news.it.inviptus.com/track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac
62.97.140.33200 OK 936 B URL HTTP/1.1 news.it.inviptus.com/track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac
IP 62.97.140.33:0
ASN #9165 Prosodie Iberica Sl
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (727)
Hash 742aae2147af6b88b597db5b12cc7c0a
be1ef051fc395810b5cc53606b3ac8884902b149
4b7ce7eaec201d8a22fb88835356c9e062d1a0580390488830aff0a8beee2643
GET /track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac HTTP/1.1
Host: news.it.inviptus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Wed, 25 Jan 2023 13:26:01 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
set-cookie: srvmid=mdapi-03; path=/; HttpOnly; Secure
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6789
Expires: Wed, 25 Jan 2023 15:19:11 GMT
Date: Wed, 25 Jan 2023 13:26:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6138
Expires: Wed, 25 Jan 2023 15:08:20 GMT
Date: Wed, 25 Jan 2023 13:26:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 12:42:49 GMT
content-type: application/json
age: 2593
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16045
Expires: Wed, 25 Jan 2023 17:53:27 GMT
Date: Wed, 25 Jan 2023 13:26:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5AN3a9dQ5UxVzk/IDLlpkFDr5y82wiRAQVWFQGfbekuruXMFt+NQyr2TrXWe7u141DNVJLBDX1A=
x-amz-request-id: 8YZYN8VZF78D8NAK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 12:48:34 GMT
age: 2248
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cc2b9a26cf016c0cf9e73531f6004051
408990c14ea8af4c979a277da755c89771672356
36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.132200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 4fcc8cffc198bb1436d5e909506b0b2a
a6269c7bf1d3614a78b9ba99cfec2b29e0b6ab7e
33b2950d981dcb3af46004be957506985ea0c185b5436fc6435efcdea7699d89
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news.it.inviptus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 25 Jan 2023 13:26:02 GMT
date: Wed, 25 Jan 2023 13:26:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news.it.inviptus.com
Connection: keep-alive
Referer: http://news.it.inviptus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 15:41:18 GMT
expires: Wed, 24 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
age: 78284
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 12:48:59 GMT
age: 2223
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19755
Expires: Wed, 25 Jan 2023 18:55:17 GMT
Date: Wed, 25 Jan 2023 13:26:02 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 00:51:41 GMT
expires: Tue, 23 Jan 2024 00:51:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 218061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 12:31:58 GMT
expires: Sun, 21 Jan 2024 12:31:58 GMT
cache-control: public, max-age=31536000
age: 348844
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.201.184.132101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.201.184.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /xJBc18HpY3SjHa5XdZLXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gM9XpdfiaeeB7dahJVndQlkUWAk=
news.it.inviptus.com/track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac
62.97.140.33302 Moved Temporarily 0 B URL HTTP/1.1 news.it.inviptus.com/track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac
IP 62.97.140.33:0
ASN #9165 Prosodie Iberica Sl
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac HTTP/1.1
Host: news.it.inviptus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 547
Origin: http://news.it.inviptus.com
Connection: keep-alive
Referer: http://news.it.inviptus.com/track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
date: Wed, 25 Jan 2023 13:26:03 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
location: http://ib.adnxs.com/seg?add=8434927&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fnews.it.inviptus.com%252Ftrack%252Frtb-link%252Fkey%252F4405-28763-322639-26-42779-7842460%252Fsignature%252F8f6e474d973d4a577efb770d8baec6ab%252Frtbuid%252F%2524UID%252F%253Furl%253Dhttps%25253A%25252F%25252Ftrack.fintips365.com%25252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
x-frame-options: SAMEORIGIN
set-cookie: md_tracking_4405=ggMVKFRM61BpSyA0B3tNr8ELMaRtjbNxG78ii6zCsQGChvJ_y9lFiJQ_fFacYT6OqwaqU5lAcNtMea2SHJ71IgCCo-5h6W4HHVQeLZEBsPVOM6yXCd1ZJQg_O4DQQMvmLioGkr3rYlXW3DfnZcMZrg; path=/
srvmid=mdapi-02; path=/; HttpOnly; Secure
ib.adnxs.com/seg?add=8434927&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fnews.it.inviptus.com%252Ftrack%252Frtb-link%252Fkey%252F4405-28763-322639-26-42779-7842460%252Fsignature%252F8f6e474d973d4a577efb770d8baec6ab%252Frtbuid%252F%2524UID%252F%253Furl%253Dhttps%25253A%25252F%25252Ftrack.fintips365.com%25252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
185.89.211.132307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/seg?add=8434927&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fnews.it.inviptus.com%252Ftrack%252Frtb-link%252Fkey%252F4405-28763-322639-26-42779-7842460%252Fsignature%252F8f6e474d973d4a577efb770d8baec6ab%252Frtbuid%252F%2524UID%252F%253Furl%253Dhttps%25253A%25252F%25252Ftrack.fintips365.com%25252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
IP 185.89.211.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=8434927&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fnews.it.inviptus.com%252Ftrack%252Frtb-link%252Fkey%252F4405-28763-322639-26-42779-7842460%252Fsignature%252F8f6e474d973d4a577efb770d8baec6ab%252Frtbuid%252F%2524UID%252F%253Furl%253Dhttps%25253A%25252F%25252Ftrack.fintips365.com%25252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://news.it.inviptus.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 25 Jan 2023 13:26:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D8434927%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%25253A%25252F%25252Fnews.it.inviptus.com%25252Ftrack%25252Frtb-link%25252Fkey%25252F4405-28763-322639-26-42779-7842460%25252Fsignature%25252F8f6e474d973d4a577efb770d8baec6ab%25252Frtbuid%25252F%252524UID%25252F%25253Furl%25253Dhttps%2525253A%2525252F%2525252Ftrack.fintips365.com%2525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
