www.westsprintcapital.com/zzun/?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
199.188.200.173301 Moved Permanently 707 B URL HTTP/1.1 www.westsprintcapital.com/zzun/?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
IP 199.188.200.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert quad9 Sinkholed
GET /zzun/?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 03 Sep 2022 23:19:48 GMT
server: LiteSpeed
location: https://www.westsprintcapital.com/zzun/?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6246
Expires: Sun, 04 Sep 2022 01:03:54 GMT
Date: Sat, 03 Sep 2022 23:19:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 22:43:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pokz0l9DUEPYcVFhgoqL56FZIQl6zwjNWktQjtuMg8klWSocO_bI3A==
Age: 2179
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gnLTtWz_lre4cxl_gP8ZJ1K-TiIioi0Ilc8I9nabiSvGVhNagX3COg==
age: 79471
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 23:19:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 03 Sep 2022 22:38:16 GMT
Expires: Sat, 03 Sep 2022 22:46:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TBE0SZyCMYdpJ3wEvfgINo3LdbH8m75XQbOgpJ40oe7S_sH7nRQIKA==
Age: 2493
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 119772be6552f6f22eef9bd4f8e11abb
02766ca1dea6775a052910594712c1e8dee19f1d
922f886aac6111192ae45d86aa416455b95e592080c9fe4b266b3669d93f5c20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 23:19:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 11:29:07 GMT
Expires: Wed, 07 Sep 2022 11:29:06 GMT
Etag: "02766ca1dea6775a052910594712c1e8dee19f1d"
Cache-Control: max-age=302356,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745236630c62b4fd-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5647
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:49 GMT
Last-Modified: Sat, 03 Sep 2022 21:45:42 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.westsprintcapital.com/zzun/?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
199.188.200.173301 Moved Permanently 707 B URL HTTP/2 www.westsprintcapital.com/zzun/?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
IP 199.188.200.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert quad9 Sinkholed
GET /zzun/?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Sat, 03 Sep 2022 23:19:49 GMT
server: LiteSpeed
location: https://www.westsprintcapital.com/zzun?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HApE4A4ZYQB90ZYqATte4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1/7G08oVfyXY7Py7qInD0nxP6fM=
www.westsprintcapital.com/zzun?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
199.188.200.173302 Found 163 B URL HTTP/2 www.westsprintcapital.com/zzun?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R
IP 199.188.200.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62f9811a7acdd8705d7a2c40f8ffcae7
8c0363c1ce07481556dfe694296adf07276f4ed1
18106c1a67e720268b190231c1cffe58fc083127cd5a1064852eb463d1997353
Analyzer Verdict Alert quad9 Sinkholed
GET /zzun?LdLpA=NOx1+fUxhShAJ9X9UdT4ot4TcKEqmGHMRvg5x9ofs2dvjY3agnYkjym250nFq2WqW90=&TB3=x888VJH8Q2np9R HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
x-powered-by: PHP/7.3.33
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://www.westsprintcapital.com
content-type: text/html; charset=UTF-8
content-length: 163
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 23:19:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/select2@4.1.0-beta.1/dist/css/select2.min.css
151.101.85.229200 OK 2.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-beta.1/dist/css/select2.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (15822)
Hash 189bd550c25ce39153112586937d048b
a6a52af0d50e7c6dae16fe0fe6bcb8f433e28496
13e79a7a242941f97d0e6302b3f901f07131afbd3531849ded3483e4871b17bd
GET /npm/select2@4.1.0-beta.1/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-beta.1
x-jsd-version-type: version
etag: W/"3dcf-yUSO+/Irxvb7u7/rvWVmQrqxN2c"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Sep 2022 23:19:50 GMT
age: 9766083
x-served-by: cache-fra19135-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 2060
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/select2@4.1.0-beta.1/dist/js/select2.min.js
151.101.85.229200 OK 20 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-beta.1/dist/js/select2.min.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (64125)
Hash 29504b4f22140211babc7eaa3c59c71e
c08a536c36ca38db239da65eecf8fa89b31d98a9
36b33dd6abad7e1f2eb208f58ce6478ee21152f2c11c73ab7aa0925c7d33690c
GET /npm/select2@4.1.0-beta.1/dist/js/select2.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.0-beta.1
x-jsd-version-type: version
etag: W/"11afb-s2c359KmWBXECshtBQLwy7i5utg"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Sep 2022 23:19:50 GMT
age: 10703805
x-served-by: cache-fra19128-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 19914
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js
104.17.24.14200 OK 35 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32037)
Hash 8ec306b76e7dc20e47d5f986b68d5932
6bc2204b8061f8d54f416b0d1df1343c2f42521a
9b623920be3228e50eabb5af38e599acdbdc4fce6b2f1d7eb884cf3bb0245d7c
GET /ajax/libs/gsap/2.1.3/TweenMax.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 23:19:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 34868
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e71-1c604"
last-modified: Mon, 04 May 2020 16:10:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1475538
expires: Thu, 24 Aug 2023 23:19:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEBFJN4EEHchStPp%2BrINEKgY4chMZu%2FtUBuuQJcjPPZzKFkwh2L%2BDXsf%2BYhe8QTZwT8jaScDZeVfmOylruxyoROiScABVU2cnNOWVt7NCcqEZuMBYVgEUX9sjQ7bI%2BwVRTAtLJQ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7452366a8e030b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 3e67acd981a431f0e96c8279365c652e
090296d55bf287d0a8abb716dd81c3244a911713
