6603c6e63b79d45031e960dddd31b227f0de5
853e5bb59efe99054d86bbacf7c2f1f2483ad9c05d35cc9d8ea5dd9909cb38fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853E5BB59EFE99054D86BBACF7C2F1F2483AD9C05D35CC9D8EA5DD9909CB38FB"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16689
Expires: Wed, 22 Feb 2023 08:17:06 GMT
Date: Wed, 22 Feb 2023 03:38:57 GMT
Connection: keep-alive
www.excel.bank/
200 OK 7.1 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3187)
Hash fab260956b4885b75c4680284743026a
bc6257f816970c8db93eecfec5f757a3e63edb07
1365c9c1f43242e3aa803b72bba6e0e250ca64e76fc6c778efac72c80f180446
GET / HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: text/html; charset=utf-8
content-length: 7074
vary: Accept-Encoding
expires: Wed, 22 Feb 2023 03:38:57 GMT
set-cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; Max-Age=32400; Expires=Wed, 22 Feb 2023 12:38:57 GMT; Path=/; Secure; HTTPOnly
cache-control: public, max-age=0
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ad-insert-result: no ads - index
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 94
x-varnish-ttl: 0.000
x-varnish: 201445637
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 8347077a75981592
x-request-id: e8933a93-6eda-42d8-a2bd-0f739832faa3
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a27ee3b3c913f55d085b5f85d622e206
2dac3b909debcd683e1f917fc633e71fe2a8d68a
544a2538b1a316f1963a28b489103723a8977ffea4e2baf22d0095001ffdc1af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1220d9d6733318ae674586f676332459
b684de95a3d5e61448ee8e8b474123117364e53a
aba752f7fb03bb390d3a41f2d83bdbb400716ad984f636a771c147e81d7691c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 11:52:22 GMT
expires: Fri, 16 Feb 2024 11:52:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 488795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-160159646-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-160159646-1
IP
File type ASCII text, with very long lines (1759)
Hash b07343247a87766c4450935a4e095c19
bfdd25893b9121a2fe35ada96b334fd6ae7047d7
928d2fc8141116d6b23c2e1f4197c2edeceac7e27e63d206ba94bfdeb0a99c4d
GET /gtag/js?id=UA-160159646-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 22 Feb 2023 03:38:57 GMT
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private, max-age=900
last-modified: Wed, 22 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44159
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a27ee3b3c913f55d085b5f85d622e206
2dac3b909debcd683e1f917fc633e71fe2a8d68a
544a2538b1a316f1963a28b489103723a8977ffea4e2baf22d0095001ffdc1af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1220d9d6733318ae674586f676332459
b684de95a3d5e61448ee8e8b474123117364e53a
aba752f7fb03bb390d3a41f2d83bdbb400716ad984f636a771c147e81d7691c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QwYz3C3IB7OTuttfIV03JQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8gTidrV6HTqwgPKjyD8Uq//Mt5I=
www.excel.bank/assets/css/main.min.css?v=1676575221960
200 OK 159 kB URL HTTP/2 www.excel.bank/assets/css/main.min.css?v=1676575221960
IP
File type ASCII text, with very long lines (65357)
Size 159 kB (159123 bytes)
Hash 4e78977e6fabbb8201e04c2b7d4fbdb4
4694a1fada15372068edab90e35c50604ad9acdc
cd5e212e1acbfb1becdb01c3d67ae6ed9bbc3f22bd842e444d62516636f4a68f
GET /assets/css/main.min.css?v=1676575221960 HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: text/css
content-length: 159123
etag: "e2c075cfc26df823ac1b2f3699765055"
vary: Accept-Encoding
expires: Tue, 21 Feb 2023 23:50:20 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
content-disposition: filename="main.min.css"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 202189333 199206805
age: 13717
x-varnish-hitmiss: HIT
x-varnish-count: 19
via: varnish
accept-ranges: bytes
x-b3-traceid: 25a8925afb38fa5f
x-request-id: c82d8b0d-4e59-4497-b240-558b30b6c9e4
X-Firefox-Spdy: h2