AN-X-Request-Uuid: a55c64c8-c135-46fe-91bf-4018957c19f8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D8434927%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%25253A%25252F%25252Fnews.it.inviptus.com%25252Ftrack%25252Frtb-link%25252Fkey%25252F4405-28763-322639-26-42779-7842460%25252Fsignature%25252F8f6e474d973d4a577efb770d8baec6ab%25252Frtbuid%25252F%252524UID%25252F%25253Furl%25253Dhttps%2525253A%2525252F%2525252Ftrack.fintips365.com%2525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D8434927%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%25253A%25252F%25252Fnews.it.inviptus.com%25252Ftrack%25252Frtb-link%25252Fkey%25252F4405-28763-322639-26-42779-7842460%25252Fsignature%25252F8f6e474d973d4a577efb770d8baec6ab%25252Frtbuid%25252F%252524UID%25252F%25253Furl%25253Dhttps%2525253A%2525252F%2525252Ftrack.fintips365.com%2525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sbounce?%2Fseg%3Fadd%3D8434927%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%25253A%25252F%25252Fnews.it.inviptus.com%25252Ftrack%25252Frtb-link%25252Fkey%25252F4405-28763-322639-26-42779-7842460%25252Fsignature%25252F8f6e474d973d4a577efb770d8baec6ab%25252Frtbuid%25252F%252524UID%25252F%25253Furl%25253Dhttps%2525253A%2525252F%2525252Ftrack.fintips365.com%2525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news.it.inviptus.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 25 Jan 2023 13:26:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D8434927%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fgetuid%25253Fhttps%2525253A%2525252F%2525252Fnews.it.inviptus.com%2525252Ftrack%2525252Frtb-link%2525252Fkey%2525252F4405-28763-322639-26-42779-7842460%2525252Fsignature%2525252F8f6e474d973d4a577efb770d8baec6ab%2525252Frtbuid%2525252F%25252524UID%2525252F%2525253Furl%2525253Dhttps%252525253A%252525252F%252525252Ftrack.fintips365.com%252525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
AN-X-Request-Uuid: a0b2b3db-0bd2-4071-bb7f-691717e2e02d
Set-Cookie: uuid2=6590701194657600540; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 25-Apr-2023 13:26:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D8434927%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fgetuid%25253Fhttps%2525253A%2525252F%2525252Fnews.it.inviptus.com%2525252Ftrack%2525252Frtb-link%2525252Fkey%2525252F4405-28763-322639-26-42779-7842460%2525252Fsignature%2525252F8f6e474d973d4a577efb770d8baec6ab%2525252Frtbuid%2525252F%25252524UID%2525252F%2525253Furl%2525253Dhttps%252525253A%252525252F%252525252Ftrack.fintips365.com%252525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D8434927%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fgetuid%25253Fhttps%2525253A%2525252F%2525252Fnews.it.inviptus.com%2525252Ftrack%2525252Frtb-link%2525252Fkey%2525252F4405-28763-322639-26-42779-7842460%2525252Fsignature%2525252F8f6e474d973d4a577efb770d8baec6ab%2525252Frtbuid%2525252F%25252524UID%2525252F%2525253Furl%2525253Dhttps%252525253A%252525252F%252525252Ftrack.fintips365.com%252525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D8434927%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fgetuid%25253Fhttps%2525253A%2525252F%2525252Fnews.it.inviptus.com%2525252Ftrack%2525252Frtb-link%2525252Fkey%2525252F4405-28763-322639-26-42779-7842460%2525252Fsignature%2525252F8f6e474d973d4a577efb770d8baec6ab%2525252Frtbuid%2525252F%25252524UID%2525252F%2525253Furl%2525253Dhttps%252525253A%252525252F%252525252Ftrack.fintips365.com%252525252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news.it.inviptus.com/
Connection: keep-alive
Cookie: uuid2=6590701194657600540
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 25 Jan 2023 13:26:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/getuid?https%3A%2F%2Fnews.it.inviptus.com%2Ftrack%2Frtb-link%2Fkey%2F4405-28763-322639-26-42779-7842460%2Fsignature%2F8f6e474d973d4a577efb770d8baec6ab%2Frtbuid%2F%24UID%2F%3Furl%3Dhttps%253A%252F%252Ftrack.fintips365.com%252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
AN-X-Request-Uuid: b250e2c0-e0aa-4f2c-955b-3bcf1b59dac4
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>>LksbZ!@wnf-Te9(>wL5L!!'GZ$b=ZF; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 25-Apr-2023 13:26:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6590701194657600540; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 25-Apr-2023 13:26:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?https%3A%2F%2Fnews.it.inviptus.com%2Ftrack%2Frtb-link%2Fkey%2F4405-28763-322639-26-42779-7842460%2Fsignature%2F8f6e474d973d4a577efb770d8baec6ab%2Frtbuid%2F%24UID%2F%3Furl%3Dhttps%253A%252F%252Ftrack.fintips365.com%252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fnews.it.inviptus.com%2Ftrack%2Frtb-link%2Fkey%2F4405-28763-322639-26-42779-7842460%2Fsignature%2F8f6e474d973d4a577efb770d8baec6ab%2Frtbuid%2F%24UID%2F%3Furl%3Dhttps%253A%252F%252Ftrack.fintips365.com%252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fnews.it.inviptus.com%2Ftrack%2Frtb-link%2Fkey%2F4405-28763-322639-26-42779-7842460%2Fsignature%2F8f6e474d973d4a577efb770d8baec6ab%2Frtbuid%2F%24UID%2F%3Furl%3Dhttps%253A%252F%252Ftrack.fintips365.com%252Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news.it.inviptus.com/
Connection: keep-alive
Cookie: uuid2=6590701194657600540; anj=dTM7k!M4/8CxrEQF']wIg2E>>LksbZ!@wnf-Te9(>wL5L!!'GZ$b=ZF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 25 Jan 2023 13:26:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://news.it.inviptus.com/track/rtb-link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/rtbuid/6590701194657600540/?url=https%3A%2F%2Ftrack.fintips365.com%2Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
AN-X-Request-Uuid: ad995802-ac48-4c22-a067-627a0211137e
Set-Cookie: uuid2=6590701194657600540; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 25-Apr-2023 13:26:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
news.it.inviptus.com/favicon.ico
62.97.140.33200 OK 471 B URL HTTP/1.1 news.it.inviptus.com/favicon.ico
IP 62.97.140.33:0
ASN #9165 Prosodie Iberica Sl
Hash 56914a94c9922e371eec94195fcfcd48
f882107e3669a0d73a727d3026c7b893a31b00c7
15520a2442a6bb0e092f4e19ea53946799a05d65b6ae48e2a59175d78525a5b0
GET /favicon.ico HTTP/1.1
Host: news.it.inviptus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news.it.inviptus.com/track/link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/contactInfo/Y29uSWQ9NDI3Nzl+fmVtYWlsPW1pcmtvbWFydG9yZWxsaUB5YWhvby5pdH5+ZW1wSWQ9NDQwNX5+bW92aWw9KzM5MzM4MTUwNTg3NX5+c3ViSWQ9Mjg3NjN+fmVudklkPTEzODA4fn5saXN0SWQ9MjZ+fnNuYXBJZD03ODQyNDYwfn5tZFBhcnRzPTF+fm1kRENTdWJqZWN0PX5+bWRFbWFpbE1ENT01MzEwMDM4NTgyODk3MTI2ZjdjNGZkZjk0ZTc0MjJhY35+bWRFbWFpbFNIQTI1Nj04N2RmNGFkNzU1ZDQ2MzcyODcxOGQxYmUzZDE2ZDQ0ODAyNTI3YmU2ZmY5ZjM0OGI2MWNhMmI4MTViYWU2MGI1fn5yZWdpc3RlckRhdGU9MjAxNC0wMS0xMCAxNTowODoyOX5+bWREZWxpdmVyeURhdGU9MjAyMy0wMS0yNSAxMzowMDowMH5+Y29uX21kNT03ODQ3Y2Q3YTkwMGIyZmI1ZDZjMTFjMWRlMGY0MjBhOQ==/userid/5310038582897126f7c4fdf94e7422ac
HTTP/1.1 200 OK
date: Wed, 25 Jan 2023 13:26:02 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Mon, 23 Jan 2023 08:29:46 GMT
etag: "63ce457a-3c2e"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
set-cookie: srvmid=mdapi-03; path=/; HttpOnly; Secure
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7674
Expires: Wed, 25 Jan 2023 15:33:58 GMT
Date: Wed, 25 Jan 2023 13:26:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7674
Expires: Wed, 25 Jan 2023 15:33:58 GMT
Date: Wed, 25 Jan 2023 13:26:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7674
Expires: Wed, 25 Jan 2023 15:33:58 GMT
Date: Wed, 25 Jan 2023 13:26:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 29489