7e823dbe3f9825b4d540066b7fbbb6535d67a08350eff36b75e2031b0e487524
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 23:19:50 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2654A1C869FB0F532010F7E605B1BF015EF81867"
Expires: Sun, 04 Sep 2022 10:00:00 GMT
Last-Modified: Sat, 03 Sep 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 648
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7452366aaf700afe-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51df98c169fb7de773301d014bcea4b8
9bdf9bdb9b5eee378e9ac4ec68ca07c665ae4819
c8336f3a2e16c9390b610c612ce9be7c19286f04a6328a29200cbf65db5801c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.westsprintcapital.com/frontassets/css/all.min.css
199.188.200.173200 OK 12 kB URL HTTP/2 www.westsprintcapital.com/frontassets/css/all.min.css
IP 199.188.200.173:0
File type ASCII text, with very long lines (55785)
Hash 7db4426c2e86fc006b9b961ddfd5e4a4
7c69584e630159190d36d87ef79b9b12053593fe
833422bde7f68ab37542994b0d9699cd13571181fc5c23bbfe5eccb800cc2de4
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/all.min.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11743
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51df98c169fb7de773301d014bcea4b8
9bdf9bdb9b5eee378e9ac4ec68ca07c665ae4819
c8336f3a2e16c9390b610c612ce9be7c19286f04a6328a29200cbf65db5801c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.westsprintcapital.com/assets/admin/css/toastr.min.css
199.188.200.173200 OK 2.7 kB URL HTTP/2 www.westsprintcapital.com/assets/admin/css/toastr.min.css
IP 199.188.200.173:0
File type ASCII text, with very long lines (6454), with no line terminators
Hash 9c8c26a2fd3c0959e7d65ba48be34563
f6f262caab0f934123544c1f2e7f14fbaf360250
a251ea022e62a0363896523b16f31eb138412c620a0e8b1df783cf2ad07a4ebf
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/admin/css/toastr.min.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 21 May 2019 20:31:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2654
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/css/pe-icon-7-stroke.css
199.188.200.173200 OK 1.7 kB URL HTTP/2 www.westsprintcapital.com/frontassets/css/pe-icon-7-stroke.css
IP 199.188.200.173:0
Hash 8f51c5bb494fe0ef53cfdeadbea5fedc
1f5440ebdac4e31c9cc569e0bb07ccf4eb364677
8838e185f323126edeeec022942a920368b142e5c7e01ba5f8d5600b5e64d579
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/pe-icon-7-stroke.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1701
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/css/roysha-icons.css
199.188.200.173200 OK 2.5 kB URL HTTP/2 www.westsprintcapital.com/frontassets/css/roysha-icons.css
IP 199.188.200.173:0
Hash 7608bcf4530b902f42d53604c5ee0357
139576e545443165691e395d5fdab82413575195
30fe28779bb7f2e289482bc19a8e84c8f3fa2898bb9425a5d21189c4924dbee8
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/roysha-icons.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2509
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a4b25e2f5622cbadc150f24a8b1bbfb9
e5219c1824556c1e3574a527c39daf1d1eddbd16
3cd8535365061dbbddb36be713106e1f271581a2ab0031d720be958aa0ef60ec
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 23:19:50 GMT
Last-Modified: Sat, 03 Sep 2022 22:42:07 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bEo6dFFgL_4yzoIE6XTceN84EAoZIM0sSSzfQ6iK_mpIolIcTBw9GQ==
Age: 2263
www.westsprintcapital.com/frontassets/css/bootstrap.min.css
199.188.200.173200 OK 21 kB URL HTTP/2 www.westsprintcapital.com/frontassets/css/bootstrap.min.css
IP 199.188.200.173:0
File type ASCII text, with very long lines (65324)
Hash 123062a501318cc73759315eaeffca9c
0542dbfd3008893ffcf9cfbd31783b14523adf4e
e37a08be15644b88b5b90bad49a9282d36ececef5f1bd98b74640728bcfa0a3c
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/bootstrap.min.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20941
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/css/owl.carousel.min.css
199.188.200.173200 OK 915 B URL HTTP/2 www.westsprintcapital.com/frontassets/css/owl.carousel.min.css
IP 199.188.200.173:0
File type ASCII text, with very long lines (3184)
Hash 6a92a9ec6c4f2b4d1e1528d0a6a33d88
5af68f48530fdb2bac19b2cd0eb3ebe183f90f47
d0673931f5a3f471ea23b2ed4816304b70ed9008c5382ae2954bae941a34d252
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/owl.carousel.min.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 915
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/css/jquery.fancybox.min.css
199.188.200.173200 OK 2.9 kB URL HTTP/2 www.westsprintcapital.com/frontassets/css/jquery.fancybox.min.css
IP 199.188.200.173:0
File type ASCII text, with very long lines (12795), with no line terminators
Hash b2b6b34aaaa3c98259ec0c12b300095e
8189dd83862e15f0c9921494115f83f0060dd28f
e965b5f1ef9e780dab0435efd0b9cbf1166853f2c7c06a4cba8b41c78765f202
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/jquery.fancybox.min.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2897
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/css/nice-select.css
199.188.200.173200 OK 931 B URL HTTP/2 www.westsprintcapital.com/frontassets/css/nice-select.css
IP 199.188.200.173:0
Hash bf85a978164301e5d4261f0ffedafeb9
53abf15e06137a02072b5740c6c1db3f8ac072e2
63ff6cf9765c7f854982d74c94dc3db9c8a44da5560e38866334e9c09b8692a6
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/nice-select.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 931
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/css/custom.css
199.188.200.173200 OK 0 B URL HTTP/2 www.westsprintcapital.com/frontassets/css/custom.css
IP 199.188.200.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/custom.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:28 GMT
accept-ranges: bytes
content-length: 0
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/css/style.css
199.188.200.173200 OK 13 kB URL HTTP/2 www.westsprintcapital.com/frontassets/css/style.css
