Report - pennycronelasvegas.com/

Report Overview

Submitted URL
pennycronelasvegas.com/
IP
96.126.99.100
ASN
#63949 Linode, LLC
Submitted
2022-09-27 15:05:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	11 kB	104.17.24.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
ssl.p.jwpcdn.com	2512	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	8.9 kB	151.101.86.114
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	735 B	1.5 kB	142.250.74.10
images.dmca.com	11903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	745 B	3.7 kB	151.139.242.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
www.lasvegasrealtor.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	2.7 kB	74.208.20.193
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.149.28.179
d2s0ek76zke5go.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	277 kB	54.230.245.84
pennycronelasvegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	772 kB	96.126.99.100
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
s3.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	347 kB	52.217.132.144
assets-jpcust.jwpsrv.com	2881	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	712 B	47 kB	151.101.86.114
www.cloudflare.com	6775	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	325 B	104.16.124.96
dtd26ob4sfq17.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	32 kB	143.204.42.66
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	6.7 kB	142.250.74.163
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	742 B	1.7 kB	142.250.74.164
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	807 B	142.250.74.46
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.100
content.jwplatform.com	3255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	610 B	54.230.111.69
jwpltx.com	2651	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	199 B	151.101.130.114
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.6 kB	93.184.220.29
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.22
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	4.6 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	pennycronelasvegas.com/	Phishing
2022-09-27	medium	pennycronelasvegas.com/	Phishing
2022-09-27	medium	pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js	Phishing
2022-09-27	medium	pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js	Phishing
2022-09-27	medium	pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js	Phishing
2022-09-27	medium	pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js	Phishing
2022-09-27	medium	pennycronelasvegas.com/fonts/avenir.woff	Phishing
2022-09-27	medium	pennycronelasvegas.com/	Phishing
2022-09-27	medium	pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js	Phishing
2022-09-27	medium	pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0	Phishing
2022-09-27	medium	pennycronelasvegas.com/fonts/avenir.ttf	Phishing
2022-09-27	medium	pennycronelasvegas.com/visitor_log	Phishing
2022-09-27	medium	pennycronelasvegas.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js	483 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 8b69d038e9da700ec36148024782ba23 863f41c47cf9d843abfe8ce2b5514a691a57742a 4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e Loading...

	pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js	4.0 kB	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 70a774951af96e61e57cde64b49b66f7 bf9f3470f5ca10b7968b19656fcf692939e35caf d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14 Loading...

	pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js	38 kB	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 42173c874591f88f85ab701df850d0e7 da2c85886430dd508ab6daa683411c3381666fdf fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b Loading...

	pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js	7.8 kB	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 6a8c64a9816c52d01a5c9a66f50a031e 6f7a2119a28757a936a3ad2d8ffd4553c1abcb2a e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc Loading...

	images.dmca.com/Badges/DMCABadgeHelper.min.js	465 B	2023-03-07	2024-04-18
Pretty URL images.dmca.com/Badges/DMCABadgeHelper.min.js IP 151.139.242.29 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-18 09:40:53 Times Seen3904 Hash bac6fb686027b93b6565e1b1e5e8e213 e585bdd95488444f0ce2888d8281dbdaf73ca2ea e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Loading...

	pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js	498 kB	2023-03-08	2023-03-08
Pretty URL pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-08 02:32:37 Times Seen1 Hash 474514ae84592eed4cee7100e55fe4f9 d23d44d24f16d2e8fe7659c8a7d0dbfbe3265d6b c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585 Loading...

	pennycronelasvegas.com/	789 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 1d135f2ed376c3fed7023cddac2959f6 3d06346c7c7a29915dce039435c7f2e24aa6879f 3966403f7c0241d4e4f4820177e1b4bd943a3e8016e5e1d1da3576d39f4d78dd Loading...

	http:srcdoc	1.2 kB	2023-03-07	2023-10-23
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-10-23 05:00:07 Times Seen4 Hash 1de62a4f326c081c49d5fdbb380837a9 2306f80fa6c73543b3af799b105ef6fc812d89d0 71a8551572997ad5c34fb5e73b002d5b1ce1d900c9e5453f1fe24dfb68bd6c13 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-18
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-18 16:44:47 Times Seen14107 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js	43 kB	2023-03-08	2023-03-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-13 12:48:18 Times Seen1 Hash 68b2488f42895575f623b54a2780d9ef 9a3999eabe2e99f967b44ac8f92703fa282d497b 9f07468af03f49be1ee3e7b224a68874d6583f8906aad815b86aa52d8fb14845 Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	78 kB	2023-03-08	2023-03-08
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-08 02:32:52 Times Seen1 Hash 08df42faa61431e207c01c515485690f 53dee6090b9767af2c49b0b6e9de866a8c3895db e434cb9e0047b027c06c853770c7fa20bba90f79d99c96fe1313e97171c7ed97 Loading...

	pennycronelasvegas.com/	209 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 2af9da39d76b51c75fcd84f6cc6ba7be 9e4ad2566d7810cf4595b522c6d36b8d87763176 967dd175901a9fb3926686d6626866f31278fd3b4d59601d6e83b006a5736cb0 Loading...

	pennycronelasvegas.com/	299 B	2023-03-08	2023-04-24
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-04-24 10:59:11 Times Seen4 Hash 016c4c546ab696415f51879acdbfc5d2 aff0d3cd18302c209832fb2559b1cdc91d15efab 5d9139b2fccde0ef1f88ae647165636e2b22dcb6c9fc68ef64f0954ed7c74a5a Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.Aw0KCF0YAxE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoKgx5LsdYmbmnxU3cRYVKJn0Zzig/m=el_main	268 kB	2023-03-07	2023-10-23
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.Aw0KCF0YAxE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoKgx5LsdYmbmnxU3cRYVKJn0Zzig/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:03:02 Last Seen2023-10-23 05:00:08 Times Seen13 Hash 37ba6e1860a4983d078bafa6675a6787 c38e71bcb3905235d0d8381a84dc75ed50904ef6 7761301af9d3858f4e0b3036539b390a92754acc4b09f4ff8d52f43f5bb1802a Loading...

	pennycronelasvegas.com/	695 B	2023-03-08	2023-03-09
Pretty URL pennycronelasvegas.com/ IP 96.126.99.100 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash 4808651d4cc57c52fee33893cafdffc0 9173f37c4af58548cdb9958e69b053050067fb44 f4f2f5eb390148dede0682260552de7c18594ecaad4452bd222e19151fa3f8e1 Loading...

	assets-jpcust.jwpsrv.com/player/6/6124956/ping.js	1.4 kB	2023-03-08	2023-03-09
Pretty URL assets-jpcust.jwpsrv.com/player/6/6124956/ping.js IP 151.101.86.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2023-03-09 00:33:56 Times Seen1 Hash e11f4da88a8186056c01979bc54a55e5 414e25ac51174d4ace1f84d7a30517f121b9eabb c2e45ab0ed7253b725b6bc57913232b65477d5ecf11ed866f587bc4df8474f12 Loading...

	ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js	21 kB	2023-03-08	2024-04-07
Pretty URL ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js IP 151.101.86.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:37 Last Seen2024-04-07 09:57:52 Times Seen57 Hash 2a7ba57974f06d8fa1764d6a954539f3 ff371f9b0ddd85521c96b66b21bd89e0dc8fce1a 88b95e41889181d10a0b4e76f249843790dd7ff53c5df0bea4233412111ab1de Loading...

		Size	First Seen	Last Seen
	#1 Eval - 444bcb3a3fcf8389296c49467f27e1d6	2 B	2023-03-08	2024-04-18
Pretty Observations First Seen2023-03-08 02:32:37 Last Seen2024-04-18 22:50:59 Times Seen106709 Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Loading...

		Size	First Seen	Last Seen
	#1 Write - 0417a9442da49f1ec898ccdcf6878cee	382 B	2023-03-07	2023-11-29
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2023-11-29 07:01:06 Times Seen10 Hash 0417a9442da49f1ec898ccdcf6878cee e7dc523a66f6d88e36e1fcf13e9476bbe0758024 ed5190be636529fe44951890e8fa47120431aae198c2f6684fd65620546c2fff Loading...

	#2 Write - 7eb60494609c87f9ba01b4f5249b4f9f	2.9 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2023-03-17 12:38:49 Times Seen1 Hash 7eb60494609c87f9ba01b4f5249b4f9f 4d43111c733faac565df2d90ed0e6b8c493ea5e8 1419aab7d963a21ca0982e1e4b3f456213feb0796dc4fe021eb23f8264b1c178 Loading...