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: a5a39d22-de0e-4b2e-b3e2-aad1d0090881
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtiHo7oAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-0cd78ff23e91baf668276053;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s8JWGyQ0pTWcaGk0n2PQOpAhjKLuNlbI4wCZAidzoBR5RQreO2rh9g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:15:35 GMT
age: 29429
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13891ffe8a0cc240be63b7945e4b7688
958b50e9e7e5e02882d55612a5d6d2402e225390
1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:10:29 GMT
age: 36935
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:57:09 GMT
age: 19735
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69bdfbe73749ef39d9b9662b547ba853
ee2c14f82ea1e653b993fda0839a32943c5d9f86
21fa51ce61c1dfdc30c28371940f5dfc83127a691e34299ebab70c4bf0d19231
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8806
x-amzn-requestid: 5c8a6463-049f-46c6-8595-3230efee793c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-nQkHAPIAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8ec03-332914233e5138ce025afa75;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:06:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uw4NZEIk19HZdoUWc1pSpw36gfopSWCC98z11IWLMiXuffloJH-LNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 13:56:29 GMT
age: 84575
etag: "ee2c14f82ea1e653b993fda0839a32943c5d9f86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:59:15 GMT
age: 55609
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.fintips365.com/df998f4d-88f7-490e-83e1-ef0764b7b8f1
18.193.209.105302 Found 0 B URL HTTP/2 track.fintips365.com/df998f4d-88f7-490e-83e1-ef0764b7b8f1
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /df998f4d-88f7-490e-83e1-ef0764b7b8f1 HTTP/1.1
Host: track.fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news.it.inviptus.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 25 Jan 2023 13:26:04 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
pragma: no-cache
set-cookie: df998f4d-88f7-490e-83e1-ef0764b7b8f1-v4=lF4IJ_PagFmNVBQKC_81SbJ9TxvJkuqUwHICkny3qa8; Max-Age=86400; Expires=Thu, 26-Jan-2023 13:26:04 GMT; Domain=track.fintips365.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=wOQpVi%2B3l7UnZEqKjIqBVKkbU4NMnUZlXI5kJsWUcRYbxhX5MUm5Mx4vRhkaON7Tqlvz%2FM7D1prK8xUiPDF5hE%2Bry7piqqhVbqdgMt95a3M2PH4BWlYnCZrd%2BVtnVh4fYAKzNIWlw0rNjRPRX4ZDzg%3D%3D; Max-Age=31536000; Expires=Thu, 25-Jan-2024 13:26:04 GMT; Domain=track.fintips365.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
news.it.inviptus.com/track/rtb-link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/rtbuid/6590701194657600540/?url=https%3A%2F%2Ftrack.fintips365.com%2Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
62.97.140.33302 Found 0 B URL HTTP/2 news.it.inviptus.com/track/rtb-link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/rtbuid/6590701194657600540/?url=https%3A%2F%2Ftrack.fintips365.com%2Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1
IP 62.97.140.33:0
ASN #9165 Prosodie Iberica Sl
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/rtb-link/key/4405-28763-322639-26-42779-7842460/signature/8f6e474d973d4a577efb770d8baec6ab/rtbuid/6590701194657600540/?url=https%3A%2F%2Ftrack.fintips365.com%2Fdf998f4d-88f7-490e-83e1-ef0764b7b8f1 HTTP/1.1
Host: news.it.inviptus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news.it.inviptus.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 25 Jan 2023 13:26:04 GMT
content-type: text/html; charset=UTF-8
location: https://track.fintips365.com/df998f4d-88f7-490e-83e1-ef0764b7b8f1
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
set-cookie: srvmid=mdapi-01; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css?ver=6.1.1
104.17.25.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css?ver=6.1.1
IP 104.17.25.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css?ver=6.1.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2880215
expires: Mon, 15 Jan 2024 13:26:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGY7cKm9vhEHun5Yxcbqj4WSpqxWma9qSDSRVWYW9wLDch2%2BsfBO6mqQw2mdROYP7k%2BUwhaYK%2BEDLytUUXe2X6lcpXkAjwD0GGl2pn0%2FqUzdo58Py1%2BL4auaGHsHjaPapFu1oSD7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78f156aa5c64b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js
104.17.25.14200 OK 7.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js
IP 104.17.25.14:0
File type Unicode text, UTF-8 text, with very long lines (24304)
Hash 4dff16256caf65b9530a221f15ed1661
e253fdfafb73d51e9d8c1632a521bf562c3d0975
1e51fbddb76b932b540fcd5e6ec3bfdf3196f0bb5e1f441a05d7d62208606e73
GET /ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 6970
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed13e63-5f7b"
last-modified: Fri, 29 May 2020 16:54:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4222891
expires: Mon, 15 Jan 2024 13:26:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lwva3yNdotAMcKw2uEhsu73A6A7pZf52ZfiQzGgR%2BVilW1I%2FnaymHZ81%2F1kY9wZQpXoEwjHYi%2FXvE4UJE8DBaCV%2FbP%2BuyJVzVa0poIwdyxpGYKkGKO4Jaq9iAftNF8mIae5NPfI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78f156aa6c77b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e445db9a7cc4272ed816edc3d933da11
1408e27c9e95752d603abe5c3d8d2b7aa497d5aa
813382d8e3fba590cd0637fe284203136fb41436e3ab85bc18b480d66c8a7be2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5507
Cache-Control: max-age=140090
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:05 GMT
Etag: "63d098a4-118"
Expires: Fri, 27 Jan 2023 04:20:55 GMT
Last-Modified: Wed, 25 Jan 2023 02:49:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e445db9a7cc4272ed816edc3d933da11
1408e27c9e95752d603abe5c3d8d2b7aa497d5aa
813382d8e3fba590cd0637fe284203136fb41436e3ab85bc18b480d66c8a7be2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5507
Cache-Control: max-age=140090
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:05 GMT
Etag: "63d098a4-118"
Expires: Fri, 27 Jan 2023 04:20:55 GMT
Last-Modified: Wed, 25 Jan 2023 02:49:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.4 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 7aa6a30d55934d8e4e10a7d33a4cbec9
f1429f9f8e1672106b54678e4ce5a46f506c8b25
af673892925971902b7ccd70e6f9dbfea610d3f90ea3440cd82b7daf6bac4f65
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/12/2022 14:32:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: d59b1bc690982b057c0e17bb58696d82
cdn-cache: HIT
cf-cache-status: HIT
age: 1104481
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78f156aadc1f0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/2022/07/1200-%C3%97-628-min-min.jpeg
65.109.33.97200 OK 34 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/1200-%C3%97-628-min-min.jpeg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x419, components 3\012- data
Hash 17559dea7063071da24847cf7438dc12
ee54710e6841f58575cc8ee60d118fe3f3e12582
bc6d553bba3f13712a1dc8afc532c0234cbcf7409e078b9f706b12b20a45da04