www.excel.bank/assets/img/Logo_White.svg
200 OK 3.0 kB URL HTTP/2 www.excel.bank/assets/img/Logo_White.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10954), with no line terminators
Hash f42abb7b829ea8c94d1d53550de6cdfd
4aba7ab8c1195ec9b120bf95b87cfd7ddbf6b5da
970939f659350b308b269023113b67592ddf43957e7dbd25c67ec5b5d4e4f4be
GET /assets/img/Logo_White.svg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/svg+xml
content-length: 3013
etag: "89c13343a81ab216b4e4e902f11e259c"
vary: Accept-Encoding
expires: Tue, 21 Feb 2023 23:51:03 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
content-disposition: filename="Logo_White.svg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 203414702 199354832
age: 13674
x-varnish-hitmiss: HIT
x-varnish-count: 17
via: varnish
accept-ranges: bytes
x-b3-traceid: 9b399726594df7d2
x-request-id: e4cf4974-6fb8-4cfe-9e48-598ed3f2bfab
X-Firefox-Spdy: h2
www.excel.bank/assets/img/Logo_Color.svg
200 OK 3.0 kB URL HTTP/2 www.excel.bank/assets/img/Logo_Color.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10985), with no line terminators
Hash e08cd3748065860f127e49a371ef4472
7d9c10ea5d7cfa7ac3e868da7e507bd1f6f0c8a6
fe454823f1ac5bbc827dbddadd0e8cd4d3212145eb082cde2193ec089f982979
GET /assets/img/Logo_Color.svg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/svg+xml
content-length: 3022
etag: "b97d9b066aea8c44a2288487659b4d7e"
vary: Accept-Encoding
expires: Tue, 21 Feb 2023 23:52:58 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
content-disposition: filename="Logo_Color.svg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 204936032 200355236
age: 13558
x-varnish-hitmiss: HIT
x-varnish-count: 24
via: varnish
accept-ranges: bytes
x-b3-traceid: 3dd8d36b8efbf380
x-request-id: 7989a0a9-a6f6-4046-96f5-229ddf50606a
X-Firefox-Spdy: h2
www.excel.bank/assets/target/disclaimers.js?bh=b704e8
200 OK 1.4 kB URL HTTP/2 www.excel.bank/assets/target/disclaimers.js?bh=b704e8
IP
File type ASCII text, with very long lines (3249), with no line terminators
Hash 904cea08f35f50cd8dbd80e95ef10ea6
2d1f44fce85b3e8c9276b5dbe038ec49eec93ce8
c404ab2643863117a05042604348346ebb797ef78f921ebbd497ed37392b688b
GET /assets/target/disclaimers.js?bh=b704e8 HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1400
etag: "3a06bd595a9a15e60307687581856a00"
vary: Accept-Encoding
expires: Mon, 21 Aug 2023 00:15:00 GMT
cache-control: public, max-age=15552000
last-modified: Tue, 21 Feb 2023 20:14:34 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 214460874 205612046
age: 12236
x-varnish-hitmiss: HIT
x-varnish-count: 11
via: varnish
accept-ranges: bytes
x-b3-traceid: 2b6ea6e1f09e277c
x-request-id: bd81d3cc-de75-482f-808d-081af20fd68a
X-Firefox-Spdy: h2
www.excel.bank/assets/js/script.min.js?v=1676575221955
200 OK 49 kB URL HTTP/2 www.excel.bank/assets/js/script.min.js?v=1676575221955
IP
File type Unicode text, UTF-8 text, with very long lines (65506), with no line terminators
Hash 9eda861cd294e1d1409d6c746650b625
9fb571ac821d6b33554297fa29e809bfbfe49967
655127301266acd2d2cf9d7a68a63f57531944e4b6a416256ad3de6baf0f8726
GET /assets/js/script.min.js?v=1676575221955 HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: application/javascript
content-length: 49034
etag: "267f7b179c9821c09ecada80b3abd47f"
vary: Accept-Encoding
expires: Tue, 21 Feb 2023 23:48:19 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
content-disposition: filename="script.min.js"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 211713960 212926935
age: 13838
x-varnish-hitmiss: HIT
x-varnish-count: 17
via: varnish
accept-ranges: bytes
x-b3-traceid: fd684bda495722d6
x-request-id: 4fc4d43d-be63-46a6-9432-9357ac75bab4
X-Firefox-Spdy: h2
www.excel.bank/assets/js/jquery.min.js
200 OK 31 kB URL HTTP/2 www.excel.bank/assets/js/jquery.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 43e2afcc6ae624cb196e5fb2be6f8c8a