	#3 Write - 17b4f42d4db289726d11bffdeb8ecb62	382 B	2023-03-07	2023-06-19
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2023-06-19 20:30:52 Times Seen84 Hash 17b4f42d4db289726d11bffdeb8ecb62 4714b95ed330602e794dcb5c76a744645b463b8c c68c84b340115ef05318c4438aed24d3cd6198fdac59ac30dc7bac98452fda69 Loading...

	#4 Write - d408c1dab455680f5bbe1d9e39d7ce64	382 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2023-03-17 12:38:49 Times Seen1 Hash d408c1dab455680f5bbe1d9e39d7ce64 7dd6cf5a94bd714bac8f5b616fda09f0db5bc7e4 b55d620fbd4437f635943e51960611f5154c58146c88bf93dbe3419546f4903e Loading...

HTTP Transactions (87)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dLdRgAngaYbIiTfiIo9wBKqq_Pw7V11bStQVzpjp0OWihBmBQLNcKA==
Age: 3013

pennycronelasvegas.com/

96.126.99.100

301 Moved Permanently

169 B

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
4d5df04587b6abb07e32aa83f8da135a
6692cd0836d1ee08ec23820ed703dd959c92e3f8
6df3768e22eccc33abe2a50cb4650dbfb5f4f5884d80c82508e62665d29dd6d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
server: nginx/1.17.3
date: Tue, 27 Sep 2022 15:05:43 GMT
content-type: text/html
content-length: 169
location: https://pennycronelasvegas.com/
access-control-allow-methods: POST, GET, OPTIONS
referrer-policy: no-referrer
set-cookie: NB_SRVID=srv1656166; path=/
cache-control: private
connection: close

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7834
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 15:05:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u6USVqTc0gLm2p8zguFCNfvO5Zip5jPt8R_hq2Q2ePvT2gK4zHcpJA==
age: 20491
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 14:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 15:06:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lsdSMuBAnk-QoqpwH9vPYXdPNy9jY0jM8AkaWNLrCpTL2rLWqNHkzQ==
Age: 3298

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
550c4882b194a981992251a31fd83b3e
dcbe52eb607f313c7c531ca42de9c538154c9fcb
b2aa20656d00cef4ab3cf4b5d9844581b44f55f2d2ae518c0782433c36979b74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2AA20656D00CEF4AB3CF4B5D9844581B44F55F2D2AE518C0782433C36979B74"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Tue, 27 Sep 2022 21:05:11 GMT
Date: Tue, 27 Sep 2022 15:05:44 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6244
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Last-Modified: Tue, 27 Sep 2022 13:21:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.149.28.179

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.28.179:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nz9uNjQneHwWIeq8/xmM7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +Xw3OkHmrZVzLixUfnPYedgFdcU=

pennycronelasvegas.com/

96.126.99.100

200 OK

18 kB

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
18 kB (17730 bytes)
Hash
7b05547b41305df4d2441f9fa2072b8b
2e1f803574564b8a40452200054e787239e11309
a933fed451f832a91f1c532f61341fc98baf61a88131e56bd37d0b40b0ee1693

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 4e50e4cf-4297-4797-a7df-cb72b1a17fc5
ETag: W/"c1e618becf6c48cb187cc706a0a4e574"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.054442
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:44 GMT
Set-Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js

104.17.24.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32072)
Size
10 kB (10318 bytes)
Hash
b1d38b850f2d249ecb6bc995eecc9d96
30facf94c44ca45e7521a25e5e73273c26fa7ddd
8097499101c6c88640c1bc49c3f00179c32f842d6ce79482fa3ccb48a23203d2

HTTP Headers

GET /ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 10318
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8f-a750"
last-modified: Mon, 04 May 2020 16:06:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 162996
expires: Sun, 17 Sep 2023 15:05:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bhv%2B%2BArV9T6kNTkawlyskJd7k4%2FOa%2Fyo%2F0mk7j1b2sbhc%2FPe%2B4VpjIIo3sQnJjfipfisK6psoGPZBLNrXsTbFOj20aPj9VAJyG3A8%2BPi08XEqAEN1c5d02RYse%2B83a36OSRZwa2r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751523a88831b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
ed4b10195156be53252459b6a822d4fa
4b8f6a876639e5e6e7e565b52179151be487d2db
a6ba078345b3eaae06502628c7265ea0c6e47b99a288c77edd329516a2a93943

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 15:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 12:30:59 GMT
Expires: Wed, 28 Sep 2022 12:30:59 GMT
ETag: "4b8f6a876639e5e6e7e565b52179151be487d2db"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

images.dmca.com/Badges/DMCABadgeHelper.min.js

151.139.242.29

200 OK

280 B

URL HTTP/2
images.dmca.com/Badges/DMCABadgeHelper.min.js
IP
151.139.242.29:0
ASN
#12989 StackPath LLC

File type
ASCII text
Size
280 B (280 bytes)
Hash
676eb336bf17b6d9ba8106a096fdd587
22d3b0769cd5aa177e723be2456b32509914fa7d
9e9dc74a53c9a60256b8d4db5b26d02599cea75d3d00e02f16bef59169477a69

HTTP Headers

GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:45 GMT
content-type: application/javascript
content-length: 280
cache-control: max-age=2592000
etag: "26b181f16d28d51:0"
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
x-powered-by: ASP.NET
expires: Thu, 27 Oct 2022 15:05:42 GMT
access-control-allow-origin: *
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-encoding: gzip
vary: Accept-Encoding
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496

151.139.242.29

200 OK

2.4 kB

URL HTTP/2
images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496
IP
151.139.242.29:0
ASN
#12989 StackPath LLC

File type
PNG image data, 100 x 20, 8-bit/color RGBA, interlaced\012- data
Size
2.4 kB (2390 bytes)
Hash
521db716019fc733b48f77f9822b30ee
8f8e11a44c38076713fd1a0233ef7de9f68498ed
2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1

HTTP Headers

GET /Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:45 GMT
content-type: image/png
content-length: 2390
cache-control: max-age=2592000
etag: "70d0a63aace6d11:0"
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
x-powered-by: ASP.NET
expires: Thu, 27 Oct 2022 15:05:21 GMT
access-control-allow-origin: *
link: <http://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-11.png>; rel="canonical"
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css

96.126.99.100

200 OK

3.1 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (12653)
Size
3.1 kB (3083 bytes)
Hash
14e02d2509c4e9c021da0ac5141ff383
c8cdc88b7b962aec32ec75a168058e1af2b4c1a1
343373f029bc431ff0c944aed6c9838897107cb5b62dae0b002ca355fe4ae535

HTTP Headers

GET /assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: dca6a6d2-412e-4391-a966-fedc89496c12
ETag: W/"1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36"
X-Runtime: 0.001223
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
425c9009140c3680ae79727ebae628ec
185468efb8d32dcb06f052e0556dbd750d985954
3a11483f5352a50e3ae89f3d1f252ee1c579f593cf8f79f1242792be7099c174

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 15:05:45 GMT
Last-Modified: Tue, 27 Sep 2022 13:20:31 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qy7_IEBAPR9jqo9KMjNWjuvzcWf5kE13aKCmDHqAl_MIyvnamKocVQ==
Age: 6314

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
425c9009140c3680ae79727ebae628ec
185468efb8d32dcb06f052e0556dbd750d985954
3a11483f5352a50e3ae89f3d1f252ee1c579f593cf8f79f1242792be7099c174

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 15:05:45 GMT
Last-Modified: Tue, 27 Sep 2022 14:10:14 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EgwbMVYZtXW5INf-qD-FEJfw5ZcuCVuYMw6GnuUXdSdIRe9jpypSeg==
Age: 3331

pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css

96.126.99.100

200 OK

9.1 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (36298)
Size
9.1 kB (9142 bytes)
Hash
32f0f34521a2fc2b1f354859df9cf65f
f803967ee5787eed9275b591412d8d0c1af555c3
fa3e83e9ddc04c4c6cdabfa5c949508406c791e7177b10fd1272bf5331bfb33b

HTTP Headers

GET /assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 641a5ace-1de0-43da-9df9-3b27270e4107
ETag: W/"a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667"
X-Runtime: 0.000829
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css