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/uploads/2022/07/1200-%C3%97-628-min-min.jpeg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/jpeg
content-length: 34360
last-modified: Fri, 22 Jul 2022 08:53:48 GMT
etag: "62da659c-8638"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fintips365.com/wp-content/uploads/2022/07/6-2.png
65.109.33.97200 OK 20 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/6-2.png
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced\012- data
Hash 79eecbc212bf476ab63922a35b4c932d
dbc8de317e0dee7ab0af1ab7d6d2e0cfd3e68576
be07b5be34423cab90aa4a658b5201aa451aefb9663f3def6688d1fa20dcc99a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/07/6-2.png HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/png
content-length: 19753
last-modified: Thu, 21 Jul 2022 14:24:15 GMT
etag: "62d9618f-4d29"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/2022/07/7-2.png
65.109.33.97200 OK 18 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/7-2.png
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced\012- data
Hash 906057c4d542c7af82d1d5f7b834d2d9
261ae0b2b82449e1880e8b3e53a64a668a38cf89
5dd201593448a64e87f22b1974962580e158b26efeac100e22dc6bff666306f9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/07/7-2.png HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/png
content-length: 18488
last-modified: Thu, 21 Jul 2022 14:24:26 GMT
etag: "62d9619a-4838"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/2022/07/8-2.png
65.109.33.97200 OK 34 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/8-2.png
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced\012- data
Hash d9a2e35a661562730973e7592d03e994
e444158449cc1556411dc2fa3de8de258221331d
5c129ad1c2cb0ce3802d8005f8772cb0c5179687c3924bde1754ce72018a10c6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/07/8-2.png HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/png
content-length: 34002
last-modified: Thu, 21 Jul 2022 14:24:38 GMT
etag: "62d961a6-84d2"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/2022/07/9.png
65.109.33.97200 OK 17 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/9.png
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bd021ca50bec617ac18e3ef0e759871
7a4391917230c5a7c031dc65fbd85f52d64e9464
2adace30480eb1cb3cdb47c7a28af1eb51efa4615c523a56c0923ef7d756bffb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/07/9.png HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/png
content-length: 16659
last-modified: Thu, 21 Jul 2022 14:24:52 GMT
etag: "62d961b4-4113"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KQZPJP2
142.250.74.40200 OK 61 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KQZPJP2
IP 142.250.74.40:0
File type ASCII text, with very long lines (19694)
Hash 6c05d85ac4f7b5e93b154cde5bc50f13
85ac4f49ec20b7404d4841a052a90d1e5ab236e5
6ae32a1bfb44c0d0e8e14108d96e3a9f1f2b558e69b818a5832aa440db0110e5
GET /gtm.js?id=GTM-KQZPJP2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 13:26:05 GMT
expires: Wed, 25 Jan 2023 13:26:05 GMT
cache-control: private, max-age=900
last-modified: Wed, 25 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 61025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 16:50:06 GMT
expires: Sat, 20 Jan 2024 16:50:06 GMT
cache-control: public, max-age=31536000
age: 419760
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Open+Sans:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Poppins:100,200,300,400,500,600,700,800,900|Nunito:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900|Lato:100,200,300,400,500,600,700,800,900
142.250.74.74200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Open+Sans:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Poppins:100,200,300,400,500,600,700,800,900|Nunito:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900|Lato:100,200,300,400,500,600,700,800,900
IP 142.250.74.74:0
Hash 7e735df7df7fa056d6c320ef03b83a5a
e5bbdd4004c8c9e40bc0c901df3a79ea6eff8234
3c2f080390c02a43637471de2faa80cb0862e60bf6985b7f458230b3b6aa6933
GET /css?display=swap&family=Open+Sans:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|Poppins:100,200,300,400,500,600,700,800,900|Nunito:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900|Lato:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 25 Jan 2023 13:26:05 GMT
date: Wed, 25 Jan 2023 13:26:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/2022/07/beautiful-cryptocurrwncy-concept-1-min-2.jpeg
65.109.33.97200 OK 34 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/beautiful-cryptocurrwncy-concept-1-min-2.jpeg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 1000x688, components 3\012- data
Hash b189fd77d5306224c751e7889c36ddc1
0787c4a83fa98562cbcc5356c2b982ffa89f1c0b
bb0f05338ea393e09b6e46cf8ed1f619a95b3aa5477dd409953088b9dedd9c32
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/uploads/2022/07/beautiful-cryptocurrwncy-concept-1-min-2.jpeg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/wp-content/uploads/oxygen/css/6630.css?cache=1659081374&ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: image/jpeg
content-length: 34473
last-modified: Fri, 22 Jul 2022 10:23:51 GMT
etag: "62da7ab7-86a9"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fintips365.com/wp-content/uploads/2022/07/1200-%C3%97-628-1-1-1.png
65.109.33.97200 OK 28 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/1200-%C3%97-628-1-1-1.png
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 484 x 324, 8-bit colormap, non-interlaced\012- data
Hash bbed5571f90d1af1bef4a23dd1a29e2d
280b733929a5d6e4f928884d3db586e74c07d2ba
b04d156ac3d165d4da10eeaf81336c665119d3a8c54f3043018295206f4e9276
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/07/1200-%C3%97-628-1-1-1.png HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/png
content-length: 27922
last-modified: Fri, 22 Jul 2022 10:26:24 GMT
etag: "62da7b50-6d12"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fintips365.com/wp-content/uploads/2022/07/skyscraper-view-city-leader-window-frame-1.jpeg
65.109.33.97200 OK 72 kB URL HTTP/2 fintips365.com/wp-content/uploads/2022/07/skyscraper-view-city-leader-window-frame-1.jpeg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, description=Businessman standing with arms crossed in office, orientation=upper-left, xresolution=135, yresolution=143, resolutionunit=2], baseline, precision 8, 1500x785, components 3\012- data
Hash 49db0ad536346e8741e7622590d97775
bfdeea33298f740d9bf0f0359f5df458004b9af4
f0e1473a256bc033dfcbc106ee00675b7bdb7104526029a807cb484097e8b2bf
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/uploads/2022/07/skyscraper-view-city-leader-window-frame-1.jpeg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/wp-content/uploads/oxygen/css/6630.css?cache=1659081374&ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: image/jpeg
content-length: 72255
last-modified: Fri, 22 Jul 2022 10:25:17 GMT