IP 199.188.200.173:0
File type ASCII text, with very long lines (900)
Hash d39e49966e2d8192be4e720748579d9d
1c813d4d28ae4c5ada13707afb7333ea75d73561
575859d7ce95b75158ded6745a01e9bc21cdabbcdcc1593b114db3edf891a66f
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/css/style.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: text/css
last-modified: Tue, 07 Jan 2020 22:16:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12592
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3-us-west-2.amazonaws.com/s.cdpn.io/106949/jquery.onscreen.js
52.218.221.96200 OK 11 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/s.cdpn.io/106949/jquery.onscreen.js
IP 52.218.221.96:0
File type ASCII text, with very long lines (1294)
Hash 33a3914cff741cb7f7bb323b8433233e
35ca576406057ff8580b4ef226da8a40b501940b
8f7d3d9629606ef4a561616eba0c18549fea801cc18c3a74e0ee4a3141bcbda2
GET /s.cdpn.io/106949/jquery.onscreen.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: sQHIzQqKyV7sF3d5jiNK0XeltCX6qDDfrw5k9x9rrWM9rX0xEOdNf2KNT+KZfW0dK6XQs2SXPaY=
x-amz-request-id: 6AJABPEYNFSKX613
Date: Sat, 03 Sep 2022 23:19:51 GMT
Last-Modified: Tue, 07 Apr 2015 14:29:48 GMT
ETag: "33a3914cff741cb7f7bb323b8433233e"
Cache-Control: public
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 10717
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 23:13:24 GMT
expires: Sun, 04 Sep 2022 00:13:24 GMT
cache-control: public, max-age=3600
age: 386
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6885
Expires: Sun, 04 Sep 2022 01:14:36 GMT
Date: Sat, 03 Sep 2022 23:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6885
Expires: Sun, 04 Sep 2022 01:14:36 GMT
Date: Sat, 03 Sep 2022 23:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6885
Expires: Sun, 04 Sep 2022 01:14:36 GMT
Date: Sat, 03 Sep 2022 23:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6885
Expires: Sun, 04 Sep 2022 01:14:36 GMT
Date: Sat, 03 Sep 2022 23:19:51 GMT
Connection: keep-alive
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46200 OK 60 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
Hash 29695ebfc0d79824ed83335cb3316146
eb5d05306d589132dd6db85ac20f0a7001f3cc5c
87e1b95c65e960772d5d8ea85bd8e2ffee08c241a38901ed550658da72d6bb5c
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Sep 2022 23:19:50 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+758; expires=Mon, 02-Sep-2024 23:19:50 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6885
Expires: Sun, 04 Sep 2022 01:14:36 GMT
Date: Sat, 03 Sep 2022 23:19:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa79c31ef-8277-4472-8ef6-9ea1d733084d.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa79c31ef-8277-4472-8ef6-9ea1d733084d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5958d2ad91c698c62988bdb9256a4543
97f2c77f55f38ff6825fa7fc2ff3198bdef02517
578729554c47a75c74fb3f2d45865592291a35511e0b490b6b8cd4e72e917b73
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa79c31ef-8277-4472-8ef6-9ea1d733084d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8228
x-amzn-requestid: b107192f-7526-4c2e-8978-e4eceb93e09c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wxsE9OIAMFhqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80a-20ca9d565d4a04126e3b41b9;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:58 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TTxBe-5G-7O6n898Yv4zZhODXSiVvaUtO6LRX3yYtljzAlP_55i0bg==
via: 1.1 7256fedee68a59a508800e0dda035348.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:12:37 GMT
age: 4034
etag: "97f2c77f55f38ff6825fa7fc2ff3198bdef02517"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:54:46 GMT
age: 5105
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bdfdf7e36f78f2f0e4d7ede9fdb76a8
babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:41 GMT
age: 5290
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37a5a560-36c9-4ce4-9cd9-c63ef9dd80e0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37a5a560-36c9-4ce4-9cd9-c63ef9dd80e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b827f0dcea3d5bfab9139d239e9f0155
ffe21e93486c5763ae6ee17fe39c6dbb0cb3e714
de9a30cf34ccda6ee06845151a41f489b42a0f9072b481b717abef90095e3f35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37a5a560-36c9-4ce4-9cd9-c63ef9dd80e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: a1564fd3-2042-449b-baa8-7e06abf02fd2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5w-6EHXIAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c85f-26179fef7b74e89f05022fe7;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RTb9HYlXQLizx__DP8Pd9FGTylC1RDwk_YoqL8ZbcFnAAu4s0EmTKQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:13:00 GMT
age: 4011
etag: "ffe21e93486c5763ae6ee17fe39c6dbb0cb3e714"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wifFJYoAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wd9SF3txQNTVUaSPcKQ_nQfPt1pBjFbuHzSZiQjfbGBSb-i7J8Rgjg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:44:29 GMT
age: 5722
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1814521f-0914-48f7-8ea7-8c2d8155c055.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1814521f-0914-48f7-8ea7-8c2d8155c055.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8aa56bbbb56df10ff381fc5dd250e09
19288de373e2bc69a51c9e0c6f49f5cf4e0d8759
68c4508940b207a3e1d32a38a9f82b1fbabbb97430fe0a5e2ddc75d62c4bdfcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1814521f-0914-48f7-8ea7-8c2d8155c055.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10147
x-amzn-requestid: 7c2c3756-fc7b-4386-8c88-f1b42beed37a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxLzHEAHoAMFV8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631059ad-063448962d443e107716b726;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:05:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZGR4HPl3KOfSdZzialXKeNrH_DzJzUvyLlwFtx0MQOp0VNsOtdC-bg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 16:25:21 GMT