96.126.99.100

200 OK

1.4 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (4127)
Size
1.4 kB (1369 bytes)
Hash
f4897cf23e898fdd0fd4dfa22dd511a9
65816d4b1762d14f53486744ebf7ab451c063224
5860c6897bb7389941d3960bcdebb90c1a7b0fd0fb7c0f1285596b62f0f0e4e2

HTTP Headers

GET /assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 1b45e1c3-3d90-475d-9f54-2b6097340891
ETag: W/"86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2"
X-Runtime: 0.000751
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js

96.126.99.100

200 OK

38 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (33913)
Size
38 kB (38476 bytes)
Hash
42173c874591f88f85ab701df850d0e7
da2c85886430dd508ab6daa683411c3381666fdf
fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 38476
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: cb4d6187-6788-48b8-bac8-0fdbbe7548c7
ETag: "fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b"
X-Runtime: 0.000976
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js

96.126.99.100

200 OK

7.8 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (7836), with no line terminators
Size
7.8 kB (7836 bytes)
Hash
6a8c64a9816c52d01a5c9a66f50a031e
6f7a2119a28757a936a3ad2d8ffd4553c1abcb2a
e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7836
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: aa0826f1-df82-4b48-9724-1bce9d80e6bf
ETag: "e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc"
X-Runtime: 0.001028
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js

96.126.99.100

200 OK

483 B

URL HTTP/1.1
pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (483), with no line terminators
Size
483 B (483 bytes)
Hash
8b69d038e9da700ec36148024782ba23
863f41c47cf9d843abfe8ce2b5514a691a57742a
4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 483
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 2506e7f6-c6db-44dd-add5-52ff2f6af6fb
ETag: "4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e"
X-Runtime: 0.000919
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js

96.126.99.100

200 OK

4.0 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (4026), with no line terminators
Size
4.0 kB (4026 bytes)
Hash
70a774951af96e61e57cde64b49b66f7
bf9f3470f5ca10b7968b19656fcf692939e35caf
d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4026
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: b7f90a2c-67e5-4610-8456-275f8f1a1930
ETag: "d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14"
X-Runtime: 0.001016
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css

96.126.99.100

200 OK

45 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65368)
Size
45 kB (44710 bytes)
Hash
557969dc5021dde6791ead6c0422c4d7
7a50d476d4aa201371555069667e59ceb63e74f2
6a121afb31f6d5c8321e1bd2c0d1e030ac127c716f1bbb5aa8003a0b75f07e16

HTTP Headers

GET /assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 1fb4384a-4426-45aa-9e87-4b5ad4e8ac0d
ETag: W/"0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9"
X-Runtime: 0.001610
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.74

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 14:27:48 GMT
expires: Tue, 27 Sep 2022 15:27:48 GMT
cache-control: public, max-age=3600
age: 2277
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png

96.126.99.100

200 OK

937 B

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
PNG image data, 1 x 45, 8-bit/color RGB, non-interlaced\012- data
Size
937 B (937 bytes)
Hash
4fdb1b014f02b9d864a630c39c2ef13a
ce10cd2e9ef878dbc42532b94eb3b9f95a7e798b
bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7

HTTP Headers

GET /assets/themes/realtyone/bg-bar-active.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 937
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: 1e5767a9-b202-468c-b017-46fe8044aeae
ETag: "bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7"
X-Runtime: 0.000603
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg

52.217.132.144

200 OK

20 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 325x252, components 3\012- data
Size
20 kB (20263 bytes)
Hash
517180675348875d42a029031b8d4f81
797e0e31adc255be6ca3e5052f43127c03cbedd1
f2d844ba1a680c355dc4f8da09b140709556daf1f13c00bc2fd327bea6419e7e

HTTP Headers

GET /glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: F+ri5wOJ2X4nI4VPzQyGftdSM+DjPcpD6diPQB7oUCdatZu1zPxQQtTJjSzMVntsWxE0V/Lbfbo=
x-amz-request-id: 8VKANG6W11AEF6CB
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Mon, 30 Nov 2015 02:55:12 GMT
ETag: "517180675348875d42a029031b8d4f81"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20263

pennycronelasvegas.com/fonts/avenir.woff

96.126.99.100

302 Found

97 B

URL HTTP/1.1
pennycronelasvegas.com/fonts/avenir.woff
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/avenir.woff HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 5d3daebf-4f39-464b-a79e-b08f53710c3e
Location: https://pennycronelasvegas.com/
X-Runtime: 0.009390
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:45 GMT
Set-Cookie: _agentformula_session=b1lsc1R0Rmkwblp0MGk2cCtMK3d5UXI4clF0bVNyWm1Bb003QWZxTEM3SHZuYmJjSDA3L2N6bG4zTzdseGhIMndDYm1UZjdId1dqbW9xMjFRU2hya095eGJJNHdSK1FhWStWeUJJNlhtSzhjM2V0c283ek9MOUNvMm02YUJKZCtMY0NDaG1odHprZlBCeFlVQUFHTUtqVGpDTjNUUElacmdlZTdKbzc0MkdqZjM3Vkx3dkt6TEJhdWM5eTI5cmE2N3E3MTJ6VS84WmdLTFh4UjQzcU0wdDJiU2J1UGpSbklRUmJ5N1BSZitNb2pWSTdqT2d0MmppY1VwSWM2US9ac0FxL0RrU3hGUHZXUVRuUlZ6dzAzdTJ5NkgrL2NiYVpMZ25Iak9rU0ZYYWM3UENxWG0reUFiaThPU0F0QXpyclYvOWNUNmFvVWR0NWRFQkthNGY4eDFEWHZoMUJadUE1ZzBKbStHZiswMmN6WGFDbE9QNS9zaU4vK3hYQi80MGhadm4rNE54enVaTG1LRHdBenNVM1B0QVBhZjNkOHk1MzBFZWZVSVk0NG95YWxiK2JyMVF6VExjMUc2Qk9JMWZ2RGNwZWJjbkZpTENKVXV5bWdSdXNWWDNqcXdYV2ZHbTM2R0dKMFhUTFRJN3gvTEZEQVBSVS9xdXZpTkhOQXZHMmE2UDk0elJwZytENGpoUHdmWHdWdWZCaUViQmxLM2JoN09ZSWN3YjR0M2NLNzF1dXpCRjM4MkJLdGYzdXJNTVdBV084SGhqQWlWeTVvNjZIcW94aGJheGlKc2hUTnlEcGlFWVZ1WEd3Qlh3eHU4L1FRWlNCbFkwSjgrTE1PYWNMbmhKSUt4S3Y5NENDeTN4L3lPdnJFOXhGUyt1K1RIREVvNmFEUHFJWk1GVG85cFF6bTVHTEllbXhLNksxUEtRTlNoNXdFaVdQY2hXeEFGUHZsa0h0VDR3PT0tLTRacS9iUHZ3bWdvNld4UVBhYXZPQVE9PQ%3D%3D--730df09d40d4ab7ab499d6bb8c2be5ae045b0b2f; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif

96.126.99.100

200 OK

1.3 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
GIF image data, version 89a, 1 x 45\012- data
Size
1.3 kB (1320 bytes)
Hash
993f232f9ea938ed9ea9d9ecbc32cbb6
0f7295588657c3e50c6090c67057bfbef32f9514
83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d

HTTP Headers

GET /assets/themes/realtyone/bg-bar.gif HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1320
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: a8a5294e-b6bf-4621-8ec6-a08372ba98ca
ETag: "83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d"
X-Runtime: 0.000862
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg

52.217.132.144

200 OK

20 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, PhotometricIntepretation=RGB, xresolution=122, yresolution=130, resolutionunit=2, software=Photos 4.0, datetime=2020:02:11 16:53:56], baseline, precision 8, 360x320, components 3\012- data
Size
20 kB (19716 bytes)
Hash
03e76aa23591f601b791db719befda45
1c13f6786199fba9966f0aa48329403a905b421b
6a4d1a53c7965506e114131c90e132f51a9e71ef3033b1baf1946ef7908ddb9e