etag: "62da7b0d-11a3f"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 05:42:51 GMT
expires: Fri, 19 Jan 2024 05:42:51 GMT
cache-control: public, max-age=31536000
age: 546195
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 14:43:52 GMT
expires: Wed, 24 Jan 2024 14:43:52 GMT
cache-control: public, max-age=31536000
age: 81734
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 12:46:52 GMT
expires: Wed, 24 Jan 2024 12:46:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 88754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 08:32:10 GMT
expires: Thu, 25 Jan 2024 08:32:10 GMT
cache-control: public, max-age=31536000
age: 17636
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.1.1
65.109.33.97200 OK 19 kB URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30837)
Hash fae33911012463bc3fb87d4270a943da
41d59d520e01d786953164bce140103b53e616db
1c98188dfdf33d1c9f303ad9e298713a6baae46f1a043fb53fd989336b91761d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-7918"
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1ed65ceb4a1818c5ab4228be3fbd573a
0e142172eb6f4e3a0be78d2b32e6a086d6457a0d
6e1f77118dc0acb6295bddc90522d0f147b21650502b38ff78677ed204412476
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4874
Cache-Control: max-age=142672
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Etag: "63d0a534-118"
Expires: Fri, 27 Jan 2023 05:03:58 GMT
Last-Modified: Wed, 25 Jan 2023 03:42:44 GMT
Server: ECS (amb/6B8B)
X-Cache: HIT
Content-Length: 280
track.fintips365.com/hp
18.193.209.105200 OK 382 B IP 18.193.209.105:0
File type ASCII text, with very long lines (381)
Hash 10263a40a9d604e06e31e20f0b213918
524c7e3d46f4c3b19319ff3315ba6adfafd5eb3b
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /hp HTTP/1.1
Host: track.fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Cookie: df998f4d-88f7-490e-83e1-ef0764b7b8f1-v4=lF4IJ_PagFmNVBQKC_81SbJ9TxvJkuqUwHICkny3qa8; cc-v4=wOQpVi%2B3l7UnZEqKjIqBVKkbU4NMnUZlXI5kJsWUcRYbxhX5MUm5Mx4vRhkaON7Tqlvz%2FM7D1prK8xUiPDF5hE%2Bry7piqqhVbqdgMt95a3M2PH4BWlYnCZrd%2BVtnVh4fYAKzNIWlw0rNjRPRX4ZDzg%3D%3D; _gcl_au=1.1.2104540196.1674653164
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-length: 382
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2
65.109.33.97200 OK 95 kB URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 94904, version 1.0\012- data
Hash abf24b75614c2aa2345aeb23a6d9dbef
4cf557568415ed0ca0bf3ca90202c978736cee7b
5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=6.1.1
Cookie: _gcl_au=1.1.2104540196.1674653164; clickid=wtvf0kjikvp4od5mi60lca5o
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: font/woff2
content-length: 94904
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: "6364ee9f-172b8"
accept-ranges: bytes
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2
65.109.33.97200 OK 80 kB URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 80428, version 1.0\012- data
Hash 350f79f75959112c709596dfb4193a00
bbb3f4013a3c84af9907c63efb1495dc36b3f1d1
47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=6.1.1
Cookie: _gcl_au=1.1.2104540196.1674653164; clickid=wtvf0kjikvp4od5mi60lca5o
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: font/woff2
content-length: 80428
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: "6364ee9f-13a2c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1ed65ceb4a1818c5ab4228be3fbd573a
0e142172eb6f4e3a0be78d2b32e6a086d6457a0d
6e1f77118dc0acb6295bddc90522d0f147b21650502b38ff78677ed204412476
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3308
Cache-Control: max-age=141106
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Etag: "63d0a534-118"
Expires: Fri, 27 Jan 2023 04:37:52 GMT
Last-Modified: Wed, 25 Jan 2023 03:42:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
fintips365.com/wp-content/uploads/2021/05/cropped-1618405186283-192x192.jpg
65.109.33.97200 OK 3.2 kB URL HTTP/2 fintips365.com/wp-content/uploads/2021/05/cropped-1618405186283-192x192.jpg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 1998fadc33ba97d01e8d12354a056ede
2a2cb20b8fcb9a649bd0abeb7d787a8ebbac3ab9
698d1783325be0fa5748ceaf7079e89927be7c8088c8be50ac3b2e003b5913d4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/05/cropped-1618405186283-192x192.jpg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Cookie: _gcl_au=1.1.2104540196.1674653164; clickid=wtvf0kjikvp4od5mi60lca5o; _ga_HTSZ9B2HYP=GS1.1.1674653164.1.0.1674653164.0.0.0; _ga=GA1.1.1120467198.1674653164
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: image/jpeg
content-length: 3216
last-modified: Tue, 18 May 2021 14:31:06 GMT
etag: "60a3cfaa-c90"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/2021/05/cropped-1618405186283-32x32.jpg
65.109.33.97200 OK 924 B URL HTTP/2 fintips365.com/wp-content/uploads/2021/05/cropped-1618405186283-32x32.jpg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 7d88b2608e8687e7c555c0659d8a06ad
deb41470ea6d65d7353c609d0b7557f338ce74b3
36301efb8f0eab784459f6a574a963cd0d11990202f525942a7b0174094db865
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/05/cropped-1618405186283-32x32.jpg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Cookie: _gcl_au=1.1.2104540196.1674653164; clickid=wtvf0kjikvp4od5mi60lca5o; _ga_HTSZ9B2HYP=GS1.1.1674653164.1.0.1674653164.0.0.0; _ga=GA1.1.1120467198.1674653164
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: image/jpeg
content-length: 924
last-modified: Tue, 18 May 2021 14:31:06 GMT
etag: "60a3cfaa-39c"
vary: Accept-Encoding, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
popupmaker.com/assets/lib/SGPMPopup.min.js
104.26.15.183200 OK 51 kB URL HTTP/2 popupmaker.com/assets/lib/SGPMPopup.min.js
IP 104.26.15.183:0
File type Unicode text, UTF-8 text, with very long lines (65502), with no line terminators
Hash 359be98b9fa6933718859a762348750b
03beecd4d6defec15a4acef54b765aa6a768ba33
89dc915defb0a2305de6e14d7e8ccfdb2826217d61036e90ecae111fceabc8ea
GET /assets/lib/SGPMPopup.min.js HTTP/1.1
Host: popupmaker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: application/javascript
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 26 Jul 2022 13:27:01 GMT
etag: W/"2ac75-5e4b5416c2fa3-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=2678400, private
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9Jg10%2FW%2B0o2zyLEVK%2Fj4a%2Bbmjc4XDim2EknKfWzYR%2B9D3AVO%2FK4YGW8AiRH9gQC7DC%2B2oAR47eWp84DzIFHhEX970zg06%2BxXCUeLdnPMkRT9ZHSfrKE4pFx5lSQft5i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f156b09b0cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fintips365.com/wp-json/contact-form-7/v1/contact-forms/455/feedback/schema
65.109.33.97200 OK 20 kB URL HTTP/2 fintips365.com/wp-json/contact-form-7/v1/contact-forms/455/feedback/schema
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (833), with no line terminators
Hash ee5f7850b2ff98bb5763be2fdbfc7f24
9129b6cb16abb42dd5d9aa961272aff03704c5c5
4e80eec33de182aee41c47891d98945235d93dd8866afd5416f56c0bc1ab9219