b51271081f1c7089145fac60e7228578808124e5
f6e14e241bbab8be846b33fa4a0b2713a2a494a12cea1fd38f3895c5962d102c
GET /assets/js/jquery.min.js HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: application/javascript
content-length: 31079
etag: "33fe410142f2768ee0c56e1ce7cb9834"
vary: Accept-Encoding
expires: Tue, 21 Feb 2023 23:48:19 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
content-disposition: filename="jquery.min.js"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 203446929 199608356
age: 13838
x-varnish-hitmiss: HIT
x-varnish-count: 20
via: varnish
accept-ranges: bytes
x-b3-traceid: b2e03d0c9523b65b
x-request-id: 2ed61cfb-9649-49f9-84c8-8b11a9b54019
X-Firefox-Spdy: h2
www.excel.bank/assets/img/ada-hover.svg
200 OK 1.5 kB URL HTTP/2 www.excel.bank/assets/img/ada-hover.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1991), with no line terminators
Hash cba639eb2fb8f399381d75a8bea19b00
ff53601bb11b8a1f3d19f38693c4c94cc1ff4db1
d19ff68d59657e61798a95cc1d6005b48780d3cb5f4feec74a7b41d6f49fdedc
GET /assets/img/ada-hover.svg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/assets/css/main.min.css?v=1676575221960
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:58 GMT
content-type: image/svg+xml
content-length: 1476
etag: "07585c5df6f76839d83375b8bcaad0f2"
vary: Accept-Encoding
expires: Wed, 22 Feb 2023 00:05:52 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
content-disposition: filename="ada-hover.svg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 204488944 200748531
age: 12785
x-varnish-hitmiss: HIT
x-varnish-count: 13
via: varnish
accept-ranges: bytes
x-b3-traceid: 5b9360ff59444479
x-request-id: 689619ff-0ac8-4aa1-b762-8b9bf2af862c
X-Firefox-Spdy: h2
www.excel.bank/assets/files/0GvtiFGV/icon-property-35px.png
200 OK 2.8 kB URL HTTP/2 www.excel.bank/assets/files/0GvtiFGV/icon-property-35px.png
IP
File type PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash 2bb8f4461ad814b29b54eeee9c9f6956
6a00065f903e9a42ae915a0c3ce58ea75c991ef3
156be57d3a09e7452f6e8960997f2592f357d2220701ec2be4427446fa456292
GET /assets/files/0GvtiFGV/icon-property-35px.png HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/png
etag: "7b8d3f1dad69db4ba49175696c28cdbe"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Fri, 10 Feb 2023 17:21:26 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="icon-property-35px.png"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 17
x-varnish: 213744888
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: f1b84341109c0bca
x-request-id: 878b3e31-651b-449d-9831-468fd2ba066c
X-Firefox-Spdy: h2
www.excel.bank/assets/files/Eji8n8AC/Subad-Banks-Never-Ask.jpg
200 OK 22 kB URL HTTP/2 www.excel.bank/assets/files/Eji8n8AC/Subad-Banks-Never-Ask.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 480x402, components 3\012- data
Hash fb02849ad4e80211c85a9a0459f995f6
2f89bd9f9686adc5cb56a2a5083f52dd27ed39b7
cabe507f6f4fcc3c317ff83d6d30888a90c751fe49439e2ecd2bbe380e9dc4b9
GET /assets/files/Eji8n8AC/Subad-Banks-Never-Ask.jpg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/jpeg
etag: "39cbec90d0c0655e3e9a58cca87a2da9"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Tue, 25 Jan 2022 00:00:30 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="Subad-Banks-Never-Ask.jpg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 6
x-varnish: 201967662
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: d3016e66a846ddc9
x-request-id: 29ae9057-d083-49e8-9123-02a173e2eb54
X-Firefox-Spdy: h2
www.excel.bank/assets/files/2j3nPWLh/Hero-HOA.jpg
200 OK 144 kB URL HTTP/2 www.excel.bank/assets/files/2j3nPWLh/Hero-HOA.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=(C) 2014 Volodymyr Kyrylyuk ((C) 2014 Volodymyr Kyrylyuk (Photographer) - [None]], baseline, precision 8, 1600x556, components 3\012- data
Size 144 kB (144103 bytes)
Hash b44bcaad144a025ecc7f1a190186abd1
a1e58b4eb0144a074499cecf4adc5192beb50aed
7b866abf0599037a2cd5074f24201b54f28eb7bef04ed5474fcf88593e20f9f5
GET /assets/files/2j3nPWLh/Hero-HOA.jpg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/jpeg
etag: "33d426524c1d7d670cc74702bfd6089f"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Tue, 25 Jan 2022 00:00:29 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="Hero-HOA.jpg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 6
x-varnish: 203376877
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 641e905c8521e6d9
x-request-id: 18b12b83-4a99-48e2-bdab-88bcb7547c2d
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.excel.bank
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 04:29:09 GMT
expires: Wed, 21 Feb 2024 04:29:09 GMT
cache-control: public, max-age=31536000
age: 83389
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.excel.bank/assets/files/vYqTwFPs/icon-bank-35px.png
200 OK 25 kB URL HTTP/2 www.excel.bank/assets/files/vYqTwFPs/icon-bank-35px.png
IP
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash e4485589ced661ab6ffe3e2a2620fc81
d5f1af2a153260b3d2c6bdba139a41b5d46c14c1
abe8ffbf2336c9d46d65c73c34295f5c76ff6eab42d921d7e13b9ab848952501
GET /assets/files/vYqTwFPs/icon-bank-35px.png HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/png
etag: "dc0db9170cd46f1347fbdab4363de389"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Fri, 10 Feb 2023 17:22:04 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="icon-bank-35px.png"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 7
x-varnish: 211713958
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 631c7e7710d0fed8
x-request-id: c88eeeae-4cd7-4e4b-bc66-c570449f2cf9
X-Firefox-Spdy: h2
www.excel.bank/assets/files/rq7WEH1R/icon-move-35px.png
200 OK 26 kB URL HTTP/2 www.excel.bank/assets/files/rq7WEH1R/icon-move-35px.png
IP
File type PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash ae90e254724e2b0402c23f57f871be61
14bb36770731681eedfb0a116c99378a6064e0b7
c794b8d64fa1dedf1d0b893b2abf817edb1d4276fa7a9a693367554dbc2cfd0b
GET /assets/files/rq7WEH1R/icon-move-35px.png HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/png
etag: "1d17f4f70c4a4efbba0df77fd48c9f39"
expires: Wed, 22 Feb 2023 03:38:58 GMT
cache-control: private
last-modified: Fri, 10 Feb 2023 17:18:04 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="icon-move-35px.png"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 6
x-varnish: 214492642
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: cb0a31e71225fbc4
x-request-id: 8c11fd2c-9aaf-41d6-a652-2500f7902d02
X-Firefox-Spdy: h2
www.excel.bank/assets/files/gLeMuuDn/Wide-Client.jpg
200 OK 78 kB URL HTTP/2 www.excel.bank/assets/files/gLeMuuDn/Wide-Client.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x556, components 3\012- data
Hash 379d4896655f7eaf825260abd773dc6c
05266a19a9259b183bb95a73d890af267473d979
9e2cd9f52284cd15100153e01ed9fe70923a4b9eddb0939a4ce6245dfd2aeed2
GET /assets/files/gLeMuuDn/Wide-Client.jpg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/jpeg
etag: "094e8e76b96df766605939f735403a99"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Tue, 25 Jan 2022 00:00:30 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="Wide-Client.jpg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 5
x-varnish: 212596831
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 4fd8f702123f652a
x-request-id: 5ebc3b61-db53-48e3-b221-3a629ab06eea
X-Firefox-Spdy: h2
www.excel.bank/assets/files/X3xWYOUm/Subad-Depository-Services.jpg
200 OK 56 kB URL HTTP/2 www.excel.bank/assets/files/X3xWYOUm/Subad-Depository-Services.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=www.peopleimages.com (www.peopleimages.com (Photographer) - [None]], baseline, precision 8, 480x402, components 3\012- data
Hash 4dbee860517aebfe0234bc6533f48f5b
fd292858956ed7efb0dacc3bdec68e21095ef1ac