HTTP Headers

GET /glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: UHolR2EisWTYwlu7GzVu6eIY0tPlQY13ujsISKndehnpO9y/VR33MwaikSMbEfb2MRGrrm5BGYo=
x-amz-request-id: 8VK7VV6G4AYZZAA1
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Mon, 01 Nov 2021 19:11:21 GMT
ETag: "03e76aa23591f601b791db719befda45"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19716

s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png

52.217.132.144

200 OK

28 kB

URL HTTP/1.1
s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
PNG image data, 595 x 149, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27690 bytes)
Hash
47a6f19c07360806ebd0e2251f8f61bb
51373f28e7f3ff1eb950d261048097ba525a1a14
d75e93d9bc3280d7e4df4078f7236499ce6b5475280232fa5e03b9c065511ac8

HTTP Headers

GET /photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 27oE0R70H/qT32iULdPHgXsuGOMbE3n/cYB230UpXTqwc04VO1YtHn/+fysyyXM1UkidgydVzpk=
x-amz-request-id: 8VK5FC69T46W4VMG
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Mon, 13 Jun 2022 21:43:19 GMT
ETag: "47a6f19c07360806ebd0e2251f8f61bb"
Accept-Ranges: bytes
Content-Type: 
Server: AmazonS3
Content-Length: 27690

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e141d2e6318185abc0f223d8f74e1964
13ba8a91335b46f6bfe4b89f8ee273a9de301f33
a9207e5598a92125ac3f19ccb04e48e4c44a3204616cb19f8cbb81148e913da4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Server: ECS (amb/6BAB)
Content-Length: 471

s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg

52.217.132.144

200 OK

90 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=2592, bps=182, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 40D, orientation=upper-left, width=3888], baseline, precision 8, 325x252, components 3\012- data
Size
90 kB (89780 bytes)
Hash
0e9c43a2b1edd19fd678777ea7a0ea7c
744e5a6caa285f62e9c10a32ca6fd96d25813c65
26790e6caf160c0d32bc952c10d34cb2cf7f5b743884d3739c38b4c1598ee929

HTTP Headers

GET /glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: s4e3LOmmOTBEk1q6sfa2Q5ocFvkkj4hLcjHl4dc1EZFFedao3sjusutgAyCQYj9OTsXTAWiVSs8=
x-amz-request-id: 8VKDD70BCER17GVS
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Thu, 19 May 2016 01:50:38 GMT
ETag: "0e9c43a2b1edd19fd678777ea7a0ea7c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 89780

pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png

96.126.99.100

200 OK

26 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
PNG image data, 80 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25760 bytes)
Hash
bef2baa6d19968878b9c24b337bb6d51
a61917f66a760bddade27d336c64c1982cf216a5
c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad

HTTP Headers

GET /assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Tue, 27 Sep 2022 15:05:45 GMT
Content-Type: image/png
Content-Length: 25760
Last-Modified: Thu, 08 Oct 2020 11:52:47 GMT
Connection: keep-alive
ETag: "5f7efd8f-64a0"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes

s3.amazonaws.com/glvar-photos/logos/original/1108/download.png

52.217.132.144

200 OK

5.8 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/logos/original/1108/download.png
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
PNG image data, 325 x 155, 8-bit colormap, non-interlaced\012- data
Size
5.8 kB (5754 bytes)
Hash
73eba774f375c4f8da31cb0867e39b4f
042175818c35094c650d9dcb3cfabc466c22012b
67a439992bd17b27eea80162579a0b6ee57e82ad3708c3d8fc26acd2c42401f6

HTTP Headers

GET /glvar-photos/logos/original/1108/download.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 4cAm2Loi/SGVKjIhM+5OmqGDDE3+P/HekQOed+5c2JBysNQ41BDIGNejY2OUNobqMn8cxSCeFEA=
x-amz-request-id: 64KQ8QSJG42S61MM
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Tue, 07 Apr 2020 23:30:46 GMT
ETag: "73eba774f375c4f8da31cb0867e39b4f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5754

s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg

52.217.132.144

200 OK

7.8 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, PhotometricIntepretation=RGB, xresolution=122, yresolution=130, resolutionunit=2, software=Photos 4.0, datetime=2020:02:11 16:53:56], baseline, precision 8, 99x116, components 3\012- data
Size
7.8 kB (7807 bytes)
Hash
93f5b5d231a0c545d0d346da11221ff4
058455e7e7ae4e618d9b0906fd5a7ebe089915b7
ad2634edd7983f1cfb6c38bf0f07f7c7935d5eee8f28a4924fc2f55bed0e5699

HTTP Headers

GET /glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: LUoVGlLT6vlqefIAhXVhlu9abjPWJpQ0Ovfe+uWEfOsF700K7EUPukKw967plLkV/KUtl0Z5Ah0=
x-amz-request-id: 64KK8B6C65KVB60N
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Mon, 01 Nov 2021 19:10:23 GMT
ETag: "93f5b5d231a0c545d0d346da11221ff4"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7807

pennycronelasvegas.com/

96.126.99.100

200 OK

18 kB

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
18 kB (17682 bytes)
Hash
e2c74e39672b628aa885d99f9d3266ea
36db76af4302b44742f382f31c04fc7a0b0f4db2
b54e073186a5fe30ef4cb17dd1c869533364bd2e2947f224bc9aadf1d86ba72f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=b1lsc1R0Rmkwblp0MGk2cCtMK3d5UXI4clF0bVNyWm1Bb003QWZxTEM3SHZuYmJjSDA3L2N6bG4zTzdseGhIMndDYm1UZjdId1dqbW9xMjFRU2hya095eGJJNHdSK1FhWStWeUJJNlhtSzhjM2V0c283ek9MOUNvMm02YUJKZCtMY0NDaG1odHprZlBCeFlVQUFHTUtqVGpDTjNUUElacmdlZTdKbzc0MkdqZjM3Vkx3dkt6TEJhdWM5eTI5cmE2N3E3MTJ6VS84WmdLTFh4UjQzcU0wdDJiU2J1UGpSbklRUmJ5N1BSZitNb2pWSTdqT2d0MmppY1VwSWM2US9ac0FxL0RrU3hGUHZXUVRuUlZ6dzAzdTJ5NkgrL2NiYVpMZ25Iak9rU0ZYYWM3UENxWG0reUFiaThPU0F0QXpyclYvOWNUNmFvVWR0NWRFQkthNGY4eDFEWHZoMUJadUE1ZzBKbStHZiswMmN6WGFDbE9QNS9zaU4vK3hYQi80MGhadm4rNE54enVaTG1LRHdBenNVM1B0QVBhZjNkOHk1MzBFZWZVSVk0NG95YWxiK2JyMVF6VExjMUc2Qk9JMWZ2RGNwZWJjbkZpTENKVXV5bWdSdXNWWDNqcXdYV2ZHbTM2R0dKMFhUTFRJN3gvTEZEQVBSVS9xdXZpTkhOQXZHMmE2UDk0elJwZytENGpoUHdmWHdWdWZCaUViQmxLM2JoN09ZSWN3YjR0M2NLNzF1dXpCRjM4MkJLdGYzdXJNTVdBV084SGhqQWlWeTVvNjZIcW94aGJheGlKc2hUTnlEcGlFWVZ1WEd3Qlh3eHU4L1FRWlNCbFkwSjgrTE1PYWNMbmhKSUt4S3Y5NENDeTN4L3lPdnJFOXhGUyt1K1RIREVvNmFEUHFJWk1GVG85cFF6bTVHTEllbXhLNksxUEtRTlNoNXdFaVdQY2hXeEFGUHZsa0h0VDR3PT0tLTRacS9iUHZ3bWdvNld4UVBhYXZPQVE9PQ%3D%3D--730df09d40d4ab7ab499d6bb8c2be5ae045b0b2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"c1e618becf6c48cb187cc706a0a4e574"

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: e70d2876-dc3d-45cf-b088-45cca2b31ad2
ETag: W/"a186c3a5af38d5bf89bd5f723cea7186"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.055891
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=ZzNjY0RFV1hyOVhwRXJ3TlRHVC9VcGxoSVd2T1piemM0SUh1cjJ6U1RtZmhvemVaSlpyckV0OHE5elE5RC9JMmhYL3RPNVQ4SmtGSjlWWDZIQUhxZXJwV0R0SDZBTGpHT1daZTZtN3hrTHZ0MkNPdjVpSm5nV2t4Sk1MeVdsbzI3QmFCb0ZKVm8yVE1kV0c1c2huSzFIbDJLZnFPQWFIenhEWm95SE5CL0tXV1A1djFOOTd6MjNIK3pzd2RxNTYyVlc5K1VvRUxGbGptUURwc1R4MThLbEpPM0xtVTE5Q01iOU0zYmc5RkR2OVJGdTJFUmNhamtoblVpZ2NrUGY2Vis1Z1p5M096c1RnYXFRTFcybjh5Sm9JZjJOK1hqVi9KcWZCVTlUSURJdlJLSjNyS1VDZmF5SVJsZHd6U1NrTDVWcWZXZTFrTHd0Y3krSmxKMlg5WkQxREg4SVBIWHBxZ1E4KzE5ZDVRSWloMkVFekNvNTVMNUtJenVrcjVlNWQ3LS1kUzZQK2FiR0w3eE55djZ4VllML3JnPT0%3D--782971049ae2968eb229197dc86dfa9e5b02b73e; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js