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-json/contact-form-7/v1/contact-forms/455/feedback/schema HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.4.30
x-robots-tag: noindex
link: <https://fintips365.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Origin
content-encoding: br
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1162762/tfa.js
151.101.193.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1162762/tfa.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (59655)
Hash aeb7f203ee50a66dd5cdcd538e40e6af
a269e935eeed22a3a50f8ff8323e71e08637ad66
d96417e48cc8c2b4e2385f8c1acef43c02dadb5355d400899235277b3e45be7f
GET /libtrc/unip/1162762/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EISaROqXAQfe9Hulf3P7xZ6Uu5bCcnlaTdEqETQoUPi+ZS0NkJr37lpYz3CgNQWvo1ibkR0UL7Q=
x-amz-request-id: AHY228P5AHTXACH7
x-amz-replication-status: COMPLETED
last-modified: Wed, 25 Jan 2023 10:36:25 GMT
etag: "0767a94ff484829f2f2453c009c2bb41"
x-amz-version-id: 1af_jcneJb0KqPQRB0U2g21zygz3cZXX
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 25 Jan 2023 13:26:06 GMT
via: 1.1 varnish
age: 8290
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674653166.461933,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
content-length: 18342
X-Firefox-Spdy: h2
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
54.230.111.94200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP 54.230.111.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dwDGjuEaeEq2A5wlwH5TBgxnwkROg1siZ7BUXZ_iyHE4ko20U4wL0A==
age: 616380
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/Enqueue%20Waypoints%20&%20Animate%20CSS/assets/js/jquery.waypoints.min.js?ver=6.1.1
65.109.33.97200 OK 2.5 kB URL HTTP/2 fintips365.com/wp-content/plugins/Enqueue%20Waypoints%20&%20Animate%20CSS/assets/js/jquery.waypoints.min.js?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (8863)
Hash fa0bf060fa0775314c41d54fa413eebd
eb83e7c74e32d76603b5b5ea1341c4a376562370
e291730b639dce70d9b99222fc4f0658aa6907c4622ddca06dc7decdc0324f8f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/Enqueue%20Waypoints%20&%20Animate%20CSS/assets/js/jquery.waypoints.min.js?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 13:36:16 GMT
vary: Accept-Encoding
etag: W/"61af6350-2344"
content-encoding: br
X-Firefox-Spdy: h2
script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
54.230.111.93200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48015)
Hash e45ceb77c1a47254136f1ef733de65df
7cc640ca25ac5232038a02fbaf6d2677871ebaf0
25e950716f031b1000c0fc674457836b68ad60912f265f7efc190f6a93a71a2d
GET /modules.ea0a6d6a741d5de8308e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68675
date: Fri, 20 Jan 2023 11:10:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e45ceb77c1a47254136f1ef733de65df"
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UCjZ8q0VGxgDVUpiy0a3UhJPzGWUwaKa8DYAdhV75cE5uzYig0hznw==
age: 440161
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b653b7190ebaaf7ab6cb4f1f7fe85869
82738acdfaf21f96822cb7d9e9dfaf55fdba921a
2cde59a5adcf8927c2cc056ba3ef66cd37d400290b0df0a22eef8d4c24477d1b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Last-Modified: Wed, 25 Jan 2023 13:05:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b653b7190ebaaf7ab6cb4f1f7fe85869
82738acdfaf21f96822cb7d9e9dfaf55fdba921a
2cde59a5adcf8927c2cc056ba3ef66cd37d400290b0df0a22eef8d4c24477d1b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 961
Cache-Control: max-age=115394
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 13:26:06 GMT
Etag: "63d049ef-1d7"
Expires: Thu, 26 Jan 2023 21:29:20 GMT
Last-Modified: Tue, 24 Jan 2023 21:13:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
region1.google-analytics.com/g/collect?v=2&tid=G-HTSZ9B2HYP>m=2oe1n0&_p=107807368&cid=1120467198.1674653164&ul=en-us&sr=1280x1024&_s=1&sid=1674653164&sct=1&seg=0&dl=https%3A%2F%2Ffintips365.com%2Ffxo-it-amzn-perugia_v1%2F%3Flp%3Damazon%26clickid%3Dwtvf0kjikvp4od5mi60lca5o%26source%3DAntevenio%26utm_source%3DAntevenio%26utm_medium%3Dppc%26utm_campaign%3DAmazon%2520-%2520Perugia_v1%2520-%2520-%2520S_v1%2520-%2520Database%25203%2520-%2520S_7%26utm_content%3DAmazon%2520-%2520Perugia_v1%2520-%2520Antevenio&dr=http%3A%2F%2Fnews.it.inviptus.com%2F&dt=Investi%20sicuro%20con%20Amazon!&en=page_view&_fv=1&_nsi=1&_ss=2&_c=1&ep.debug_mode=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-HTSZ9B2HYP>m=2oe1n0&_p=107807368&cid=1120467198.1674653164&ul=en-us&sr=1280x1024&_s=1&sid=1674653164&sct=1&seg=0&dl=https%3A%2F%2Ffintips365.com%2Ffxo-it-amzn-perugia_v1%2F%3Flp%3Damazon%26clickid%3Dwtvf0kjikvp4od5mi60lca5o%26source%3DAntevenio%26utm_source%3DAntevenio%26utm_medium%3Dppc%26utm_campaign%3DAmazon%2520-%2520Perugia_v1%2520-%2520-%2520S_v1%2520-%2520Database%25203%2520-%2520S_7%26utm_content%3DAmazon%2520-%2520Perugia_v1%2520-%2520Antevenio&dr=http%3A%2F%2Fnews.it.inviptus.com%2F&dt=Investi%20sicuro%20con%20Amazon!&en=page_view&_fv=1&_nsi=1&_ss=2&_c=1&ep.debug_mode=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HTSZ9B2HYP>m=2oe1n0&_p=107807368&cid=1120467198.1674653164&ul=en-us&sr=1280x1024&_s=1&sid=1674653164&sct=1&seg=0&dl=https%3A%2F%2Ffintips365.com%2Ffxo-it-amzn-perugia_v1%2F%3Flp%3Damazon%26clickid%3Dwtvf0kjikvp4od5mi60lca5o%26source%3DAntevenio%26utm_source%3DAntevenio%26utm_medium%3Dppc%26utm_campaign%3DAmazon%2520-%2520Perugia_v1%2520-%2520-%2520S_v1%2520-%2520Database%25203%2520-%2520S_7%26utm_content%3DAmazon%2520-%2520Perugia_v1%2520-%2520Antevenio&dr=http%3A%2F%2Fnews.it.inviptus.com%2F&dt=Investi%20sicuro%20con%20Amazon!&en=page_view&_fv=1&_nsi=1&_ss=2&_c=1&ep.debug_mode=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://fintips365.com
date: Wed, 25 Jan 2023 13:26:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/statistics.svg
65.109.33.97200 OK 1.8 kB URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/statistics.svg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (4738)
Hash cee97a2fb7d29b6d8358290059dfaaf2
0c914a9caed17b5a7f2253c9e51d9acb11f9bee1
df3533a89d3a1aa1185e706d518b0e86cfe1f0c63e51f4a510f5ef404490e80e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/images/statistics.svg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-1359"
content-encoding: br
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=undefined
64.202.112.127200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP 64.202.112.127:0
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 13:26:06 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 2cec87604c39d55a5de11959c4e38606
tr.outbrain.com/unifiedPixel?marketerId=00e3bfba232446a29e79d5a017ce05e435,00cccafacb61a9ec8a571ed26ed2e5d92f,0097c20bcbe19b620790a02f065382cdf1&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Ffintips365.com%2Ffxo-it-amzn-perugia_v1%2F%3Flp%3Damazon%26clickid%3Dwtvf0kjikvp4od5mi60lca5o%26source%3DAntevenio%26utm_source%3DAntevenio%26utm_medium%3Dppc%26utm_campaign%3DAmazon%2520-%2520Perugia_v1%2520-%2520-%2520S_v1%2520-%2520Database%25203%2520-%2520S_7%26utm_content%3DAmazon%2520-%2520Perugia_v1%2520-%2520Antevenio&optOut=false&bust=05118541212028669&referrer=http%3A%2F%2Fnews.it.inviptus.com%2F