259e25a44dfa3059246a935c759bc68cc2369ed7eff767bc386ce4bbbcc7ea1a
GET /assets/files/X3xWYOUm/Subad-Depository-Services.jpg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/jpeg
etag: "69c5e855c25fec859a6b30a871bbdab1"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Tue, 25 Jan 2022 00:00:30 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="Subad-Depository-Services.jpg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 7
x-varnish: 214816584
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 84c4a24e67916f17
x-request-id: c0643653-bfee-4eda-bd5d-9df4939d03f1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 22 Feb 2023 01:53:25 GMT
expires: Wed, 22 Feb 2023 03:53:25 GMT
cache-control: public, max-age=7200
age: 6333
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.excel.bank/favicon.ico
200 OK 15 kB URL HTTP/2 www.excel.bank/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash bf8502caa4774d8cc3752432b885b9af
9159ab9f176ae98dabaf0a5563593a0660c234c3
979ab61f5e8ae5dfb562d33ca9734dc2e5d482273b8ad2dfa763db3f465f8832
GET /favicon.ico HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:58 GMT
content-type: image/x-icon
content-length: 15086
etag: "92b8803090b2af9befd14f499d0b4360"
expires: Tue, 21 Feb 2023 23:54:01 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="favicon.ico"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 86400.000
x-varnish: 201866373 196922705
age: 13497
x-varnish-hitmiss: HIT
x-varnish-count: 4
via: varnish
accept-ranges: bytes
x-b3-traceid: 08c9022797dc77f6
x-request-id: 43d89987-8107-4d01-a9a5-c68e9156fc85
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Wed, 22 Feb 2023 04:30:11 GMT
Date: Wed, 22 Feb 2023 03:38:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Wed, 22 Feb 2023 04:30:11 GMT
Date: Wed, 22 Feb 2023 03:38:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Wed, 22 Feb 2023 04:30:11 GMT
Date: Wed, 22 Feb 2023 03:38:58 GMT
Connection: keep-alive
www.excel.bank/assets/font/slick.woff
200 OK 1.4 kB URL HTTP/2 www.excel.bank/assets/font/slick.woff
IP
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
GET /assets/font/slick.woff HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.excel.bank/assets/css/main.min.css?v=1676575221960
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1700672183.1677037139; _gid=GA1.2.111432390.1677037139; _gat_gtag_UA_160159646_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:58 GMT
content-type: application/font-woff
content-length: 1380
vary: Accept-Encoding
expires: Wed, 22 Feb 2023 00:15:01 GMT
cache-control: public, max-age=0
last-modified: Fri, 17 Feb 2023 16:43:14 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="slick.woff"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 0
x-varnish-ttl: 259200.000
x-varnish: 201057347 199986984
age: 12237
etag: W/"68b7679274615f255c862e55e2a2ba3c"
x-varnish-hitmiss: HIT
x-varnish-count: 7
via: varnish
accept-ranges: bytes
x-b3-traceid: 9af9bb4c4f4fc6ac
x-request-id: 02a224b6-cdbc-4a86-9b51-9bd0e095471f
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Wed, 22 Feb 2023 04:30:11 GMT
Date: Wed, 22 Feb 2023 03:38:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6671ce3ac5f7d6c10a7b2888d21c80a3
28df37c42d5683df1bbe0c97c765d79a0522c4c9
e9025f881d175f1bf218970c07d0c599d96ee01e0757410e3889b1d543d7fd7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F728bbd7e-231a-403a-b5ab-fe1fb2f394d2.jpeg
200 OK 19 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F728bbd7e-231a-403a-b5ab-fe1fb2f394d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c7874cbc7748925eed57e2c1b770c46
b5f10c1f69b0e4b68f0a8ae292c7077ff154c5d6
ea6629c67f3ab3dcec3725e1caee11fb2194fe68f6c7e476c4b8ec3a482f63a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F728bbd7e-231a-403a-b5ab-fe1fb2f394d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 19260
x-amzn-requestid: d41702e1-189c-41de-ac79-3f37291603cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXaOGLiIAMFy4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5390d-511d11f9102f2fd206b88904;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Rt8iDosXE_bTA058FU_6KdCCtGF-oG-kM6IRDadVuHdHZcPcbp4i8A==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:43 GMT
age: 20895
etag: "b5f10c1f69b0e4b68f0a8ae292c7077ff154c5d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f09d29d-3423-477f-beb4-c6def217ef55.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f09d29d-3423-477f-beb4-c6def217ef55.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3da9fd57ce4ea55b289d4f22e6681cb2
caa354438ea36059a88945465c44bbe4c8ffd8c7
817f599e17548b8e789964377632feec4db604ee0e44e9dc8259cc857e792298
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f09d29d-3423-477f-beb4-c6def217ef55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7174
x-amzn-requestid: f2a82beb-cf46-4d18-b9e8-a43d842e01a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtYPmFyMIAMF-PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53a63-7d4336f337425fb751122270;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:40:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yNJ6y-rCcFTASqJcq5y_dHZMXIjIGzutwLgiww9o1GbTx4cWbgJlZw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 22:16:11 GMT
age: 19367
etag: "caa354438ea36059a88945465c44bbe4c8ffd8c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553b0a8d-06cc-4780-9968-7b736bee389a.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553b0a8d-06cc-4780-9968-7b736bee389a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee922cb933c0bc613eeaa2848bbd98cb
4f887e701f08a13865d95e7adda6907b3b27ce61
9f3bde9200e4462408a2d43f521a3b36a7323e05d025a8726cbf11adac16a8a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F553b0a8d-06cc-4780-9968-7b736bee389a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6568
x-amzn-requestid: 9be53abd-7500-4d29-a749-2793cc50cbec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW1cHlnoAMFnNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53822-005cdc347b9d25bd00164dc2;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bGWDlx_fIC5sOBf9gA8-g5ffclCZE-uR7M-CUtTabnK48KB7NsQl_Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:42 GMT
age: 20896
etag: "4f887e701f08a13865d95e7adda6907b3b27ce61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4p_3GsIf-LsYLyJFnNh6FQO9q9kHTViRECnpKSnV1xkkZ_PybwmZeg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:51:45 GMT
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
age: 20833
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbb06cb3-8d47-41fd-9ae0-2255f41945ae.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbb06cb3-8d47-41fd-9ae0-2255f41945ae.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca681b00aa436514987423d22b468eb6
c1b8a3e0db433f5a97109f7990600ac5a5b93928
19c66e4af0264cc18866db864876cbe240b42688f2fecf1fd7443c3ea71acbc3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbb06cb3-8d47-41fd-9ae0-2255f41945ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9976
x-amzn-requestid: b8b727c9-56e4-49a3-a06d-d45f44b51b0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXZlHkLIAMF8lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53909-4633fb2f02e5221e35ca510a;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:35:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JMWmlc8U-1YMxogXGD8J4gUIXd5nxL9l9EtqGHuzsZFRlHpR3uBq1Q==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:51:30 GMT
etag: "c1b8a3e0db433f5a97109f7990600ac5a5b93928"
content-type: image/jpeg
age: 20848
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F421378b1-6504-4c37-a737-20b55252b654.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F421378b1-6504-4c37-a737-20b55252b654.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca5624a4c91df22fa8e8e3f8701c3f13
0c5b1f85e254bbb923eb44fea264e4060308fa0b
1aa3d7f3d56df229beaf57a9221972b87f1515ff153a61a902c45bf46d6fd517
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F421378b1-6504-4c37-a737-20b55252b654.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9241
x-amzn-requestid: 87fc40c7-66ef-4902-a185-22b0263aa0fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW0FEVBoAMF8lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53819-7027f58e66a8ec9e3d7f6adb;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4yPOb6Rr8APIeQqhnvlADLKINtGLuWby2FjHcH_1N0CQKQCV9WUCAg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:51:30 GMT
age: 20848
etag: "0c5b1f85e254bbb923eb44fea264e4060308fa0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.excel.bank/_/api/disclaimer
200 OK 655 B URL HTTP/2 www.excel.bank/_/api/disclaimer
IP
File type JSON data\012- , ASCII text, with very long lines (1448), with no line terminators
Hash e90132220372fa5e682209a56a25e0fd
9856c3304695fa9cab9a3b10793a190749de1a5d
684dda862e875caa58f9b816ff32b49af4dcadca7d2de44a72ed467239015dea
GET /_/api/disclaimer HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1; _ga=GA1.2.1700672183.1677037139; _gid=GA1.2.111432390.1677037139; _gat_gtag_UA_160159646_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:58 GMT
content-type: application/json; charset=utf-8
content-length: 655
vary: Accept-Encoding
expires: Wed, 22 Feb 2023 03:38:59 GMT
cache-control: public, max-age=0
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 3
x-varnish-ttl: 0.000
x-varnish: 214133405
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 5a3805e97b74f40d
x-request-id: c613364a-a903-46af-aa04-25fd710f1f44
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160159646-1&cid=1700672183.1677037139&jid=1981767450&gjid=949883078&_gid=111432390.1677037139&_u=YEBAAUAAAAAAACAAI~&z=819637988
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160159646-1&cid=1700672183.1677037139&jid=1981767450&gjid=949883078&_gid=111432390.1677037139&_u=YEBAAUAAAAAAACAAI~&z=819637988
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160159646-1&cid=1700672183.1677037139&jid=1981767450&gjid=949883078&_gid=111432390.1677037139&_u=YEBAAUAAAAAAACAAI~&z=819637988 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.excel.bank
Connection: keep-alive
Referer: https://www.excel.bank/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.excel.bank
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Feb 2023 03:38:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6671ce3ac5f7d6c10a7b2888d21c80a3
28df37c42d5683df1bbe0c97c765d79a0522c4c9
e9025f881d175f1bf218970c07d0c599d96ee01e0757410e3889b1d543d7fd7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 03:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.excel.bank/assets/files/YXvuUuHw/icon-cards-35px.png
200 OK 0 B URL HTTP/2 www.excel.bank/assets/files/YXvuUuHw/icon-cards-35px.png
IP
GET /assets/files/YXvuUuHw/icon-cards-35px.png HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/png
etag: "972672eed765d558cf5e7a452a412929"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Fri, 10 Feb 2023 17:22:00 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="icon-cards-35px.png"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 9
x-varnish: 215201910
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 31bb93672101d41b
x-request-id: 1f9b856b-28cf-41cc-b558-2d8279d6fb57
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,400i,600,600i,700,700i%7CRoboto+Slab:400,400i,700,700i
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,400i,600,600i,700,700i%7CRoboto+Slab:400,400i,700,700i
IP
GET /css?family=Lato:400,400i,600,600i,700,700i%7CRoboto+Slab:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 22 Feb 2023 03:38:57 GMT
date: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cds-sdkcfg.onlineaccess1.com/common.js
200 OK 0 B URL HTTP/2 cds-sdkcfg.onlineaccess1.com/common.js
IP
GET /common.js HTTP/1.1
Host: cds-sdkcfg.onlineaccess1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: JsbWL0j2=AxXuM3eGAQAA5Qi-ef5mtyb9S-HBXR5BW1R0jDRadVUSzlfejjgVFhW0LDrwAVtaKpqcuDv8wH8AAEB3AAAAAA|1|0|b8c4ce6a3735c9b237944b581795dea53c305155; Path=/; Max-Age=31556952; Domain=onlineaccess1.com
__cf_bm=.BVe6K6EfVrNuVOL9rOZCqDScOIpifH0kklz5v.a89A-1677037137-0-AcMoLz9P/Hbj/yph5JtsbUDXyC3CIW6RGQb6FNuMG2Edcs74q3NMgcPma/2kZUlAc6pXTt9Fm4JeGuzkT2KJ2Ik=; path=/; expires=Wed, 22-Feb-23 04:08:57 GMT; domain=.cds-sdkcfg.onlineaccess1.com; HttpOnly; Secure; SameSite=None
__cfruid=de54824f1481d0679dfebffb94d61413c5db7754-1677037137; path=/; domain=.cds-sdkcfg.onlineaccess1.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 79d4b11c5b51b529-OSL
X-Firefox-Spdy: h2
www.excel.bank/assets/files/gSTajXAI/Subad-DotBank.jpg
200 OK 0 B URL HTTP/2 www.excel.bank/assets/files/gSTajXAI/Subad-DotBank.jpg
IP
GET /assets/files/gSTajXAI/Subad-DotBank.jpg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/jpeg
etag: "97a3285801be060381de8db362abb762"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Tue, 25 Jan 2022 00:00:30 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="Subad-DotBank.jpg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 6
x-varnish: 202488619
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 599445f9c3f1db76
x-request-id: 15ad5dc1-1d5c-47dd-ba72-127a7aeffc07
X-Firefox-Spdy: h2
www.excel.bank/assets/files/mRMppl7M/Hero-Mobile.jpg
200 OK 0 B URL HTTP/2 www.excel.bank/assets/files/mRMppl7M/Hero-Mobile.jpg
IP
GET /assets/files/mRMppl7M/Hero-Mobile.jpg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/jpeg
etag: "210c0e55f3d6134d74de0c59736b7e67"
expires: Wed, 22 Feb 2023 03:38:57 GMT
cache-control: private
last-modified: Tue, 25 Jan 2022 00:00:29 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="Hero-Mobile.jpg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 17
x-varnish: 216143295
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 1a05f7f54cb8ceff
x-request-id: 16d8247b-abe2-45f8-8142-f30401be1c79
X-Firefox-Spdy: h2
www.excel.bank/assets/files/tEkXfVfn/icon-loan-35px.png
200 OK 0 B URL HTTP/2 www.excel.bank/assets/files/tEkXfVfn/icon-loan-35px.png
IP
GET /assets/files/tEkXfVfn/icon-loan-35px.png HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/png
etag: "0ee970d2e424da2013bc81c0e82f6272"
expires: Wed, 22 Feb 2023 03:38:58 GMT
cache-control: private
last-modified: Fri, 10 Feb 2023 17:21:44 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="icon-loan-35px.png"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 6
x-varnish: 214196698
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 734f3e36e413cb77
x-request-id: ec2f77e2-31e6-4855-a2bf-f4e10182a901
X-Firefox-Spdy: h2
www.excel.bank/assets/files/vUIWoCbN/Wide-Cash-Management.jpg
200 OK 0 B URL HTTP/2 www.excel.bank/assets/files/vUIWoCbN/Wide-Cash-Management.jpg
IP
GET /assets/files/vUIWoCbN/Wide-Cash-Management.jpg HTTP/1.1
Host: www.excel.bank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.excel.bank/
Cookie: PLAY_SESSION=61c522b509deb39b11b286c8afcb935f26615d4a-v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 03:38:57 GMT
content-type: image/jpeg
etag: "63c82fe02c4d2ee175da6949ea9ca6f6"
expires: Wed, 22 Feb 2023 03:38:58 GMT
cache-control: private
last-modified: Tue, 25 Jan 2022 00:00:29 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-disposition: filename="Wide-Cash-Management.jpg"
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
x-envoy-upstream-service-time: 6
x-varnish: 214838003
age: 0
x-varnish-hitmiss: MISS
x-varnish-count: 0
via: varnish
accept-ranges: bytes
x-b3-traceid: 4764e87ca55886e2
x-request-id: c48107cc-4e69-40c9-b768-da139b5b1555
X-Firefox-Spdy: h2
74.200.39.24
23.36.76.226
93.184.220.29