96.126.99.100

200 OK

498 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (32832)
Size
498 kB (497568 bytes)
Hash
474514ae84592eed4cee7100e55fe4f9
d23d44d24f16d2e8fe7659c8a7d0dbfbe3265d6b
c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 497568
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: a7610c2b-04d9-45d0-92e6-e36e86259364
ETag: "c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585"
X-Runtime: 0.000787
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg

52.217.132.144

200 OK

21 kB

URL HTTP/1.1
s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 325x252, components 3\012- data
Size
21 kB (21398 bytes)
Hash
ffff00465ef2c4e8095b2b1513a4e2b9
93b89366b1bff61f66a951987f2c84f9dff724ff
fd028a4ff9ec99488d7fcb7aab6ca42ef271f1c4b65e2a9c5ff80f11c7b92ab7

HTTP Headers

GET /glvar-photos/callouts/small/1/nosy.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 8eBVEd2HXtfjpk/zij4bhFw7CV/P6PHOkjBW3BUNGZNip2Enocele9h85LW1hDhYw5NUMwA/kys=
x-amz-request-id: 64KTWD1HB3K0Z27H
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Mon, 30 Nov 2015 02:53:29 GMT
ETag: "ffff00465ef2c4e8095b2b1513a4e2b9"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21398

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive

www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png

74.208.20.193

200 OK

2.4 kB

URL HTTP/1.1
www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png
IP
74.208.20.193:0
ASN
#8560 IONOS SE

File type
PNG image data, 66 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2372 bytes)
Hash
187543743a882dd72f205bc0c9a2e6c9
838981cecda56c5be272e373e4d5b3908bfb9270
9679bad0c044970f4b45c9911a09d889ac63ef586fa22eeec6b62da4c71ef6b2

HTTP Headers

GET /img/logos/lvr-logo-66x27.png HTTP/1.1
Host: www.lasvegasrealtor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:05:46 GMT
Server: Apache/2.4.41 (Win64) PHP/7.3.12 OpenSSL/1.1.1c
Last-Modified: Wed, 12 Feb 2020 00:49:29 GMT
ETag: "944-59e5658475840"
Accept-Ranges: bytes
Content-Length: 2372
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13213 bytes)
Hash
62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 62809
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9163 bytes)
Hash
deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 62799
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8931 bytes)
Hash
720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Md06h9jRAN491M1gOjvAXN4Zp2msjqH-dYNVxyH6xJ2G8pf50tyHeQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:21 GMT
age: 60145
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 50339
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10211 bytes)
Hash
347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 61763
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6390 bytes)
Hash
14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 48476
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0

96.126.99.100

200 OK

67 kB

URL HTTP/1.1
pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0 HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Tue, 27 Sep 2022 15:05:45 GMT
Content-Type: font/woff2
Content-Length: 66624
Last-Modified: Mon, 24 Feb 2020 17:10:36 GMT
Connection: keep-alive
ETag: "5e54038c-10440"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes

pennycronelasvegas.com/fonts/avenir.ttf

96.126.99.100

302 Found

97 B

URL HTTP/1.1
pennycronelasvegas.com/fonts/avenir.ttf
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/avenir.ttf HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=ZzNjY0RFV1hyOVhwRXJ3TlRHVC9VcGxoSVd2T1piemM0SUh1cjJ6U1RtZmhvemVaSlpyckV0OHE5elE5RC9JMmhYL3RPNVQ4SmtGSjlWWDZIQUhxZXJwV0R0SDZBTGpHT1daZTZtN3hrTHZ0MkNPdjVpSm5nV2t4Sk1MeVdsbzI3QmFCb0ZKVm8yVE1kV0c1c2huSzFIbDJLZnFPQWFIenhEWm95SE5CL0tXV1A1djFOOTd6MjNIK3pzd2RxNTYyVlc5K1VvRUxGbGptUURwc1R4MThLbEpPM0xtVTE5Q01iOU0zYmc5RkR2OVJGdTJFUmNhamtoblVpZ2NrUGY2Vis1Z1p5M096c1RnYXFRTFcybjh5Sm9JZjJOK1hqVi9KcWZCVTlUSURJdlJLSjNyS1VDZmF5SVJsZHd6U1NrTDVWcWZXZTFrTHd0Y3krSmxKMlg5WkQxREg4SVBIWHBxZ1E4KzE5ZDVRSWloMkVFekNvNTVMNUtJenVrcjVlNWQ3LS1kUzZQK2FiR0w3eE55djZ4VllML3JnPT0%3D--782971049ae2968eb229197dc86dfa9e5b02b73e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 6324ebae-bf8e-42eb-9508-d52db0d73755
Location: https://pennycronelasvegas.com/
X-Runtime: 0.009862
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=NlRJcjRQNmNCNnJYVGoyYkJzREgyMFVad01aTDhvdU9QbW9GeFBhbFNCRzNWdkdENUhNRjRibExWdjhCSDJoOTBTQndXL0FJQ0pObndlRC9Eb1F6Y2k2eGtyK1pRL0x4UDR5RVBkT1RWSG14dXFXU0tBdEt0S0hDWWxabnBjYlFqQVM5QTIvL3Z3bTlxZVN3T0ZnbFVybUsyd0x6WnIyM0c3KzFDRWVDK3hPK1M2REx5dVVjL2NiS3VyMzQvMDlmYkhjQldVa2tpS2g5bmtEc1dtMkxPbXQrdUUzUFlrRVp0RlZPT1FUa2tISlh5dXhYa1dUakUya3p5RXV1ZmhlcEE1OEhGU1MrczBvRDd3TWV6K3VHOUg1b0FvcCtRclc3dk93Z1pkN2psUFp5cWgxdmg2bHNPQ2F5eEdva1FOMnZLS25QMlpYa0toQmJrRVNDSWs5OW4vQ3N6VFN4VHBWT3F6ZFJuOFRDTklmeG5hc2ZtWm5EK3hKV1BrS2FSN0R2QytZamFHcVpvS2wxa2dKV2lmdk1wYXdGL1RTSTNtS0d4RTAzWlhMOFpQWjEwNHlVc3V1R05QU3plRFJzNVNTcm9lblBhY3BVQXgzOUkrd1V3MW9scTFBWmNjbGtRbk9WRmZ4cTNNbXkxWmRKeUNLaWpCU2hDTnJMTVNNN1E1R3psb1BnaHNlaSsrSCtQbmpsWFNrdnErMlRnQXM3S09EdXBzWjAzaE9kSzNpUnpzUGFPQUtzVVBNYU9nalQ1SnIrVUxqcTBock1pN0VvekJiTXJsZFJHeVQ3aWxvRFQrclQ2aVJrdkpKb1VOQVQvMnl6dGo5akMzRHNnVWdReCt6THlCVE9OWlduRDlZQmNWV1RLRjZSUElweld5K1VoZysvMUhCd1lvNmhGejczUVdQL0Z0cUUrR29DVW9DTGdzM3RXekIrWFFmSmJNQmtOQ2ZtREpZRVFnPT0tLWh1NUd2YUNhWCtCZmY2dlh4Z3dTWGc9PQ%3D%3D--d5c45b5aabbc79a8baa55314b4d3460dc7cea0c3; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

ocsp.digicert.com/

93.184.220.29

200 OK

5 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
5 B (5 bytes)
Hash
5bfa51f3a417b98e7443eca90fc94703
8c015d80b8a23f780bdd215dc842b0f5551f63bd
bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5245
Cache-Control: 'max-age=300'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Tue, 27 Sep 2022 13:38:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 5

assets-jpcust.jwpsrv.com/player/6/6124956/ping.js

151.101.86.114

200 OK

607 B

URL HTTP/2
assets-jpcust.jwpsrv.com/player/6/6124956/ping.js
IP
151.101.86.114:0
ASN
#54113 FASTLY