64.202.112.127200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00e3bfba232446a29e79d5a017ce05e435,00cccafacb61a9ec8a571ed26ed2e5d92f,0097c20bcbe19b620790a02f065382cdf1&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Ffintips365.com%2Ffxo-it-amzn-perugia_v1%2F%3Flp%3Damazon%26clickid%3Dwtvf0kjikvp4od5mi60lca5o%26source%3DAntevenio%26utm_source%3DAntevenio%26utm_medium%3Dppc%26utm_campaign%3DAmazon%2520-%2520Perugia_v1%2520-%2520-%2520S_v1%2520-%2520Database%25203%2520-%2520S_7%26utm_content%3DAmazon%2520-%2520Perugia_v1%2520-%2520Antevenio&optOut=false&bust=05118541212028669&referrer=http%3A%2F%2Fnews.it.inviptus.com%2F
IP 64.202.112.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=00e3bfba232446a29e79d5a017ce05e435,00cccafacb61a9ec8a571ed26ed2e5d92f,0097c20bcbe19b620790a02f065382cdf1&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Ffintips365.com%2Ffxo-it-amzn-perugia_v1%2F%3Flp%3Damazon%26clickid%3Dwtvf0kjikvp4od5mi60lca5o%26source%3DAntevenio%26utm_source%3DAntevenio%26utm_medium%3Dppc%26utm_campaign%3DAmazon%2520-%2520Perugia_v1%2520-%2520-%2520S_v1%2520-%2520Database%25203%2520-%2520S_7%26utm_content%3DAmazon%2520-%2520Perugia_v1%2520-%2520Antevenio&optOut=false&bust=05118541212028669&referrer=http%3A%2F%2Fnews.it.inviptus.com%2F HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 13:26:07 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: c0908d8806bc55952019cf3fdce6ec3c
in.hotjar.com/api/v2/client/sites/3066802/visit-data?sv=6
52.48.253.50200 OK 95 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/3066802/visit-data?sv=6
IP 52.48.253.50:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 039d32f7359c34eee13f02bae640eff7
7550a24e404da6c533fa8597113eec17a6d55f4c
1874a3ed03bfe4289ca3a8cc3c495a498033ddb248a6fbdcdce02e70065eca54
POST /api/v2/client/sites/3066802/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:26:07 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/shortcode-block-cookie.js?ver=3.9
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/shortcode-block-cookie.js?ver=3.9
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/js/shortcode-block-cookie.js?ver=3.9 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-693"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=3.9
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=3.9
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=3.9 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-6f6"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-json/contact-form-7/v1/contact-forms/455/refill
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-json/contact-form-7/v1/contact-forms/455/refill
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-json/contact-form-7/v1/contact-forms/455/refill HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Connection: keep-alive
Cookie: _gcl_au=1.1.2104540196.1674653164; clickid=wtvf0kjikvp4od5mi60lca5o; _ga_HTSZ9B2HYP=GS1.1.1674653164.1.0.1674653164.0.0.0; _ga=GA1.2.1120467198.1674653164; _gid=GA1.2.1961109068.1674653165; _gat_UA-188880361-3=1; _hjSessionUser_3066802=eyJpZCI6Ijg4YzdlOGQ2LWU1YmEtNTc2YS04ZjdlLWU1NjdmNmEzMWVkYyIsImNyZWF0ZWQiOjE2NzQ2NTMxNjQ4MzEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_3066802=eyJpZCI6ImE1Yjc2MTJkLTkzYzctNDQ4Yi04MGYxLTVmMTJjMmMyOTBlNyIsImNyZWF0ZWQiOjE2NzQ2NTMxNjQ4NjIsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; outbrain_cid_fetch=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:07 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.4.30
x-robots-tag: noindex
link: <https://fintips365.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Origin
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-796"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/acf7db-schedule-report/public/css/acf7db_schedule_report-public.css?ver=1.0.5
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/acf7db-schedule-report/public/css/acf7db_schedule_report-public.css?ver=1.0.5
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/acf7db-schedule-report/public/css/acf7db_schedule_report-public.css?ver=1.0.5 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Tue, 26 Jul 2022 08:53:15 GMT
vary: Accept-Encoding
etag: W/"62dfab7b-62"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/oxygen/css/universal.css?cache=1674652749&ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/uploads/oxygen/css/universal.css?cache=1674652749&ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/oxygen/css/universal.css?cache=1674652749&ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Wed, 25 Jan 2023 13:19:09 GMT
vary: Accept-Encoding
etag: W/"63d12c4d-b1d3"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=3.9
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=3.9
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=3.9 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-7099"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-json/wp/v2/
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-json/wp/v2/
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-json/wp/v2/ HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.4.30
x-robots-tag: noindex
link: <https://fintips365.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Origin
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-includes/js/wp-api.min.js?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-includes/js/wp-api.min.js?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/wp-api.min.js?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 08:11:24 GMT
vary: Accept-Encoding
etag: W/"6362262c-395d"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/wp-data-access/assets/js/wpda_rest_api.js?ver=5.2.9
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/wp-data-access/assets/js/wpda_rest_api.js?ver=5.2.9
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/wp-data-access/assets/js/wpda_rest_api.js?ver=5.2.9 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 12:09:06 GMT
vary: Accept-Encoding
etag: W/"63986b62-14f"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/uploads/oxygen/css/6630.css?cache=1659081374&ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/uploads/oxygen/css/6630.css?cache=1659081374&ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/oxygen/css/6630.css?cache=1659081374&ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:56:14 GMT
vary: Accept-Encoding
etag: W/"62e3929e-1edc"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 12:08:59 GMT
vary: Accept-Encoding
etag: W/"63986b5b-316c"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/acf7db-schedule-report/public/js/acf7db_schedule_report-public.js?ver=1.0.5
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/acf7db-schedule-report/public/js/acf7db_schedule_report-public.js?ver=1.0.5
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/acf7db-schedule-report/public/js/acf7db_schedule_report-public.js?ver=1.0.5 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 08:53:15 GMT
vary: Accept-Encoding
etag: W/"62dfab7b-346"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-includes/js/api-request.min.js?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-includes/js/api-request.min.js?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/api-request.min.js?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 23:56:38 GMT
vary: Accept-Encoding
etag: W/"628d70b6-3ff"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 11:04:59 GMT
vary: Accept-Encoding
etag: W/"6364f1db-37a3"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/targeting.svg
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/targeting.svg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/images/targeting.svg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-103d"
content-encoding: br
X-Firefox-Spdy: h2
popupmaker.com/api/v1/popup/show/f7c4c5c8/
104.26.15.183200 OK 0 B URL HTTP/2 popupmaker.com/api/v1/popup/show/f7c4c5c8/
IP 104.26.15.183:0
GET /api/v1/popup/show/f7c4c5c8/ HTTP/1.1
Host: popupmaker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://fintips365.com
Connection: keep-alive
Referer: https://fintips365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 13:26:06 GMT
content-type: application/json
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PMMVC_SESSION=k1qomouj9b2laf0r5l37lu3hm7; expires=Thu, 26-Jan-2023 01:26:06 GMT; Max-Age=43200; path=/; HttpOnly
strict-transport-security: max-age=63072000; includeSubdomains;
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laGs2ifq58UXHkXSkrKOfTuuc4EJC0t40erZMp6sSEIKfU0GpnZs55Qz0DgwHF0QpFz4PfCXDaRZNqhmC6i7aUa6stG%2B8xlri6RnO3LXN1I%2FUzZst6W62fRX%2Bv6dr09K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f156b20d4ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 11:04:59 GMT
vary: Accept-Encoding
etag: W/"6364f1db-65c5"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 11:04:59 GMT
vary: Accept-Encoding
etag: W/"6364f1db-5003"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-ac08"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/popup-maker-wp/public/assets/js/defaultEmbedCode.js?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/popup-maker-wp/public/assets/js/defaultEmbedCode.js?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/popup-maker-wp/public/assets/js/defaultEmbedCode.js?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Mon, 20 Jun 2022 19:38:11 GMT
vary: Accept-Encoding
etag: W/"62b0cca3-2ea"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news.it.inviptus.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
link: <https://fintips365.com/wp-json/>; rel="https://api.w.org/", <https://fintips365.com/wp-json/wp/v2/pages/6630>; rel="alternate"; type="application/json", <https://fintips365.com/?p=6630>; rel=shortlink
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-includes/css/classic-themes.min.css?ver=1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-includes/css/classic-themes.min.css?ver=1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 08:11:23 GMT
vary: Accept-Encoding
etag: W/"6362262b-d9"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/wp-data-access/assets/css/wpda_public.css?ver=5.2.9
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/wp-data-access/assets/css/wpda_public.css?ver=5.2.9
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/wp-data-access/assets/css/wpda_public.css?ver=5.2.9 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Tue, 13 Dec 2022 12:09:06 GMT
vary: Accept-Encoding
etag: W/"63986b62-5a"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2022 06:44:51 GMT
vary: Accept-Encoding
etag: W/"62fb3ce3-13c"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 08:11:24 GMT
vary: Accept-Encoding
etag: W/"6362262c-15e54"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=3.9
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=3.9
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=3.9 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-553"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 06:44:51 GMT
vary: Accept-Encoding
etag: W/"62fb3ce3-1f8a"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Tue, 13 Dec 2022 12:08:59 GMT
vary: Accept-Encoding
etag: W/"63986b5b-af3"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=3.9
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=3.9
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=3.9 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-3b8cd"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/essential.svg
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/essential.svg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/images/essential.svg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-339"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 12:08:59 GMT
vary: Accept-Encoding
etag: W/"63986b5b-2945"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-includes/css/dashicons.min.css?ver=6.1.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
vary: Accept-Encoding
etag: W/"605cec4b-e688"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/block-all.svg
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/block-all.svg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/images/block-all.svg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-364"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/functionality.svg
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/images/functionality.svg
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/ct-ultimate-gdpr/assets/css/images/functionality.svg HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 10:51:11 GMT
vary: Accept-Encoding
etag: W/"6364ee9f-10c6"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-includes/js/underscore.min.js?ver=1.13.4
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 08:11:24 GMT
vary: Accept-Encoding
etag: W/"6362262c-4991"
content-encoding: br
X-Firefox-Spdy: h2
fintips365.com/wp-includes/js/backbone.min.js?ver=1.4.1
65.109.33.97200 OK 0 B URL HTTP/2 fintips365.com/wp-includes/js/backbone.min.js?ver=1.4.1
IP 65.109.33.97:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: fintips365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fintips365.com/fxo-it-amzn-perugia_v1/?lp=amazon&clickid=wtvf0kjikvp4od5mi60lca5o&source=Antevenio&utm_source=Antevenio&utm_medium=ppc&utm_campaign=Amazon%20-%20Perugia_v1%20-%20-%20S_v1%20-%20Database%203%20-%20S_7&utm_content=Amazon%20-%20Perugia_v1%20-%20Antevenio
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 13:26:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 08:11:24 GMT
vary: Accept-Encoding
etag: W/"6362262c-5d28"
content-encoding: br
X-Firefox-Spdy: h2