age: 24870
etag: "19288de373e2bc69a51c9e0c6f49f5cf4e0d8759"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an1/4.png
199.188.200.173200 OK 12 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an1/4.png
IP 199.188.200.173:0
File type PNG image data, 602 x 564, 8-bit/color RGBA, non-interlaced\012- data
Hash 664908d651562593fe7ce5a1cb232a76
452f3f65364cb41b7f150eba4ba18f83447f78aa
0129a9406f86c5acc019cf3d9e771c83522f590ec7682c0889946b7ecc03faf8
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an1/4.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:10 GMT
accept-ranges: bytes
content-length: 12184
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.westsprintcapital.com/frontassets/images/an3/4.png
199.188.200.173200 OK 3.9 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an3/4.png
IP 199.188.200.173:0
File type PNG image data, 593 x 490, 8-bit/color RGBA, non-interlaced\012- data
Hash c79bd3e8b1fbe2228f2f14633e2d2509
e29893ea8871fe3c259bcd407762408c3956be39
9ab1d2e33ab2a014888ad563cbdcff839ad4e4e09d10a2132943c2a6b2df34ea
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an3/4.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:18 GMT
accept-ranges: bytes
content-length: 3923
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an3/3.png
199.188.200.173200 OK 3.9 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an3/3.png
IP 199.188.200.173:0
File type PNG image data, 593 x 490, 8-bit/color RGBA, non-interlaced\012- data
Hash 70c482303ff987e07f9dbbc02b2a99cd
c5d0f34768b355af4b490067935a4cf9bf092e8f
e2fb183036f319b1d7f4dfa86a0bde8f4f053bb14b221e16a5cbba38eb324b90
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an3/3.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:18 GMT
accept-ranges: bytes
content-length: 3935
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an3/6.png
199.188.200.173200 OK 3.6 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an3/6.png
IP 199.188.200.173:0
File type PNG image data, 593 x 490, 8-bit/color RGBA, non-interlaced\012- data
Hash d3b9ecb460ab958794f9236bce4a402a
bcabd536b71637a01538ff6e7fd2d9389eb31506
cc7bdbe5952b1837bba84b50fd77e69c6c21d885981a39304b9513d78345ddd7
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an3/6.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:20 GMT
accept-ranges: bytes
content-length: 3632
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an3/2.png
199.188.200.173200 OK 3.6 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an3/2.png
IP 199.188.200.173:0
File type PNG image data, 593 x 490, 8-bit/color RGBA, non-interlaced\012- data
Hash fa841ae76d76ffe1885e0530df098c04
c1aa5c64ba3e07f05ef6c273215d2b79be5c4903
983be8b96db05de77e262a30db5e85bee7aaba3129daa26d15b6bfbea47dc2ff
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an3/2.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:16 GMT
accept-ranges: bytes
content-length: 3639
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an3/5.png
199.188.200.173200 OK 3.6 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an3/5.png
IP 199.188.200.173:0
File type PNG image data, 593 x 490, 8-bit/color RGBA, non-interlaced\012- data
Hash 59401fe8c4d5142b47e28152a9747bd8
15b09416fc8696bf073720ad63305ad90581324f
c3f0e020616af3b96993e7f60dcfcf962e57182da00bc392f9b31fdfba857c1c
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an3/5.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:20 GMT
accept-ranges: bytes
content-length: 3594
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/bootstrap.min.js
199.188.200.173200 OK 15 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/bootstrap.min.js
IP 199.188.200.173:0
File type ASCII text, with very long lines (57791)
Hash 56b563ea6a4e8a1534ad78d64f535359
15330d7d7e4352d317895143e4bda406cc5929ec
11613db4d76ea4bf9d08f7888227cb833c9456b7c51c8b88ee6272f6eff88a6f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/bootstrap.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14764
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/owl.carousel2.thumbs.min.js
199.188.200.173200 OK 1.0 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/owl.carousel2.thumbs.min.js
IP 199.188.200.173:0
File type ASCII text, with very long lines (3342)
Hash ec0834796e14a6a9d2da58c25c747831
0d339084bf7bcfc79dd324ca4d45469e04ef7ee8
83060e3dbf2f4fe389122a00ac9174d39442595e1fdaa9464fabcacee1996a84
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/owl.carousel2.thumbs.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1013
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/jquery.nice-select.min.js
199.188.200.173200 OK 930 B URL HTTP/2 www.westsprintcapital.com/frontassets/js/jquery.nice-select.min.js
IP 199.188.200.173:0
File type Unicode text, UTF-8 text, with very long lines (2822)
Hash 7df2a8ed2b80cde0e5e7ca7c26764651
d6065cf9375fa62f0bc89dd8c7b8d39a7299720b
478a6036f21887bd2c4da8d4c1446b7ca247263af66c79056c0b290076c736fe
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/jquery.nice-select.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 930
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/scripts.js
199.188.200.173200 OK 2.3 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/scripts.js
IP 199.188.200.173:0
Hash 6f76b5e60326561556a8fe95194c4d06
6b0b35cce1a0fae20afb9676f62167386ec7e095
c4acc4b936c10c4dc7152707a32e8e1b694bf1db15b82fd7d4f0abad1b725b63
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/scripts.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2273
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/assets/frontend/js/jquery.magnific-popup.js
199.188.200.173200 OK 12 kB URL HTTP/2 www.westsprintcapital.com/assets/frontend/js/jquery.magnific-popup.js
IP 199.188.200.173:0
Hash 4cb70d560a7f810b82be2c53724584cf
341b246372526db0f79410d2afaefcadde3eb6b9
dd6ae3028d14d973291c5c15d5f223e7895b752075e472787fb8edad67f85add