File type
ASCII text
Size
607 B (607 bytes)
Hash
d1d1fc49ccfb4d91c37273a430c32f5e
60133823a61cc17786f41cf8972f43a91c48c7cc
89489534f6930a6138a08d0423facc7e4df58bf68d00a0098054146e1abf8fc6

HTTP Headers

GET /player/6/6124956/ping.js HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 12 Jan 2017 21:15:49 GMT
etag: "e11f4da88a8186056c01979bc54a55e5"
x-amz-meta-s3cmd-attrs: uid:1138/gname:michael/uname:michael/gid:1000/mode:33204/mtime:1484255728/atime:1484255728/md5:e11f4da88a8186056c01979bc54a55e5/ctime:1484255729
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-type: text/plain
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:46 GMT
age: 636
x-served-by: cache-iad-kjyo7100128-IAD, cache-bma1627-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1664291146.408756,VS0,VE0
vary: Accept-Encoding
server: nginx
content-length: 607
X-Firefox-Spdy: h2

ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js

151.101.86.114

200 OK

8.4 kB

URL HTTP/2
ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js
IP
151.101.86.114:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21404), with no line terminators
Size
8.4 kB (8445 bytes)
Hash
ec9bf2f3aacbc76caaabe523203abee7
5388667bf1463c4e67cbd62d40996063b83fcdc3
62253e24591e4dddf2abf0ebdea58a6ede0274d17b8267c30d36df0debe09025

HTTP Headers

GET /player/v/7.0.3/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 15:40:27 GMT
etag: "2a7ba57974f06d8fa1764d6a954539f3"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:46 GMT
via: 1.1 varnish
age: 2981
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664291146.428447,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 8445
X-Firefox-Spdy: h2

s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png

52.217.132.144

200 OK

152 kB

URL HTTP/1.1
s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png
IP
52.217.132.144:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 510x600, components 3\012- data
Size
152 kB (152094 bytes)
Hash
c39d9c1050ca677a6f1a8fe6a5b65f1b
ec88a3e52e1c8d5c2a232fac2adc1ebf1ea250c8
1362f9581bda10f2d48d782bdf044eeb8c30cb8c61b9e6b11c4aeb6d815ef236

HTTP Headers

GET /photo-gallery.agentformula.com/1/housebullet2.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: oD3uiOgCWpclR01ZvuWOT9A4nYpMmIUsyNYDV+wtlg8hD/UyLg9DjdtVImuPLGoZTIgeFU3LcJM=
x-amz-request-id: 64KQNWEFZB4X2087
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Sun, 31 May 2020 06:51:10 GMT
ETag: "c39d9c1050ca677a6f1a8fe6a5b65f1b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 152094

pennycronelasvegas.com/visitor_log

96.126.99.100

200 OK

2 B

URL HTTP/1.1
pennycronelasvegas.com/visitor_log
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /visitor_log HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: ZnxFXA00h0/pJvY9xBlwXUaFrZx8Omh4D6NeBLojzr83LfGlbYe5sspdLYxaHnaOgzKG/rZnvYXgK09sc4Y17Q==
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 325
Origin: https://pennycronelasvegas.com
Connection: keep-alive
Cookie: _agentformula_session=NlRJcjRQNmNCNnJYVGoyYkJzREgyMFVad01aTDhvdU9QbW9GeFBhbFNCRzNWdkdENUhNRjRibExWdjhCSDJoOTBTQndXL0FJQ0pObndlRC9Eb1F6Y2k2eGtyK1pRL0x4UDR5RVBkT1RWSG14dXFXU0tBdEt0S0hDWWxabnBjYlFqQVM5QTIvL3Z3bTlxZVN3T0ZnbFVybUsyd0x6WnIyM0c3KzFDRWVDK3hPK1M2REx5dVVjL2NiS3VyMzQvMDlmYkhjQldVa2tpS2g5bmtEc1dtMkxPbXQrdUUzUFlrRVp0RlZPT1FUa2tISlh5dXhYa1dUakUya3p5RXV1ZmhlcEE1OEhGU1MrczBvRDd3TWV6K3VHOUg1b0FvcCtRclc3dk93Z1pkN2psUFp5cWgxdmg2bHNPQ2F5eEdva1FOMnZLS25QMlpYa0toQmJrRVNDSWs5OW4vQ3N6VFN4VHBWT3F6ZFJuOFRDTklmeG5hc2ZtWm5EK3hKV1BrS2FSN0R2QytZamFHcVpvS2wxa2dKV2lmdk1wYXdGL1RTSTNtS0d4RTAzWlhMOFpQWjEwNHlVc3V1R05QU3plRFJzNVNTcm9lblBhY3BVQXgzOUkrd1V3MW9scTFBWmNjbGtRbk9WRmZ4cTNNbXkxWmRKeUNLaWpCU2hDTnJMTVNNN1E1R3psb1BnaHNlaSsrSCtQbmpsWFNrdnErMlRnQXM3S09EdXBzWjAzaE9kSzNpUnpzUGFPQUtzVVBNYU9nalQ1SnIrVUxqcTBock1pN0VvekJiTXJsZFJHeVQ3aWxvRFQrclQ2aVJrdkpKb1VOQVQvMnl6dGo5akMzRHNnVWdReCt6THlCVE9OWlduRDlZQmNWV1RLRjZSUElweld5K1VoZysvMUhCd1lvNmhGejczUVdQL0Z0cUUrR29DVW9DTGdzM3RXekIrWFFmSmJNQmtOQ2ZtREpZRVFnPT0tLWh1NUd2YUNhWCtCZmY2dlh4Z3dTWGc9PQ%3D%3D--d5c45b5aabbc79a8baa55314b4d3460dc7cea0c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 18a586b6-0b42-41d2-85d2-14afecee37c6
ETag: W/"444bcb3a3fcf8389296c49467f27e1d6"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.011247
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=UnhTdkhLWFFqalZyZURiTVU0Z1dPSWZEdkx5QWs1dXhnVVFNL2Q3L1Z1SlRYcXl4UldCcWdzSS9FVGZzV2ZMaHE0aHN4RnpSdFkvbWlRWGhTU21EeThuNDlnTnlBU0Y0QXo1bGU1QkVSMk9qMVpBczdxMVhCMDg4U1ZvcEdBVENGYjY4dWlWOWdYaHRsWG1BcTlKeTlXclhYS285dzkyekJ3NGlhdHZ3S3gxRUVURWJTS040SWlSdnV6THN3L0ROeHUxS085OFg1NUl0QkxRbllCVGRCMWQ0YTRPMm1JWmpaZTM5RTJTQVhEU1EzVlBQRVJ5NmRKdTBCdHc3WXBwNUR6UVFldXdpdVFOaXFrSXhXdXBNV2NkL0szZlN3WlYrSU10N055a0VyMVM4L2ZxRTVrZk0xbmd1akFpUXJ5MXJ6cE1jWGlzd1NjVENFeTd5WXpCdDI4MlRXWHk0MWJqWmYrQjNPTW5FN2VlUzZ0V0w0VjVRZzk3Q1U3OE5HS1NzakVBTTc3a0p2bEhlUmlScUhUOTJ0anNBTFBNY1hsWU5jQ2V1YU9IYXZoUG5HVEdac1dWbG1MSC90eWNKZkdMb0ZFS3NTK3hGckhnaytKMm94TDZwVHh0UEZPUFVtUFRCWHJaaElsV2pjNnlYbkdzRHBBblJSZUpQVWxPL0ZmRVcwWUZsOFc5VFFWZG93anlTSnRMNjFxTEdLVlMvMDRNSk1Zemh2cnpPS0NlSjc0cWZ2NkIvc2VTMktQaVlFaFhmSXlaRnRQTm9HM0lnM1VjYkpYdllVaXU4L3o5YmxQRCsvd2lSZm1zSTFKbVoyMWI5RjBYSWtsdm5NR0E5MXI2QUJ3V1hNeENqSUE5VVJub0ptUHZxUjZ6RDZMc3RTS0ZybnpCeGFxQmlTUWNaaUNDOHFHa1BENm4wb2dHclluaS9zNkt0WHpZbStvZUdwc3ROQ3VPemtBPT0tLWVrWStIQ0NDVXZsVm5XTlBaRDI0Y2c9PQ%3D%3D--6de8b727d901accf2a469f9101ae8f576bb9ccc6; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer

pennycronelasvegas.com/

96.126.99.100

200 OK

18 kB

URL HTTP/1.1
pennycronelasvegas.com/
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
18 kB (17675 bytes)
Hash
d3c38c127df8c1467f4f88469b12a2b2
ce79c2c46b0082849168ae6a561f1ea1749b32d3
7e6d68a1b48445182196965d77c702ec86283c52f3b222d250206f3ac14ba004

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=NlRJcjRQNmNCNnJYVGoyYkJzREgyMFVad01aTDhvdU9QbW9GeFBhbFNCRzNWdkdENUhNRjRibExWdjhCSDJoOTBTQndXL0FJQ0pObndlRC9Eb1F6Y2k2eGtyK1pRL0x4UDR5RVBkT1RWSG14dXFXU0tBdEt0S0hDWWxabnBjYlFqQVM5QTIvL3Z3bTlxZVN3T0ZnbFVybUsyd0x6WnIyM0c3KzFDRWVDK3hPK1M2REx5dVVjL2NiS3VyMzQvMDlmYkhjQldVa2tpS2g5bmtEc1dtMkxPbXQrdUUzUFlrRVp0RlZPT1FUa2tISlh5dXhYa1dUakUya3p5RXV1ZmhlcEE1OEhGU1MrczBvRDd3TWV6K3VHOUg1b0FvcCtRclc3dk93Z1pkN2psUFp5cWgxdmg2bHNPQ2F5eEdva1FOMnZLS25QMlpYa0toQmJrRVNDSWs5OW4vQ3N6VFN4VHBWT3F6ZFJuOFRDTklmeG5hc2ZtWm5EK3hKV1BrS2FSN0R2QytZamFHcVpvS2wxa2dKV2lmdk1wYXdGL1RTSTNtS0d4RTAzWlhMOFpQWjEwNHlVc3V1R05QU3plRFJzNVNTcm9lblBhY3BVQXgzOUkrd1V3MW9scTFBWmNjbGtRbk9WRmZ4cTNNbXkxWmRKeUNLaWpCU2hDTnJMTVNNN1E1R3psb1BnaHNlaSsrSCtQbmpsWFNrdnErMlRnQXM3S09EdXBzWjAzaE9kSzNpUnpzUGFPQUtzVVBNYU9nalQ1SnIrVUxqcTBock1pN0VvekJiTXJsZFJHeVQ3aWxvRFQrclQ2aVJrdkpKb1VOQVQvMnl6dGo5akMzRHNnVWdReCt6THlCVE9OWlduRDlZQmNWV1RLRjZSUElweld5K1VoZysvMUhCd1lvNmhGejczUVdQL0Z0cUUrR29DVW9DTGdzM3RXekIrWFFmSmJNQmtOQ2ZtREpZRVFnPT0tLWh1NUd2YUNhWCtCZmY2dlh4Z3dTWGc9PQ%3D%3D--d5c45b5aabbc79a8baa55314b4d3460dc7cea0c3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"a186c3a5af38d5bf89bd5f723cea7186"

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 0d94b8e5-f419-4b5f-ab14-c8ae5c748f40
ETag: W/"9503ac9b0e90741f8be8cbb35b4849aa"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.096339
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=dkhkYXBlMG9RU1RDV3ByZVJ1cmdpVUxLdmNWRE5wdmRob2I5U0JuMEhxZktyQ2VCVjNhVXAvWnhLU1cwcUdqSDBPdmJPekZnNnVMUnRqWlVLNlh3QkxzS1BpVndZdU9hbU16Qk1nVTRqeVdvKytXbDRsMUJob1N0ZnU4WjZBYW13bytzWVZmUmxPU1RLK1lhdUtIbW1saDM5dlhCVk9NYkxZWXU5enh0SXYwNzk2aWYybnJyVFM5VlFhZUsranA5ZnlHTHdtVzdUVXNWSUNIQ2NNcngrV1BMMmNMNnNDWTNrMjVOczhSTVVQNzBBanVWYUZOckNYVnpPcngyb0YrTUlhMHVTTGV2aDFFeDV2OWJnYnh1ZnFYd01SWmliUk84aHk5T2YwK2xaRWpSOVF5ZkZWUE84MGF6eEFQdnpuQmNJbG1vNW1pK2FkZ01WbnY3T3lxTVZGVlg2Mi9MWVhYYmZGQzZic0hDNS91RWFTc3czbkROQ0RXMG0xa2QzZVVILS1FUnBIRGRDVmNIMXhyMFFzdkt3eEhBPT0%3D--264e4411840d6939160475c62142c79f8632f678; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip

dtd26ob4sfq17.cloudfront.net/graphics/icons.png

143.204.42.66

200 OK

23 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons.png
IP
143.204.42.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (23031 bytes)
Hash
f2d04895a3acecc9b674e1b359873552
8757a776f5481d815e920d4f35636e0121bb70e8
1cb040b5c2fe6d7aaa5ea9ae707232973439d5838481e339aa91d155254adefe

HTTP Headers

GET /graphics/icons.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 23031
Connection: keep-alive
Date: Tue, 27 Sep 2022 04:49:09 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:23 GMT
ETag: "f2d04895a3acecc9b674e1b359873552"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cxZsLElr3d7tgiNHsfbk44jltXOU8hz3CTAKE_pRnUkbLQKxqSF9Ow==
Age: 36998

dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png

143.204.42.66

200 OK

2.4 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png
IP
143.204.42.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 34 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2447 bytes)
Hash
f14d7380ba9be0a4929361f6f671db79
4dd6daa55e18da77d63263c090f09aa0ed74e5e0
8c8ab58ccdbce4cbd047f65c5fc8d2164e0c19b1c6c0a77cef3ec9a52f4a9115

HTTP Headers

GET /graphics/ico-home.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2447
Connection: keep-alive
Date: Tue, 27 Sep 2022 04:49:09 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:22 GMT
ETag: "f14d7380ba9be0a4929361f6f671db79"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z4Ier8fqiPHzKfNriOLctlSveoLPETbl3N8OTG8s010yEdbOLumoUA==
Age: 36998

dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png

143.204.42.66

200 OK

960 B

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png
IP
143.204.42.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 3 x 6, 8-bit/color RGBA, non-interlaced\012- data
Size
960 B (960 bytes)
Hash
bdd44b7aa14603803b2a86bf58ca4e08
970a73a2e0b9f310c2c92ba707d239f423e5d376
8ce0ad22308424363b02ac37b3e85133b7d4f7e50e1e170154af032dc1fe1c95

HTTP Headers

GET /graphics/icons/nav-arrow.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 960
Connection: keep-alive
Last-Modified: Tue, 08 Sep 2015 00:17:16 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 27 Sep 2022 06:51:01 GMT
ETag: "bdd44b7aa14603803b2a86bf58ca4e08"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5Loz2wk26fkt84gr36Msrpp7_mPew9DPjXIX5GLkCYpBrY3GZpuwVQ==
Age: 29686

dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png

143.204.42.66

200 OK

1.1 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png
IP
143.204.42.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1108 bytes)
Hash
7038033dcfc63585fddbf32d5b5cbb05
d911fec0a2d87807514141d2232585202047413d
afac238c5c5371119bea5317bc4a3ce8ed29041b6db6bdc2edfdbe375ab5b5b3

HTTP Headers

GET /graphics/icons/phone.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1108
Connection: keep-alive
Last-Modified: Tue, 08 Sep 2015 00:15:20 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 27 Sep 2022 11:12:39 GMT
ETag: "7038033dcfc63585fddbf32d5b5cbb05"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lrvK4wiPwjU8ZL4zXJYG96UUfNlNi4OkjTYfjUKX8KxbaUAh6oh4Hw==
Age: 13988

dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png

143.204.42.66

200 OK

1.1 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png
IP
143.204.42.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1066 bytes)
Hash
05907b6bb1325e05cdf3301298d63ee4
5b9d3e42fd2908d2a3b9fdd2020671238a630e78
f1e2855e03bdae7ab6e4acc4cd8c805ec150029cc053c040994113b6092da278