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/frontend/js/jquery.magnific-popup.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 21 May 2019 20:31:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12078
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/jquery.countdown.min.js
199.188.200.173200 OK 2.2 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/jquery.countdown.min.js
IP 199.188.200.173:0
File type ASCII text, with very long lines (4136)
Hash 34ae27a14c6bd0b97adf30d7e95b58f1
4d749b45dd156a57bd1899816d4ae9c1912220c9
84f9cbde735393b7d9d808b41f0bf37d6dc2e91be301da73f91ab49dcf07a608
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/jquery.countdown.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2238
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/assets/frontend/js/toastr.min.js
199.188.200.173200 OK 1.9 kB URL HTTP/2 www.westsprintcapital.com/assets/frontend/js/toastr.min.js
IP 199.188.200.173:0
File type ASCII text, with very long lines (5215)
Hash 3d89a3ee5d6a5c1faa2d83a1050dab0c
fd9d0a66ef663c53c92a891ac0dcec91cd2ce75d
75460b4ed48563292a4c6c9999ce44eefbbb241b3247d197900b2ad8b958e0bf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/frontend/js/toastr.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 21 May 2019 20:31:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1853
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/owl.carousel.min.js
199.188.200.173200 OK 11 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/owl.carousel.min.js
IP 199.188.200.173:0
File type ASCII text, with very long lines (31997)
Hash 3cb10c6c01ef15e7d2c5ef33c6f06ee5
561a0008fd649a946ff6cdba379547c998cb4582
2107b826f18f7f10f78a38641124da03dad389704816a86136488123a0f01f3d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/owl.carousel.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11139
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an1/2.png
199.188.200.173200 OK 46 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an1/2.png
IP 199.188.200.173:0
File type PNG image data, 602 x 564, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ec17d5293210e7008342a3d97cf659e
8d3221b250a6584841c3d45c5733c128bbb8847e
17aaba794be5eccf22a564328de765db08c9c59a9fa186346e92711d770d0e95
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an1/2.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:08 GMT
accept-ranges: bytes
content-length: 45987
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an2/2.png
199.188.200.173200 OK 25 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an2/2.png
IP 199.188.200.173:0
File type PNG image data, 838 x 539, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f5ccecae0e0e388c768beb274513e15
50f50eb73636cbab1e496656fc3f05076f676592
c55f6340886454fa79b1a0e50882f2290746c4a0f6d12d589be42d0893b07532
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an2/2.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:14 GMT
accept-ranges: bytes
content-length: 24909
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an1/5.png
199.188.200.173200 OK 33 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an1/5.png
IP 199.188.200.173:0
File type PNG image data, 602 x 564, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ae35babf6645974e05d98c8fb84c56
e2b814a5cb3651ee1294345d91e94eda6dc34d15
0c7954f204b01fa634d934f31c01dc346323167d214106ee89e45bfbf6bbdd9f
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an1/5.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:10 GMT
accept-ranges: bytes
content-length: 33143
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/jquery.fancybox.min.js
199.188.200.173200 OK 21 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/jquery.fancybox.min.js
IP 199.188.200.173:0
File type HTML document, ASCII text, with very long lines (31972)
Hash 8405e711e597bbfc638daa9e5ea21f05
f498cd49c6603ec8844bc7a448b96884fce16ef0
297900ab7af7c961b6eb062d8fd1cb962fede45f4886f32fdbd2ca0077bce679
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/jquery.fancybox.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20999
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/jquery-3.3.1.min.js
199.188.200.173200 OK 30 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/jquery-3.3.1.min.js
IP 199.188.200.173:0
File type ASCII text, with very long lines (65451)
Hash 821b0d3362e59f66ae029119c4c10249
9536992a7dd92c6f0b530dcb19c82b763ac9106a
e947c91fb66bd99865d3894418fc93a8a648d990aa2adc2786d34a39392c788d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/jquery-3.3.1.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29664
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an1/1.png
199.188.200.173200 OK 42 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an1/1.png
IP 199.188.200.173:0
File type PNG image data, 602 x 564, 8-bit/color RGBA, non-interlaced\012- data
Hash 4369fad7cb0e6a6c51d185ac4521cbc2
d91d87a1554607aeccca9595b061d012c7cee4b5
abf3f28c3e8ff618bc9d0c7d20fe72a62b9fe79b33db51c89aaa4e6e8426b540
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an1/1.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:08 GMT
accept-ranges: bytes
content-length: 41572
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/scrn-2.png
199.188.200.173200 OK 61 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/scrn-2.png
IP 199.188.200.173:0
File type PNG image data, 838 x 421, 8-bit/color RGBA, non-interlaced\012- data
Hash 71ca8b1600cbd27ef05abb709f5afc18
3b11e1d74b923557a495bc5cce438dd50ee20904
a452232c6a1482816f2162a74862e03b8896ffa4f3e2b98c496e1c3988c11de7
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/scrn-2.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:00 GMT
accept-ranges: bytes
content-length: 61176
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/online-payment.png
199.188.200.173200 OK 79 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/online-payment.png
IP 199.188.200.173:0
File type PNG image data, 593 x 490, 8-bit/color RGBA, non-interlaced\012- data
Hash 353bddf366ff4e4156be2290a3f90cc6
013f1899072763903b164f07ea4201faeb1e4660
70e28f310fef04ec605d7c93a96f959701d5afc61f73f2a677fd92c5eb7b8920
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/online-payment.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:17:54 GMT
accept-ranges: bytes
content-length: 79308
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/js/jquery-ui.min.js
199.188.200.173200 OK 66 kB URL HTTP/2 www.westsprintcapital.com/frontassets/js/jquery-ui.min.js
IP 199.188.200.173:0
File type ASCII text, with very long lines (33326)
Hash 362a3c662e356152c77d24bc176bf9c1
f0d771b015fb05b22b39d87b93e6b6697d491c67
12bc705c7ad36925a6c2d6eef14e5b983d55da93b938931e71792b9c0b0cda2b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/js/jquery-ui.min.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2020 22:20:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 65650
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/scrn-3.png
199.188.200.173200 OK 101 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/scrn-3.png
IP 199.188.200.173:0
File type PNG image data, 838 x 421, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101204 bytes)
Hash c312ae6595e6077afe689caca235411b
d84755c385cf8f67d0d5e41bafb63474b40f225d
1d4b6dc79db1c3b25d04d6eb69e71f8e16321f630102060e390f7146b2dc146e
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/scrn-3.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:02 GMT
accept-ranges: bytes
content-length: 101204
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/preloader.svg
199.188.200.173200 OK 1.0 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/preloader.svg
IP 199.188.200.173:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2369), with no line terminators
Hash f3f971e0af8438225b9c6ade8ae9f439
ee0d6a1c622a6b6bfd94ce86a362d2291dae7baa
0109e462e430c28aded3e6ebb8555a02f1851130f963d4ca1c60c4fade3ba805
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/images/preloader.svg HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/frontassets/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Jan 2020 22:17:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1035
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/scrn-1.png
199.188.200.173200 OK 108 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/scrn-1.png
IP 199.188.200.173:0
File type PNG image data, 892 x 533, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (107886 bytes)
Hash d5f4472c16343a631ebe603cd560ee9e
2b3c766a322e5c58083d8f715fc992c03e6b4a25
e759793d81a67d06524b535f338d3cd43c40a543578d2b1041881af6fc999c2a
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/scrn-1.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:00 GMT
accept-ranges: bytes
content-length: 107886
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//tururu.mp3
172.67.71.3206 Partial Content 7.2 kB URL HTTP/2 widget-v4.tidiochat.com//tururu.mp3
IP 172.67.71.3:0
File type MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural\012- data
Hash 5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 03 Sep 2022 23:19:53 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Tue, 02 Aug 2022 07:00:11 GMT
etag: "62e8cb7b-1c38"
expires: Thu, 01 Sep 2022 02:08:12 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1458701
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdv9megN5MHTdz0CLhvqJwKIFgozf6aKLsa1chGUHkChTdVKzOGroPDQDsblXVALxSYoAV31%2Blm2lUwukPWaEHoO1qbNDa9WPlUVI8KvYusKrwV85dsaG3rbjCXfowAaI5PLlXtZaWWP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7452367d4fbdb523-OSL
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an2/1.png
199.188.200.173200 OK 134 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/an2/1.png
IP 199.188.200.173:0
File type PNG image data, 838 x 539, 8-bit/color RGBA, non-interlaced\012- data
Size 134 kB (133738 bytes)
Hash 7b16cf5f533b95d0f6fd6805823d6121
78eece87c2e28363df06a85f06e8f79aa6c111aa
249ab80fcf169d0fbe4da7a174dbd494809e102174b28e81e62bddb61f3c1299
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an2/1.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:14 GMT
accept-ranges: bytes
content-length: 133738
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/footer-bg.png
199.188.200.173200 OK 46 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/footer-bg.png
IP 199.188.200.173:0
File type PNG image data, 1459 x 504, 8-bit/color RGBA, non-interlaced\012- data
Hash de8828960ba66ca0a202ff41406ab98b
c5948091033ea54c11dbbea97e60f9f784316105
07fed59dceab220871079ff16f1535cc686488e4ca20681944db7d22f2039ec7
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/footer-bg.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/frontassets/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:17:40 GMT
accept-ranges: bytes
content-length: 45840
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6f7f2be885bfea46a6e9a41e671ba20e
d14287d7d995e39a6a3317af0561f72148a6cc17
470b4d0c1d4a69da19815a7de4768ce87222ab9ac2de931bcaf9151cc7260d7b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 23:19:53 GMT
Last-Modified: Sat, 03 Sep 2022 22:23:47 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R5DRhRWNI451vLQZIOLjqdt2ofMH6xjetagCvjsY11dkwjoJqjUSLg==
Age: 3366
widget-v4.tidiochat.com/1_109_0/static/js/chunk-WidgetIframe-ab79717f7151353390a1.js
172.67.71.3200 OK 88 kB URL HTTP/2 widget-v4.tidiochat.com/1_109_0/static/js/chunk-WidgetIframe-ab79717f7151353390a1.js
IP 172.67.71.3:0
File type ASCII text, with very long lines (65439)
Hash 00bf9a7b06c7f0e616928df8f5bb0889
bbb517dd14188a015f0af25cc46c765254ca525a
8b91ee4ca1ab94a2f867f53386b8ccb2cc2514224f3d26bd4e66aeefb07b9cb5
GET /1_109_0/static/js/chunk-WidgetIframe-ab79717f7151353390a1.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 23:19:53 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 10:12:36 GMT
vary: Accept-Encoding
etag: W/"62fe1094-54cab"
cache-control: max-age=691200
cf-cache-status: HIT
age: 5210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoGEaoP9q8tc7Lo%2F%2FmjBkqrXY6Qvmhf0cBT5MUFkVAq8Qlsc8OA0lPspi2hVj4ClqDLKT51e4qCbJKDpNA0e5OO7TqWg%2FN3REIi1REE5gAFi1k7QDemTD5cNixLTNPwviizlOAAAP4z4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7452367d1f4fb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
code.tidio.co/zwswkaxg7rcwcrbc6ftpfya1i2kazsyr.js
104.26.8.183302 Found 50 kB URL HTTP/2 code.tidio.co/zwswkaxg7rcwcrbc6ftpfya1i2kazsyr.js
IP 104.26.8.183:0
Hash 2c46fa1e83357cf9361d3ae2c3d92174
95035d9c976f3bcaf63f99ed3b646ed9e7b10c67
e621d43d9099f91d347896a5de84a8abf32488a86e2161b91e56f22de8a2d60d
GET /zwswkaxg7rcwcrbc6ftpfya1i2kazsyr.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Sep 2022 23:19:50 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_109_0/static/js/render.ab79717f7151353390a1.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rru8OsAAiIz5iAqt0GDvt5e6LDP9Qsw14D362%2FvC5O53F%2Bxbs2uM8zgV%2BC%2BD6O1yV8H%2BpsAv2l5UFBnHbTDEXGR0as285lTAnO143xy1Jo2SkNRa%2FtGVi9F2nFOLggA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7452366a6f500afe-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
142.250.74.163200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Hash e6d08c334958c128b793b570a7dce066
081111500e97a7663ff936f847e050fee6b8be2b
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.westsprintcapital.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 04:28:25 GMT
expires: Sun, 03 Sep 2023 04:28:25 GMT
cache-control: public, max-age=31536000
age: 67889
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/webfonts/fa-solid-900.woff2
199.188.200.173200 OK 75 kB URL HTTP/2 www.westsprintcapital.com/frontassets/webfonts/fa-solid-900.woff2
IP 199.188.200.173:0
File type Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Hash b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /frontassets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.westsprintcapital.com/frontassets/css/all.min.css
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:51 GMT
content-type: font/woff2
last-modified: Tue, 07 Jan 2020 22:16:24 GMT
accept-ranges: bytes
content-length: 75440
date: Sat, 03 Sep 2022 23:19:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 04a393832995fdd2ff9af4201898894f
bd7cdfb3eca24533412569e6ff1976087d702dd8
ab91ca133a0e29ac4f78752f38ded4137d4e14a17efad81a0f4de09652ae36c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5961
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:54 GMT
Last-Modified: Sat, 03 Sep 2022 21:40:33 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
23.111.9.57200 OK 1.3 kB URL HTTP/2 twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
IP 23.111.9.57:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 8c685a701d36f492ecc566a4c879fbfd
bbfb15f5fdfd47a20122556975dba73b9d035d95
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
GET /v/13.0.1/72x72/1f44b.png HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 23:19:54 GMT
content-type: image/png
content-length: 1285
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
access-control-allow-origin: *
etag: "62451ee1-505"
expires: Mon, 03 Oct 2022 23:19:54 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: B158:54DE:D0A7FB:DA355D:6311E63E
vary: Accept-Encoding
x-fastly-request-id: da4a40c52694e257549b3ee13d411790224f9003
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/banner/1.jpg
199.188.200.173200 OK 256 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/banner/1.jpg
IP 199.188.200.173:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x900, components 3\012- data
Size 256 kB (255711 bytes)
Hash d0dafe3663f5b6095f98aad3cc22b5a1
61cebdfcc6c506a41ef39f748bd203e46ee1cb83
518d205174c13d668f5f58b11149ec23a2aa011067a830cb2587b79594ce7645
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/banner/1.jpg HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/frontassets/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jan 2020 22:18:52 GMT
accept-ranges: bytes
content-length: 255711
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/banner/2.jpg
199.188.200.173200 OK 200 kB URL HTTP/2 www.westsprintcapital.com/frontassets/images/banner/2.jpg
IP 199.188.200.173:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x850, components 3\012- data
Size 200 kB (200322 bytes)
Hash 29b813f46dbdf5f9c87f0bc1296997de
780cc904a645848de4d8193c268ec26d5fc88d91
c6f43dd307bc44e72bc535193314926de01f0ee75ad3cd08fc41cfb2454144f2
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/banner/2.jpg HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/frontassets/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jan 2020 22:18:56 GMT
accept-ranges: bytes
content-length: 200322
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/assets/image/logo.png
199.188.200.173200 OK 358 kB URL HTTP/2 www.westsprintcapital.com/assets/image/logo.png
IP 199.188.200.173:0
File type PNG image data, 2079 x 543, 8-bit/color RGBA, non-interlaced\012- data
Size 358 kB (358452 bytes)
Hash 046a401a2aec86b4abdc03d7ce6e0e2f
08bbde2381fd6b5ef14178f47972ea6a9f3464bc
77f9d459864bed60c68c94574f64b7a9fa7525a6b11cf14513503941e70a3412
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/image/logo.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Thu, 12 May 2022 21:15:49 GMT
accept-ranges: bytes
content-length: 358452
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/inc/switcher/css/switcher.css
199.188.200.173302 Found 163 B URL HTTP/2 www.westsprintcapital.com/inc/switcher/css/switcher.css
IP 199.188.200.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52a27ab39269c5d9778410139c5bc40a
db80a5b9f75d3617e91e6c3b1fbab1c10e2e441a
1540267c2d235db2c66a5f235ce1c4b61a749ce304a898737a4f90d6e477833c
Analyzer Verdict Alert quad9 Sinkholed
GET /inc/switcher/css/switcher.css HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
x-powered-by: PHP/7.3.33
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://www.westsprintcapital.com/
content-type: text/html; charset=UTF-8
content-length: 163
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 23:19:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/inc/switcher/js/switcher.js
199.188.200.173302 Found 163 B URL HTTP/2 www.westsprintcapital.com/inc/switcher/js/switcher.js
IP 199.188.200.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52a27ab39269c5d9778410139c5bc40a
db80a5b9f75d3617e91e6c3b1fbab1c10e2e441a
1540267c2d235db2c66a5f235ce1c4b61a749ce304a898737a4f90d6e477833c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /inc/switcher/js/switcher.js HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
x-powered-by: PHP/7.3.33
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://www.westsprintcapital.com/
content-type: text/html; charset=UTF-8
content-length: 163
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 23:19:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.westsprintcapital.com/
199.188.200.173200 OK 10 kB URL HTTP/2 www.westsprintcapital.com/
IP 199.188.200.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (480)
Hash 43d612b8cc3dd30d7c859de1030d40e5
fdca3d3b23c47dff75fe34b691d399b833c32205
770f94eb557d637bdd1957d3b65c0663f232da819bdd4046d5b1cb86cbff7acb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.westsprintcapital.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6IkYrUG9CRUJoVHpKTjhyNStBYVZXelE9PSIsInZhbHVlIjoiMVJTWk5qYkNiWCs5dFhaOGxhVU5QMDdZM29ITTFJNk1kYkgwcEZvMkF6NnM3bUZjaklSMVYzZ1FlOUtCWEtlRSIsIm1hYyI6ImEyYTMyOGVkODZlMmZiZTRhZjMwMWE1NDdmY2U2ZjI3NGFkM2E1OWQxZTE1NGEyOTAwNzAyODFkYjlkNzNmODUifQ%3D%3D; expires=Sun, 04-Sep-2022 01:19:54 GMT; Max-Age=7200; path=/; secure
west_sprint_capital_bank_session=eyJpdiI6IlNRc3hCYWx1Z1JIb1NMZ09zVFpcLzd3PT0iLCJ2YWx1ZSI6InVBSW0xZ0gxTERoaU1CM09GYVpwajdnMjBXUjdHUE41MGh4Q2JpbEVhU3NhZ2J2V1k2N0d2cENZM1dSSkl5dmgiLCJtYWMiOiI4ZDk1OGE5ZTQxYzA5ZWY4OTc0ZmU2Y2JlYWNkNzMzYjlkZDYyNzM0NWNjMWY3M2U3NDlhNmM2Y2Q0ZGQxYTM5In0%3D; expires=Sun, 04-Sep-2022 01:19:54 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 23:19:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1278db78948279716d72ac203ad8fb0d
1746b9863b781ed9a0c26a126b9b80d36c903974
8d9e31a35490bc2ebef4c4c2152c89b62491c0cdfc31ec0594bc21fd2e9f43f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 23:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
142.250.74.164200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Sat, 03 Sep 2022 23:19:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.westsprintcapital.com/
199.188.200.173200 OK 0 B URL HTTP/2 www.westsprintcapital.com/
IP 199.188.200.173:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; expires=Sun, 04-Sep-2022 01:19:49 GMT; Max-Age=7200; path=/; secure
west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D; expires=Sun, 04-Sep-2022 01:19:49 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 23:19:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//1_109_0/static/js/widget.ab79717f7151353390a1.js
172.67.71.3200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com//1_109_0/static/js/widget.ab79717f7151353390a1.js
IP 172.67.71.3:0
GET //1_109_0/static/js/widget.ab79717f7151353390a1.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 23:19:53 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 10:12:36 GMT
vary: Accept-Encoding
etag: W/"62fe1094-81be9"
cache-control: max-age=691200
cf-cache-status: HIT
age: 2549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxyBDuMvBAp4PfpoGAhEI3hREiEZtbZSx%2F9mGlZRjrucn5ArqzWgf%2FE1BdS19lp%2B5tZbhNvQ%2FjaTY%2FUqD8mC%2Fzb%2F29sxGs8VPhOsbJnRPeVLsEaGM%2BmExCwIowkzHph5xJZ40juwxny%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7452367d5fd7b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.westsprintcapital.com/frontassets/images/an1/3.png
199.188.200.173200 OK 0 B URL HTTP/2 www.westsprintcapital.com/frontassets/images/an1/3.png
IP 199.188.200.173:0
Analyzer Verdict Alert quad9 Sinkholed
GET /frontassets/images/an1/3.png HTTP/1.1
Host: www.westsprintcapital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.westsprintcapital.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNxemRabTJaRHVDXC82MjM5TnJWZ1wvQT09IiwidmFsdWUiOiI3cGdpSkFMeFwvaHhRbkxSaXpKZTBKU1dHejFnSFJ3RU9nN3pUd1dIYmRsOTZUMHBpb2FZY2NlNFpDbmxSTzVnNyIsIm1hYyI6ImZjN2M4MGJlMTAwOTNkZDYyM2JkMzMyNjkyMzcwNWFmMjczNTZmZDgyYzgzYjBiNjAzZTFkYjhmYzE4NGU5Y2IifQ%3D%3D; west_sprint_capital_bank_session=eyJpdiI6IkZFWnh5dEozcjA2NVkzZTV6eWZvNmc9PSIsInZhbHVlIjoiaFhkbEFiYWpKWDhScjhPanh2SnRZUzBWVGhjWUd0YndZeno2T200Y28yZk5hQmUzVEJwMCswTzFVN21XZUJ4cyIsIm1hYyI6IjZmZjMwNjBhOTEzNmRlZjI4NzA3ZTI0YmZjNDViNzdkZjliMjgwNmY4ZjNmMzAyM2I2MTNmNTY4NGE1Mzc5MWQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Sep 2022 23:19:50 GMT
content-type: image/png
last-modified: Tue, 07 Jan 2020 22:18:10 GMT
accept-ranges: bytes
content-length: 88168
date: Sat, 03 Sep 2022 23:19:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_109_0/static/js/render.ab79717f7151353390a1.js
172.67.71.3200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_109_0/static/js/render.ab79717f7151353390a1.js
IP 172.67.71.3:0
GET /1_109_0/static/js/render.ab79717f7151353390a1.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.westsprintcapital.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 23:19:50 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 10:12:36 GMT
vary: Accept-Encoding
etag: W/"62fe1094-4311"
cache-control: max-age=691200
cf-cache-status: HIT
age: 5211
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SWppIPG4U8PEB%2F0%2Br06EeKbogjEhPTt1Ki4yPVKsqalavmKx4ms%2B6iV2wVOFgnJMDxs427WJ4CAmvdUxv8Vz%2Bh7g6OVDb9BKLo26VCABzymlsftnKHIPTHMYqsNWOMbxV%2FgaHCeqrS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7452366bb96db523-OSL
content-encoding: br
X-Firefox-Spdy: h2