HTTP Headers

GET /graphics/icons/person.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1066
Connection: keep-alive
Date: Mon, 26 Sep 2022 21:11:42 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:18 GMT
ETag: "05907b6bb1325e05cdf3301298d63ee4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rKw9Oqq2lbdT7BrJK8FhiCNhyBZXxeK9ZkxgcwK3FF26hva55gQPfg==
Age: 64445

dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png

143.204.42.66

200 OK

1.1 kB

URL HTTP/1.1
dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png
IP
143.204.42.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 15 x 9, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1118 bytes)
Hash
22b8c3f79865bd8b5b76a7b64ee8f773
ae8121cb8dd5091b8a4e687b7bf88248a238b45a
b79f36abeb8193e42be1cd9aa732224e72390b968788bf4259258234c37f1314

HTTP Headers

GET /graphics/icons/email.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1118
Connection: keep-alive
Date: Mon, 26 Sep 2022 16:42:31 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:24 GMT
ETag: "22b8c3f79865bd8b5b76a7b64ee8f773"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B9a4ZsvxqrTz1xitW3DHvX6_ROj1xhtEMnYgxezqzLRfV4ZTXkUyGQ==
Age: 80596

content.jwplatform.com/thumbs/8SH0iieO-720.jpg

54.230.111.69

302 Found

0 B

URL HTTP/2
content.jwplatform.com/thumbs/8SH0iieO-720.jpg
IP
54.230.111.69:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbs/8SH0iieO-720.jpg HTTP/1.1
Host: content.jwplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: image/jpeg
content-length: 0
location: https://assets-jpcust.jwpsrv.com/thumbnails/v4gzxlua-720.jpg
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
date: Tue, 27 Sep 2022 15:05:46 GMT
server: openresty
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SPL-IKpw3y1ujgix6BwJw_X6acV9oh8pvssZXqCJe9Fyn_nOtvttMA==
X-Firefox-Spdy: h2

pennycronelasvegas.com/favicon.ico

96.126.99.100

200 OK

1.2 kB

URL HTTP/1.1
pennycronelasvegas.com/favicon.ico
IP
96.126.99.100:0
ASN
#63949 Linode, LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
29ceaf045e68c6ad5712cc20077dafb4
c6b11f6e1771a1c2688dc1599e4c4241c1544543
2138186dfa4453368676ca8a6e95248e8e5b93f411798c083a968502893a9baf

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dkhkYXBlMG9RU1RDV3ByZVJ1cmdpVUxLdmNWRE5wdmRob2I5U0JuMEhxZktyQ2VCVjNhVXAvWnhLU1cwcUdqSDBPdmJPekZnNnVMUnRqWlVLNlh3QkxzS1BpVndZdU9hbU16Qk1nVTRqeVdvKytXbDRsMUJob1N0ZnU4WjZBYW13bytzWVZmUmxPU1RLK1lhdUtIbW1saDM5dlhCVk9NYkxZWXU5enh0SXYwNzk2aWYybnJyVFM5VlFhZUsranA5ZnlHTHdtVzdUVXNWSUNIQ2NNcngrV1BMMmNMNnNDWTNrMjVOczhSTVVQNzBBanVWYUZOckNYVnpPcngyb0YrTUlhMHVTTGV2aDFFeDV2OWJnYnh1ZnFYd01SWmliUk84aHk5T2YwK2xaRWpSOVF5ZkZWUE84MGF6eEFQdnpuQmNJbG1vNW1pK2FkZ01WbnY3T3lxTVZGVlg2Mi9MWVhYYmZGQzZic0hDNS91RWFTc3czbkROQ0RXMG0xa2QzZVVILS1FUnBIRGRDVmNIMXhyMFFzdkt3eEhBPT0%3D--264e4411840d6939160475c62142c79f8632f678; pennycronelasvegas.com=1; jwplayer.captionLabel=Off
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Tue, 27 Sep 2022 15:05:46 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 06 Sep 2022 19:42:49 GMT
Connection: keep-alive
ETag: "6317a2b9-47e"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png

142.250.74.163

200 OK

1.6 kB

URL HTTP/2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 68 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1597 bytes)
Hash
c4a931d597decd2553aac6634b766cf2
6ec84fb4a2745b4b71520241be77db1fd1013830
f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_68x28dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pennycronelasvegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1597
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:08 GMT
expires: Sun, 24 Sep 2023 18:01:08 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 248678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.163

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 14:02:48 GMT
expires: Wed, 27 Sep 2023 14:02:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 3778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.163

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 15:03:05 GMT
expires: Wed, 27 Sep 2023 15:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

assets-jpcust.jwpsrv.com/thumbnails/v4gzxlua-720.jpg

151.101.86.114

200 OK

45 kB

URL HTTP/2
assets-jpcust.jwpsrv.com/thumbnails/v4gzxlua-720.jpg
IP
151.101.86.114:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.24.102", baseline, precision 8, 720x406, components 3\012- data
Size
45 kB (44658 bytes)
Hash
45a5ab5f981430a787c9b764998fc324
ee748fd41153f54f4945d28f3eb8188bdae8c99f
539f5c88ce6feacceb0c98f6e2edc7589438f6631fec0384e1e40264efd99ac2

HTTP Headers

GET /thumbnails/v4gzxlua-720.jpg HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 28 Oct 2017 14:49:39 GMT
etag: "2c292ea8322cd63e24f047860808008c"
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
content-type: image/jpeg
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:47 GMT
age: 0
x-served-by: cache-iad-kjyo7100040-IAD, cache-bma1627-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664291147.850463,VS0,VE159
vary: Accept-Encoding
server: nginx
content-length: 44658
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/images/cleardot.gif

142.250.74.164

200 OK

43 B

URL HTTP/2
www.google.com/images/cleardot.gif
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 27 Sep 2022 15:05:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/images/cleardot.gif

142.250.74.164

200 OK

43 B

URL HTTP/2
www.google.com/images/cleardot.gif
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pennycronelasvegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 27 Sep 2022 15:05:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg

54.230.245.84

200 OK

277 kB

URL HTTP/1.1
d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg
IP
54.230.245.84:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 973x730, components 3\012- data
Size
277 kB (276582 bytes)
Hash
98b48b014a9e0de112d6e44c7d36e820
c6d7362ab6783767b6ff90e99bfaf0e9a5a246dd
f369ed133fc0dd61576218d708e09825ff0c6ee328d2d48956ca441a18e78ef2

HTTP Headers

GET /backgrounds/main/55/las-vegas-home.jpg HTTP/1.1
Host: d2s0ek76zke5go.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 276582
Connection: keep-alive
Date: Tue, 27 Sep 2022 15:05:48 GMT
Last-Modified: Tue, 16 Apr 2013 22:49:03 GMT
ETag: "98b48b014a9e0de112d6e44c7d36e820"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iUZDN0rLbFJbXfAxY6RoIZ-iokhh7SpY03IHPQys1-UbufyM6eMRvA==

jwpltx.com/v1/jwplayer6/ping.gif?h=-1612906001&tv=2.6.0&n=1515090513308935&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Lake%20Mead&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=291&hls=&cp=0&sdk=0&emi=fwi7z9hjmbt0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2F8SH0iieO-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=8SH0iieO&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart

151.101.130.114

204 No Content

0 B

URL HTTP/2
jwpltx.com/v1/jwplayer6/ping.gif?h=-1612906001&tv=2.6.0&n=1515090513308935&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Lake%20Mead&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=291&hls=&cp=0&sdk=0&emi=fwi7z9hjmbt0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2F8SH0iieO-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=8SH0iieO&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart
IP
151.101.130.114:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/jwplayer6/ping.gif?h=-1612906001&tv=2.6.0&n=1515090513308935&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Lake%20Mead&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=291&hls=&cp=0&sdk=0&emi=fwi7z9hjmbt0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2F8SH0iieO-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=8SH0iieO&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart HTTP/1.1
Host: jwpltx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:47 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Playfair+Display:400,400italic,700,700italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 15:05:44 GMT
date: Tue, 27 Sep 2022 15:05:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Quicksand

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Quicksand
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Quicksand HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 15:05:45 GMT
date: Tue, 27 Sep 2022 15:05:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.46

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 15:05:45 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+610; expires=Thu, 26-Sep-2024 15:05:45 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.cloudflare.com/cdn-cgi/trace

104.16.124.96

200 OK

0 B

URL HTTP/2
www.cloudflare.com/cdn-cgi/trace
IP
104.16.124.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pennycronelasvegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:46 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 751523b0ec01b506-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations