firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dLdRgAngaYbIiTfiIo9wBKqq_Pw7V11bStQVzpjp0OWihBmBQLNcKA==
Age: 3013
pennycronelasvegas.com/
96.126.99.100301 Moved Permanently 169 B IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4d5df04587b6abb07e32aa83f8da135a
6692cd0836d1ee08ec23820ed703dd959c92e3f8
6df3768e22eccc33abe2a50cb4650dbfb5f4f5884d80c82508e62665d29dd6d2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
server: nginx/1.17.3
date: Tue, 27 Sep 2022 15:05:43 GMT
content-type: text/html
content-length: 169
location: https://pennycronelasvegas.com/
access-control-allow-methods: POST, GET, OPTIONS
referrer-policy: no-referrer
set-cookie: NB_SRVID=srv1656166; path=/
cache-control: private
connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7834
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 15:05:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u6USVqTc0gLm2p8zguFCNfvO5Zip5jPt8R_hq2Q2ePvT2gK4zHcpJA==
age: 20491
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 14:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 15:06:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lsdSMuBAnk-QoqpwH9vPYXdPNy9jY0jM8AkaWNLrCpTL2rLWqNHkzQ==
Age: 3298
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 550c4882b194a981992251a31fd83b3e
dcbe52eb607f313c7c531ca42de9c538154c9fcb
b2aa20656d00cef4ab3cf4b5d9844581b44f55f2d2ae518c0782433c36979b74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2AA20656D00CEF4AB3CF4B5D9844581B44F55F2D2AE518C0782433C36979B74"
Last-Modified: Sun, 25 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Tue, 27 Sep 2022 21:05:11 GMT
Date: Tue, 27 Sep 2022 15:05:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6244
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Last-Modified: Tue, 27 Sep 2022 13:21:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.28.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.28.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nz9uNjQneHwWIeq8/xmM7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +Xw3OkHmrZVzLixUfnPYedgFdcU=
pennycronelasvegas.com/
96.126.99.100200 OK 18 kB IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 7b05547b41305df4d2441f9fa2072b8b
2e1f803574564b8a40452200054e787239e11309
a933fed451f832a91f1c532f61341fc98baf61a88131e56bd37d0b40b0ee1693
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 4e50e4cf-4297-4797-a7df-cb72b1a17fc5
ETag: W/"c1e618becf6c48cb187cc706a0a4e574"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.054442
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:44 GMT
Set-Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32072)
Hash b1d38b850f2d249ecb6bc995eecc9d96
30facf94c44ca45e7521a25e5e73273c26fa7ddd
8097499101c6c88640c1bc49c3f00179c32f842d6ce79482fa3ccb48a23203d2
GET /ajax/libs/bootstrap-table/1.8.1/bootstrap-table.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 10318
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8f-a750"
last-modified: Mon, 04 May 2020 16:06:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 162996
expires: Sun, 17 Sep 2023 15:05:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bhv%2B%2BArV9T6kNTkawlyskJd7k4%2FOa%2Fyo%2F0mk7j1b2sbhc%2FPe%2B4VpjIIo3sQnJjfipfisK6psoGPZBLNrXsTbFOj20aPj9VAJyG3A8%2BPi08XEqAEN1c5d02RYse%2B83a36OSRZwa2r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751523a88831b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash ed4b10195156be53252459b6a822d4fa
4b8f6a876639e5e6e7e565b52179151be487d2db
a6ba078345b3eaae06502628c7265ea0c6e47b99a288c77edd329516a2a93943
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 15:05:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 12:30:59 GMT
Expires: Wed, 28 Sep 2022 12:30:59 GMT
ETag: "4b8f6a876639e5e6e7e565b52179151be487d2db"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
images.dmca.com/Badges/DMCABadgeHelper.min.js
151.139.242.29200 OK 280 B URL HTTP/2 images.dmca.com/Badges/DMCABadgeHelper.min.js
IP 151.139.242.29:0
Hash 676eb336bf17b6d9ba8106a096fdd587
22d3b0769cd5aa177e723be2456b32509914fa7d
9e9dc74a53c9a60256b8d4db5b26d02599cea75d3d00e02f16bef59169477a69
GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:45 GMT
content-type: application/javascript
content-length: 280
cache-control: max-age=2592000
etag: "26b181f16d28d51:0"
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
x-powered-by: ASP.NET
expires: Thu, 27 Oct 2022 15:05:42 GMT
access-control-allow-origin: *
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-encoding: gzip
vary: Accept-Encoding
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496
151.139.242.29200 OK 2.4 kB URL HTTP/2 images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496
IP 151.139.242.29:0
File type PNG image data, 100 x 20, 8-bit/color RGBA, interlaced\012- data
Hash 521db716019fc733b48f77f9822b30ee
8f8e11a44c38076713fd1a0233ef7de9f68498ed
2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1
GET /Badges/dmca-badge-w100-5x1-11.png?ID=0d9c4034-e698-4934-b6aa-b7e7c6dda496 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:45 GMT
content-type: image/png
content-length: 2390
cache-control: max-age=2592000
etag: "70d0a63aace6d11:0"
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
x-powered-by: ASP.NET
expires: Thu, 27 Oct 2022 15:05:21 GMT
access-control-allow-origin: *
link: <http://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-11.png>; rel="canonical"
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css
96.126.99.100200 OK 3.1 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css
IP 96.126.99.100:0
File type ASCII text, with very long lines (12653)
Hash 14e02d2509c4e9c021da0ac5141ff383
c8cdc88b7b962aec32ec75a168058e1af2b4c1a1
343373f029bc431ff0c944aed6c9838897107cb5b62dae0b002ca355fe4ae535
GET /assets/themes/default/color_schemes/realtyone/styles-1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: dca6a6d2-412e-4391-a966-fedc89496c12
ETag: W/"1d34b0168f39e5b32891f9959db5d12f04d3fe553fe179ede767a5fabdc98a36"
X-Runtime: 0.001223
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 425c9009140c3680ae79727ebae628ec
185468efb8d32dcb06f052e0556dbd750d985954
3a11483f5352a50e3ae89f3d1f252ee1c579f593cf8f79f1242792be7099c174
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 15:05:45 GMT
Last-Modified: Tue, 27 Sep 2022 13:20:31 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qy7_IEBAPR9jqo9KMjNWjuvzcWf5kE13aKCmDHqAl_MIyvnamKocVQ==
Age: 6314
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 425c9009140c3680ae79727ebae628ec
185468efb8d32dcb06f052e0556dbd750d985954
3a11483f5352a50e3ae89f3d1f252ee1c579f593cf8f79f1242792be7099c174
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 15:05:45 GMT
Last-Modified: Tue, 27 Sep 2022 14:10:14 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EgwbMVYZtXW5INf-qD-FEJfw5ZcuCVuYMw6GnuUXdSdIRe9jpypSeg==
Age: 3331
pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css
96.126.99.100200 OK 9.1 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css
IP 96.126.99.100:0
File type ASCII text, with very long lines (36298)
Hash 32f0f34521a2fc2b1f354859df9cf65f
f803967ee5787eed9275b591412d8d0c1af555c3
fa3e83e9ddc04c4c6cdabfa5c949508406c791e7177b10fd1272bf5331bfb33b
GET /assets/themes/default/manifest-a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 641a5ace-1de0-43da-9df9-3b27270e4107
ETag: W/"a0b102071c1257da83b1e2a73ccd101571a12a809337ecc4f14d09bfe37b8667"
X-Runtime: 0.000829
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css
96.126.99.100200 OK 1.4 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css
IP 96.126.99.100:0
File type ASCII text, with very long lines (4127)
Hash f4897cf23e898fdd0fd4dfa22dd511a9
65816d4b1762d14f53486744ebf7ab451c063224
5860c6897bb7389941d3960bcdebb90c1a7b0fd0fb7c0f1285596b62f0f0e4e2
GET /assets/themes/default/media-queries-86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 1b45e1c3-3d90-475d-9f54-2b6097340891
ETag: W/"86e42502a75ac432a27f5075e9f59f4fc1b6b5c25010acc977a7a95d745e5fb2"
X-Runtime: 0.000751
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js
96.126.99.100200 OK 38 kB URL HTTP/1.1 pennycronelasvegas.com/assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (33913)
Hash 42173c874591f88f85ab701df850d0e7
da2c85886430dd508ab6daa683411c3381666fdf
fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b
Analyzer Verdict Alert fortinet Phishing
GET /assets/ion.rangeslider/js/ion.rangeSlider.min-fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 38476
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: cb4d6187-6788-48b8-bac8-0fdbbe7548c7
ETag: "fd1dbf6841129461c2073553cdd99a1b14693f2bbe7804866229fd53cc65a22b"
X-Runtime: 0.000976
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js
96.126.99.100200 OK 7.8 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (7836), with no line terminators
Hash 6a8c64a9816c52d01a5c9a66f50a031e
6f7a2119a28757a936a3ad2d8ffd4553c1abcb2a
e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc
Analyzer Verdict Alert fortinet Phishing
GET /assets/themes/default/base-e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7836
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: aa0826f1-df82-4b48-9724-1bce9d80e6bf
ETag: "e6e4b07ab1f0aec529f3b4cc626749c60b3c181adf529cc27e69103896d15abc"
X-Runtime: 0.001028
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js
96.126.99.100200 OK 483 B URL HTTP/1.1 pennycronelasvegas.com/assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (483), with no line terminators
Hash 8b69d038e9da700ec36148024782ba23
863f41c47cf9d843abfe8ce2b5514a691a57742a
4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e
Analyzer Verdict Alert fortinet Phishing
GET /assets/responsive_video_fix-4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 483
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 2506e7f6-c6db-44dd-add5-52ff2f6af6fb
ETag: "4228528f3aa100a8d9aeb2f7c8373ef893db5f2eba26df43245af76eb4d3734e"
X-Runtime: 0.000919
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js
96.126.99.100200 OK 4.0 kB URL HTTP/1.1 pennycronelasvegas.com/assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (4026), with no line terminators
Hash 70a774951af96e61e57cde64b49b66f7
bf9f3470f5ca10b7968b19656fcf692939e35caf
d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14
Analyzer Verdict Alert fortinet Phishing
GET /assets/bootstrap-table-cookie-d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4026
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: b7f90a2c-67e5-4610-8456-275f8f1a1930
ETag: "d864ab3069753497a7bd5ebdbce23b8a1a0b9b16b001a0394d5c99896c859d14"
X-Runtime: 0.001016
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css
96.126.99.100200 OK 45 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css
IP 96.126.99.100:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65368)
Hash 557969dc5021dde6791ead6c0422c4d7
7a50d476d4aa201371555069667e59ceb63e74f2
6a121afb31f6d5c8321e1bd2c0d1e030ac127c716f1bbb5aa8003a0b75f07e16
GET /assets/themes/default/vendor-0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9.css HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: 1fb4384a-4426-45aa-9e87-4b5ad4e8ac0d
ETag: W/"0f30327ac76c682d737c22ffeb5941a75cefe8c40d78c1b490f0dcbfc2400ae9"
X-Runtime: 0.001610
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 14:27:48 GMT
expires: Tue, 27 Sep 2022 15:27:48 GMT
cache-control: public, max-age=3600
age: 2277
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png
96.126.99.100200 OK 937 B URL HTTP/1.1 pennycronelasvegas.com/assets/themes/realtyone/bg-bar-active.png
IP 96.126.99.100:0
File type PNG image data, 1 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 4fdb1b014f02b9d864a630c39c2ef13a
ce10cd2e9ef878dbc42532b94eb3b9f95a7e798b
bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7
GET /assets/themes/realtyone/bg-bar-active.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 937
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: 1e5767a9-b202-468c-b017-46fe8044aeae
ETag: "bb08c90ca60c960f699e5c8f8a706ff6bd54d04ffbd117f083cef142cbc1e6c7"
X-Runtime: 0.000603
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg
52.217.132.144200 OK 20 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg
IP 52.217.132.144:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 325x252, components 3\012- data
Hash 517180675348875d42a029031b8d4f81
797e0e31adc255be6ca3e5052f43127c03cbedd1
f2d844ba1a680c355dc4f8da09b140709556daf1f13c00bc2fd327bea6419e7e
GET /glvar-photos/callouts/small/3/las-vegas-strip-aerial-sunset3.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: F+ri5wOJ2X4nI4VPzQyGftdSM+DjPcpD6diPQB7oUCdatZu1zPxQQtTJjSzMVntsWxE0V/Lbfbo=
x-amz-request-id: 8VKANG6W11AEF6CB
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Mon, 30 Nov 2015 02:55:12 GMT
ETag: "517180675348875d42a029031b8d4f81"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20263
pennycronelasvegas.com/fonts/avenir.woff
96.126.99.100302 Found 97 B URL HTTP/1.1 pennycronelasvegas.com/fonts/avenir.woff
IP 96.126.99.100:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a
Analyzer Verdict Alert fortinet Phishing
GET /fonts/avenir.woff HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 5d3daebf-4f39-464b-a79e-b08f53710c3e
Location: https://pennycronelasvegas.com/
X-Runtime: 0.009390
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:45 GMT
Set-Cookie: _agentformula_session=b1lsc1R0Rmkwblp0MGk2cCtMK3d5UXI4clF0bVNyWm1Bb003QWZxTEM3SHZuYmJjSDA3L2N6bG4zTzdseGhIMndDYm1UZjdId1dqbW9xMjFRU2hya095eGJJNHdSK1FhWStWeUJJNlhtSzhjM2V0c283ek9MOUNvMm02YUJKZCtMY0NDaG1odHprZlBCeFlVQUFHTUtqVGpDTjNUUElacmdlZTdKbzc0MkdqZjM3Vkx3dkt6TEJhdWM5eTI5cmE2N3E3MTJ6VS84WmdLTFh4UjQzcU0wdDJiU2J1UGpSbklRUmJ5N1BSZitNb2pWSTdqT2d0MmppY1VwSWM2US9ac0FxL0RrU3hGUHZXUVRuUlZ6dzAzdTJ5NkgrL2NiYVpMZ25Iak9rU0ZYYWM3UENxWG0reUFiaThPU0F0QXpyclYvOWNUNmFvVWR0NWRFQkthNGY4eDFEWHZoMUJadUE1ZzBKbStHZiswMmN6WGFDbE9QNS9zaU4vK3hYQi80MGhadm4rNE54enVaTG1LRHdBenNVM1B0QVBhZjNkOHk1MzBFZWZVSVk0NG95YWxiK2JyMVF6VExjMUc2Qk9JMWZ2RGNwZWJjbkZpTENKVXV5bWdSdXNWWDNqcXdYV2ZHbTM2R0dKMFhUTFRJN3gvTEZEQVBSVS9xdXZpTkhOQXZHMmE2UDk0elJwZytENGpoUHdmWHdWdWZCaUViQmxLM2JoN09ZSWN3YjR0M2NLNzF1dXpCRjM4MkJLdGYzdXJNTVdBV084SGhqQWlWeTVvNjZIcW94aGJheGlKc2hUTnlEcGlFWVZ1WEd3Qlh3eHU4L1FRWlNCbFkwSjgrTE1PYWNMbmhKSUt4S3Y5NENDeTN4L3lPdnJFOXhGUyt1K1RIREVvNmFEUHFJWk1GVG85cFF6bTVHTEllbXhLNksxUEtRTlNoNXdFaVdQY2hXeEFGUHZsa0h0VDR3PT0tLTRacS9iUHZ3bWdvNld4UVBhYXZPQVE9PQ%3D%3D--730df09d40d4ab7ab499d6bb8c2be5ae045b0b2f; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif
96.126.99.100200 OK 1.3 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/realtyone/bg-bar.gif
IP 96.126.99.100:0
File type GIF image data, version 89a, 1 x 45\012- data
Hash 993f232f9ea938ed9ea9d9ecbc32cbb6
0f7295588657c3e50c6090c67057bfbef32f9514
83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d
GET /assets/themes/realtyone/bg-bar.gif HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1320
Connection: keep-alive
Status: 200 OK
Cache-Control: public, must-revalidate
Vary: Accept-Encoding
X-Request-Id: a8a5294e-b6bf-4621-8ec6-a08372ba98ca
ETag: "83e03bb94ec8beb4c0646f3556f509221a8e5ee7ad21a9e1330db52be5e28b3d"
X-Runtime: 0.000862
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg
52.217.132.144200 OK 20 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg
IP 52.217.132.144:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, PhotometricIntepretation=RGB, xresolution=122, yresolution=130, resolutionunit=2, software=Photos 4.0, datetime=2020:02:11 16:53:56], baseline, precision 8, 360x320, components 3\012- data
Hash 03e76aa23591f601b791db719befda45
1c13f6786199fba9966f0aa48329403a905b421b
6a4d1a53c7965506e114131c90e132f51a9e71ef3033b1baf1946ef7908ddb9e
GET /glvar-photos/avatars/main/4046/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: UHolR2EisWTYwlu7GzVu6eIY0tPlQY13ujsISKndehnpO9y/VR33MwaikSMbEfb2MRGrrm5BGYo=
x-amz-request-id: 8VK7VV6G4AYZZAA1
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Mon, 01 Nov 2021 19:11:21 GMT
ETag: "03e76aa23591f601b791db719befda45"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19716
s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png
52.217.132.144200 OK 28 kB URL HTTP/1.1 s3.amazonaws.com/photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png
IP 52.217.132.144:0
File type PNG image data, 595 x 149, 8-bit/color RGBA, non-interlaced\012- data
Hash 47a6f19c07360806ebd0e2251f8f61bb
51373f28e7f3ff1eb950d261048097ba525a1a14
d75e93d9bc3280d7e4df4078f7236499ce6b5475280232fa5e03b9c065511ac8
GET /photo-gallery.agentformula.com/AF-LasVegas/REALTOR_MLS_EQUAL_HOUSING.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 27oE0R70H/qT32iULdPHgXsuGOMbE3n/cYB230UpXTqwc04VO1YtHn/+fysyyXM1UkidgydVzpk=
x-amz-request-id: 8VK5FC69T46W4VMG
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Mon, 13 Jun 2022 21:43:19 GMT
ETag: "47a6f19c07360806ebd0e2251f8f61bb"
Accept-Ranges: bytes
Content-Type:
Server: AmazonS3
Content-Length: 27690
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e141d2e6318185abc0f223d8f74e1964
13ba8a91335b46f6bfe4b89f8ee273a9de301f33
a9207e5598a92125ac3f19ccb04e48e4c44a3204616cb19f8cbb81148e913da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Server: ECS (amb/6BAB)
Content-Length: 471
s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg
52.217.132.144200 OK 90 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg
IP 52.217.132.144:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=2592, bps=182, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 40D, orientation=upper-left, width=3888], baseline, precision 8, 325x252, components 3\012- data
Hash 0e9c43a2b1edd19fd678777ea7a0ea7c
744e5a6caa285f62e9c10a32ca6fd96d25813c65
26790e6caf160c0d32bc952c10d34cb2cf7f5b743884d3739c38b4c1598ee929
GET /glvar-photos/callouts/small/5/WHATS_MY_HOME_WORTH.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: s4e3LOmmOTBEk1q6sfa2Q5ocFvkkj4hLcjHl4dc1EZFFedao3sjusutgAyCQYj9OTsXTAWiVSs8=
x-amz-request-id: 8VKDD70BCER17GVS
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Thu, 19 May 2016 01:50:38 GMT
ETag: "0e9c43a2b1edd19fd678777ea7a0ea7c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 89780
pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png
96.126.99.100200 OK 26 kB URL HTTP/1.1 pennycronelasvegas.com/assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png
IP 96.126.99.100:0
File type PNG image data, 80 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash bef2baa6d19968878b9c24b337bb6d51
a61917f66a760bddade27d336c64c1982cf216a5
c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad
GET /assets/sprites/social-share-button-c6c452cb10cf12d85f1776a2c2f6cd8c7a0b1cbbf4c94d09714e2ab2f1454bad.png HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Tue, 27 Sep 2022 15:05:45 GMT
Content-Type: image/png
Content-Length: 25760
Last-Modified: Thu, 08 Oct 2020 11:52:47 GMT
Connection: keep-alive
ETag: "5f7efd8f-64a0"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes
s3.amazonaws.com/glvar-photos/logos/original/1108/download.png
52.217.132.144200 OK 5.8 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/logos/original/1108/download.png
IP 52.217.132.144:0
File type PNG image data, 325 x 155, 8-bit colormap, non-interlaced\012- data
Hash 73eba774f375c4f8da31cb0867e39b4f
042175818c35094c650d9dcb3cfabc466c22012b
67a439992bd17b27eea80162579a0b6ee57e82ad3708c3d8fc26acd2c42401f6
GET /glvar-photos/logos/original/1108/download.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4cAm2Loi/SGVKjIhM+5OmqGDDE3+P/HekQOed+5c2JBysNQ41BDIGNejY2OUNobqMn8cxSCeFEA=
x-amz-request-id: 64KQ8QSJG42S61MM
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Tue, 07 Apr 2020 23:30:46 GMT
ETag: "73eba774f375c4f8da31cb0867e39b4f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5754
s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg
52.217.132.144200 OK 7.8 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg
IP 52.217.132.144:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, PhotometricIntepretation=RGB, xresolution=122, yresolution=130, resolutionunit=2, software=Photos 4.0, datetime=2020:02:11 16:53:56], baseline, precision 8, 99x116, components 3\012- data
Hash 93f5b5d231a0c545d0d346da11221ff4
058455e7e7ae4e618d9b0906fd5a7ebe089915b7
ad2634edd7983f1cfb6c38bf0f07f7c7935d5eee8f28a4924fc2f55bed0e5699
GET /glvar-photos/headers/main/2896/New_Head_Shot__2.jpeg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: LUoVGlLT6vlqefIAhXVhlu9abjPWJpQ0Ovfe+uWEfOsF700K7EUPukKw967plLkV/KUtl0Z5Ah0=
x-amz-request-id: 64KK8B6C65KVB60N
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Mon, 01 Nov 2021 19:10:23 GMT
ETag: "93f5b5d231a0c545d0d346da11221ff4"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 7807
pennycronelasvegas.com/
96.126.99.100200 OK 18 kB IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash e2c74e39672b628aa885d99f9d3266ea
36db76af4302b44742f382f31c04fc7a0b0f4db2
b54e073186a5fe30ef4cb17dd1c869533364bd2e2947f224bc9aadf1d86ba72f
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=b1lsc1R0Rmkwblp0MGk2cCtMK3d5UXI4clF0bVNyWm1Bb003QWZxTEM3SHZuYmJjSDA3L2N6bG4zTzdseGhIMndDYm1UZjdId1dqbW9xMjFRU2hya095eGJJNHdSK1FhWStWeUJJNlhtSzhjM2V0c283ek9MOUNvMm02YUJKZCtMY0NDaG1odHprZlBCeFlVQUFHTUtqVGpDTjNUUElacmdlZTdKbzc0MkdqZjM3Vkx3dkt6TEJhdWM5eTI5cmE2N3E3MTJ6VS84WmdLTFh4UjQzcU0wdDJiU2J1UGpSbklRUmJ5N1BSZitNb2pWSTdqT2d0MmppY1VwSWM2US9ac0FxL0RrU3hGUHZXUVRuUlZ6dzAzdTJ5NkgrL2NiYVpMZ25Iak9rU0ZYYWM3UENxWG0reUFiaThPU0F0QXpyclYvOWNUNmFvVWR0NWRFQkthNGY4eDFEWHZoMUJadUE1ZzBKbStHZiswMmN6WGFDbE9QNS9zaU4vK3hYQi80MGhadm4rNE54enVaTG1LRHdBenNVM1B0QVBhZjNkOHk1MzBFZWZVSVk0NG95YWxiK2JyMVF6VExjMUc2Qk9JMWZ2RGNwZWJjbkZpTENKVXV5bWdSdXNWWDNqcXdYV2ZHbTM2R0dKMFhUTFRJN3gvTEZEQVBSVS9xdXZpTkhOQXZHMmE2UDk0elJwZytENGpoUHdmWHdWdWZCaUViQmxLM2JoN09ZSWN3YjR0M2NLNzF1dXpCRjM4MkJLdGYzdXJNTVdBV084SGhqQWlWeTVvNjZIcW94aGJheGlKc2hUTnlEcGlFWVZ1WEd3Qlh3eHU4L1FRWlNCbFkwSjgrTE1PYWNMbmhKSUt4S3Y5NENDeTN4L3lPdnJFOXhGUyt1K1RIREVvNmFEUHFJWk1GVG85cFF6bTVHTEllbXhLNksxUEtRTlNoNXdFaVdQY2hXeEFGUHZsa0h0VDR3PT0tLTRacS9iUHZ3bWdvNld4UVBhYXZPQVE9PQ%3D%3D--730df09d40d4ab7ab499d6bb8c2be5ae045b0b2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"c1e618becf6c48cb187cc706a0a4e574"
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: e70d2876-dc3d-45cf-b088-45cca2b31ad2
ETag: W/"a186c3a5af38d5bf89bd5f723cea7186"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.055891
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=ZzNjY0RFV1hyOVhwRXJ3TlRHVC9VcGxoSVd2T1piemM0SUh1cjJ6U1RtZmhvemVaSlpyckV0OHE5elE5RC9JMmhYL3RPNVQ4SmtGSjlWWDZIQUhxZXJwV0R0SDZBTGpHT1daZTZtN3hrTHZ0MkNPdjVpSm5nV2t4Sk1MeVdsbzI3QmFCb0ZKVm8yVE1kV0c1c2huSzFIbDJLZnFPQWFIenhEWm95SE5CL0tXV1A1djFOOTd6MjNIK3pzd2RxNTYyVlc5K1VvRUxGbGptUURwc1R4MThLbEpPM0xtVTE5Q01iOU0zYmc5RkR2OVJGdTJFUmNhamtoblVpZ2NrUGY2Vis1Z1p5M096c1RnYXFRTFcybjh5Sm9JZjJOK1hqVi9KcWZCVTlUSURJdlJLSjNyS1VDZmF5SVJsZHd6U1NrTDVWcWZXZTFrTHd0Y3krSmxKMlg5WkQxREg4SVBIWHBxZ1E4KzE5ZDVRSWloMkVFekNvNTVMNUtJenVrcjVlNWQ3LS1kUzZQK2FiR0w3eE55djZ4VllML3JnPT0%3D--782971049ae2968eb229197dc86dfa9e5b02b73e; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js
96.126.99.100200 OK 498 kB URL HTTP/1.1 pennycronelasvegas.com/assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js
IP 96.126.99.100:0
File type ASCII text, with very long lines (32832)
Size 498 kB (497568 bytes)
Hash 474514ae84592eed4cee7100e55fe4f9
d23d44d24f16d2e8fe7659c8a7d0dbfbe3265d6b
c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585
Analyzer Verdict Alert fortinet Phishing
GET /assets/themes/default/vendor-c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585.js HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 497568
Connection: keep-alive
Status: 200 OK
Cache-Control: public, max-age=31536000
X-Request-Id: a7610c2b-04d9-45d0-92e6-e36e86259364
ETag: "c4223a2863310087b657f19d451656c073d60bbe05e53aeedd46f84bafd1a585"
X-Runtime: 0.000787
Date: Tue, 27 Sep 2022 15:05:45 GMT
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg
52.217.132.144200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/glvar-photos/callouts/small/1/nosy.jpg
IP 52.217.132.144:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 325x252, components 3\012- data
Hash ffff00465ef2c4e8095b2b1513a4e2b9
93b89366b1bff61f66a951987f2c84f9dff724ff
fd028a4ff9ec99488d7fcb7aab6ca42ef271f1c4b65e2a9c5ff80f11c7b92ab7
GET /glvar-photos/callouts/small/1/nosy.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 8eBVEd2HXtfjpk/zij4bhFw7CV/P6PHOkjBW3BUNGZNip2Enocele9h85LW1hDhYw5NUMwA/kys=
x-amz-request-id: 64KTWD1HB3K0Z27H
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Mon, 30 Nov 2015 02:53:29 GMT
ETag: "ffff00465ef2c4e8095b2b1513a4e2b9"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21398
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14160
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:46 GMT
Connection: keep-alive
www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png
74.208.20.193200 OK 2.4 kB URL HTTP/1.1 www.lasvegasrealtor.com/img/logos/lvr-logo-66x27.png
IP 74.208.20.193:0
File type PNG image data, 66 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 187543743a882dd72f205bc0c9a2e6c9
838981cecda56c5be272e373e4d5b3908bfb9270
9679bad0c044970f4b45c9911a09d889ac63ef586fa22eeec6b62da4c71ef6b2
GET /img/logos/lvr-logo-66x27.png HTTP/1.1
Host: www.lasvegasrealtor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:05:46 GMT
Server: Apache/2.4.41 (Win64) PHP/7.3.12 OpenSSL/1.1.1c
Last-Modified: Wed, 12 Feb 2020 00:49:29 GMT
ETag: "944-59e5658475840"
Accept-Ranges: bytes
Content-Length: 2372
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 62809
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 62799
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Md06h9jRAN491M1gOjvAXN4Zp2msjqH-dYNVxyH6xJ2G8pf50tyHeQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:21 GMT
age: 60145
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 50339
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 61763
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 48476
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0
96.126.99.100200 OK 67 kB URL HTTP/1.1 pennycronelasvegas.com/assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0
IP 96.126.99.100:0
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Analyzer Verdict Alert fortinet Phishing
GET /assets/font-awesome/fontawesome-webfont-ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995.woff2?v=4.5.0 HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Cookie: _agentformula_session=dGNhUk5OR3JpeGg4VGtYM2QrUDlOaXloN2dSdG0rcVBhMW1lYUF1Sk0xMlJ5WGc3MFhjV0NGWEdRUWovTllIYnpSZzJWYnNPUjR2a2diUjF1UU93MVdIWXo2S0dWbjRIeDdOUjZRUjZNMjZjNDdQQVFHanhDWG1kRnY1OFF3SGNoK0l5bjFibHZGSmQ1WUVOOSt1SkhoRy9NS29kbW1ZOFcvNTVsRXBNaHk1YW9FY0h4OEZ5SUJ1UEdidkFER3FEbUpaZXpoT1ROc0Z3Z251N2FzS2NCSlhDcGRkV3J6WlcxelJwWG1qa1cwODYxL1RQTk5DQU4vcm1EUHRnMTFGVEQ5RCtLdTRCeVo3R25xdU1LMnlvNmpOYXE1UXBGMzY5RzBaZzVQL1RlZFlmR21vY3FBWW5TSGsydVlTTlhSU3pZMG9RdDVxOEZNTng3WXpMWUlLU2k1UFBJM0ppQ1R3bERFNUE2ZlptbFhDdnZxdzVQL3JPVjg4cytvaHZ5OHlGLS0wMkFHQTd4aGVtQVpXWGxZU2FoWlRnPT0%3D--a386ec99358ffa23352abc292f1a6d21b8a04061
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Tue, 27 Sep 2022 15:05:45 GMT
Content-Type: font/woff2
Content-Length: 66624
Last-Modified: Mon, 24 Feb 2020 17:10:36 GMT
Connection: keep-alive
ETag: "5e54038c-10440"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes
pennycronelasvegas.com/fonts/avenir.ttf
96.126.99.100302 Found 97 B URL HTTP/1.1 pennycronelasvegas.com/fonts/avenir.ttf
IP 96.126.99.100:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash dcb81dc5193115d6d372982ed310127c
f8dfefb55af6336b670a7a3743beea52bcc45b16
54585d24fd128cf202592bcf22862a8aaa2c0862c5ea8b2bbac31a7357b93f6a
Analyzer Verdict Alert fortinet Phishing
GET /fonts/avenir.ttf HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=ZzNjY0RFV1hyOVhwRXJ3TlRHVC9VcGxoSVd2T1piemM0SUh1cjJ6U1RtZmhvemVaSlpyckV0OHE5elE5RC9JMmhYL3RPNVQ4SmtGSjlWWDZIQUhxZXJwV0R0SDZBTGpHT1daZTZtN3hrTHZ0MkNPdjVpSm5nV2t4Sk1MeVdsbzI3QmFCb0ZKVm8yVE1kV0c1c2huSzFIbDJLZnFPQWFIenhEWm95SE5CL0tXV1A1djFOOTd6MjNIK3pzd2RxNTYyVlc5K1VvRUxGbGptUURwc1R4MThLbEpPM0xtVTE5Q01iOU0zYmc5RkR2OVJGdTJFUmNhamtoblVpZ2NrUGY2Vis1Z1p5M096c1RnYXFRTFcybjh5Sm9JZjJOK1hqVi9KcWZCVTlUSURJdlJLSjNyS1VDZmF5SVJsZHd6U1NrTDVWcWZXZTFrTHd0Y3krSmxKMlg5WkQxREg4SVBIWHBxZ1E4KzE5ZDVRSWloMkVFekNvNTVMNUtJenVrcjVlNWQ3LS1kUzZQK2FiR0w3eE55djZ4VllML3JnPT0%3D--782971049ae2968eb229197dc86dfa9e5b02b73e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: 6324ebae-bf8e-42eb-9508-d52db0d73755
Location: https://pennycronelasvegas.com/
X-Runtime: 0.009862
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=NlRJcjRQNmNCNnJYVGoyYkJzREgyMFVad01aTDhvdU9QbW9GeFBhbFNCRzNWdkdENUhNRjRibExWdjhCSDJoOTBTQndXL0FJQ0pObndlRC9Eb1F6Y2k2eGtyK1pRL0x4UDR5RVBkT1RWSG14dXFXU0tBdEt0S0hDWWxabnBjYlFqQVM5QTIvL3Z3bTlxZVN3T0ZnbFVybUsyd0x6WnIyM0c3KzFDRWVDK3hPK1M2REx5dVVjL2NiS3VyMzQvMDlmYkhjQldVa2tpS2g5bmtEc1dtMkxPbXQrdUUzUFlrRVp0RlZPT1FUa2tISlh5dXhYa1dUakUya3p5RXV1ZmhlcEE1OEhGU1MrczBvRDd3TWV6K3VHOUg1b0FvcCtRclc3dk93Z1pkN2psUFp5cWgxdmg2bHNPQ2F5eEdva1FOMnZLS25QMlpYa0toQmJrRVNDSWs5OW4vQ3N6VFN4VHBWT3F6ZFJuOFRDTklmeG5hc2ZtWm5EK3hKV1BrS2FSN0R2QytZamFHcVpvS2wxa2dKV2lmdk1wYXdGL1RTSTNtS0d4RTAzWlhMOFpQWjEwNHlVc3V1R05QU3plRFJzNVNTcm9lblBhY3BVQXgzOUkrd1V3MW9scTFBWmNjbGtRbk9WRmZ4cTNNbXkxWmRKeUNLaWpCU2hDTnJMTVNNN1E1R3psb1BnaHNlaSsrSCtQbmpsWFNrdnErMlRnQXM3S09EdXBzWjAzaE9kSzNpUnpzUGFPQUtzVVBNYU9nalQ1SnIrVUxqcTBock1pN0VvekJiTXJsZFJHeVQ3aWxvRFQrclQ2aVJrdkpKb1VOQVQvMnl6dGo5akMzRHNnVWdReCt6THlCVE9OWlduRDlZQmNWV1RLRjZSUElweld5K1VoZysvMUhCd1lvNmhGejczUVdQL0Z0cUUrR29DVW9DTGdzM3RXekIrWFFmSmJNQmtOQ2ZtREpZRVFnPT0tLWh1NUd2YUNhWCtCZmY2dlh4Z3dTWGc9PQ%3D%3D--d5c45b5aabbc79a8baa55314b4d3460dc7cea0c3; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
ocsp.digicert.com/
93.184.220.29200 OK 5 B IP 93.184.220.29:0
Hash 5bfa51f3a417b98e7443eca90fc94703
8c015d80b8a23f780bdd215dc842b0f5551f63bd
bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5245
Cache-Control: 'max-age=300'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Last-Modified: Tue, 27 Sep 2022 13:38:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 5
assets-jpcust.jwpsrv.com/player/6/6124956/ping.js
151.101.86.114200 OK 607 B URL HTTP/2 assets-jpcust.jwpsrv.com/player/6/6124956/ping.js
IP 151.101.86.114:0
Hash d1d1fc49ccfb4d91c37273a430c32f5e
60133823a61cc17786f41cf8972f43a91c48c7cc
89489534f6930a6138a08d0423facc7e4df58bf68d00a0098054146e1abf8fc6
GET /player/6/6124956/ping.js HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 12 Jan 2017 21:15:49 GMT
etag: "e11f4da88a8186056c01979bc54a55e5"
x-amz-meta-s3cmd-attrs: uid:1138/gname:michael/uname:michael/gid:1000/mode:33204/mtime:1484255728/atime:1484255728/md5:e11f4da88a8186056c01979bc54a55e5/ctime:1484255729
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-type: text/plain
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:46 GMT
age: 636
x-served-by: cache-iad-kjyo7100128-IAD, cache-bma1627-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1664291146.408756,VS0,VE0
vary: Accept-Encoding
server: nginx
content-length: 607
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js
151.101.86.114200 OK 8.4 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/7.0.3/jwpsrv.js
IP 151.101.86.114:0
File type ASCII text, with very long lines (21404), with no line terminators
Hash ec9bf2f3aacbc76caaabe523203abee7
5388667bf1463c4e67cbd62d40996063b83fcdc3
62253e24591e4dddf2abf0ebdea58a6ede0274d17b8267c30d36df0debe09025
GET /player/v/7.0.3/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 15:40:27 GMT
etag: "2a7ba57974f06d8fa1764d6a954539f3"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:46 GMT
via: 1.1 varnish
age: 2981
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664291146.428447,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 8445
X-Firefox-Spdy: h2
s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png
52.217.132.144200 OK 152 kB URL HTTP/1.1 s3.amazonaws.com/photo-gallery.agentformula.com/1/housebullet2.png
IP 52.217.132.144:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 510x600, components 3\012- data
Size 152 kB (152094 bytes)
Hash c39d9c1050ca677a6f1a8fe6a5b65f1b
ec88a3e52e1c8d5c2a232fac2adc1ebf1ea250c8
1362f9581bda10f2d48d782bdf044eeb8c30cb8c61b9e6b11c4aeb6d815ef236
GET /photo-gallery.agentformula.com/1/housebullet2.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: oD3uiOgCWpclR01ZvuWOT9A4nYpMmIUsyNYDV+wtlg8hD/UyLg9DjdtVImuPLGoZTIgeFU3LcJM=
x-amz-request-id: 64KQNWEFZB4X2087
Date: Tue, 27 Sep 2022 15:05:47 GMT
Last-Modified: Sun, 31 May 2020 06:51:10 GMT
ETag: "c39d9c1050ca677a6f1a8fe6a5b65f1b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 152094
pennycronelasvegas.com/visitor_log
96.126.99.100200 OK 2 B URL HTTP/1.1 pennycronelasvegas.com/visitor_log
IP 96.126.99.100:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert fortinet Phishing
POST /visitor_log HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: ZnxFXA00h0/pJvY9xBlwXUaFrZx8Omh4D6NeBLojzr83LfGlbYe5sspdLYxaHnaOgzKG/rZnvYXgK09sc4Y17Q==
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 325
Origin: https://pennycronelasvegas.com
Connection: keep-alive
Cookie: _agentformula_session=NlRJcjRQNmNCNnJYVGoyYkJzREgyMFVad01aTDhvdU9QbW9GeFBhbFNCRzNWdkdENUhNRjRibExWdjhCSDJoOTBTQndXL0FJQ0pObndlRC9Eb1F6Y2k2eGtyK1pRL0x4UDR5RVBkT1RWSG14dXFXU0tBdEt0S0hDWWxabnBjYlFqQVM5QTIvL3Z3bTlxZVN3T0ZnbFVybUsyd0x6WnIyM0c3KzFDRWVDK3hPK1M2REx5dVVjL2NiS3VyMzQvMDlmYkhjQldVa2tpS2g5bmtEc1dtMkxPbXQrdUUzUFlrRVp0RlZPT1FUa2tISlh5dXhYa1dUakUya3p5RXV1ZmhlcEE1OEhGU1MrczBvRDd3TWV6K3VHOUg1b0FvcCtRclc3dk93Z1pkN2psUFp5cWgxdmg2bHNPQ2F5eEdva1FOMnZLS25QMlpYa0toQmJrRVNDSWs5OW4vQ3N6VFN4VHBWT3F6ZFJuOFRDTklmeG5hc2ZtWm5EK3hKV1BrS2FSN0R2QytZamFHcVpvS2wxa2dKV2lmdk1wYXdGL1RTSTNtS0d4RTAzWlhMOFpQWjEwNHlVc3V1R05QU3plRFJzNVNTcm9lblBhY3BVQXgzOUkrd1V3MW9scTFBWmNjbGtRbk9WRmZ4cTNNbXkxWmRKeUNLaWpCU2hDTnJMTVNNN1E1R3psb1BnaHNlaSsrSCtQbmpsWFNrdnErMlRnQXM3S09EdXBzWjAzaE9kSzNpUnpzUGFPQUtzVVBNYU9nalQ1SnIrVUxqcTBock1pN0VvekJiTXJsZFJHeVQ3aWxvRFQrclQ2aVJrdkpKb1VOQVQvMnl6dGo5akMzRHNnVWdReCt6THlCVE9OWlduRDlZQmNWV1RLRjZSUElweld5K1VoZysvMUhCd1lvNmhGejczUVdQL0Z0cUUrR29DVW9DTGdzM3RXekIrWFFmSmJNQmtOQ2ZtREpZRVFnPT0tLWh1NUd2YUNhWCtCZmY2dlh4Z3dTWGc9PQ%3D%3D--d5c45b5aabbc79a8baa55314b4d3460dc7cea0c3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 18a586b6-0b42-41d2-85d2-14afecee37c6
ETag: W/"444bcb3a3fcf8389296c49467f27e1d6"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.011247
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=UnhTdkhLWFFqalZyZURiTVU0Z1dPSWZEdkx5QWs1dXhnVVFNL2Q3L1Z1SlRYcXl4UldCcWdzSS9FVGZzV2ZMaHE0aHN4RnpSdFkvbWlRWGhTU21EeThuNDlnTnlBU0Y0QXo1bGU1QkVSMk9qMVpBczdxMVhCMDg4U1ZvcEdBVENGYjY4dWlWOWdYaHRsWG1BcTlKeTlXclhYS285dzkyekJ3NGlhdHZ3S3gxRUVURWJTS040SWlSdnV6THN3L0ROeHUxS085OFg1NUl0QkxRbllCVGRCMWQ0YTRPMm1JWmpaZTM5RTJTQVhEU1EzVlBQRVJ5NmRKdTBCdHc3WXBwNUR6UVFldXdpdVFOaXFrSXhXdXBNV2NkL0szZlN3WlYrSU10N055a0VyMVM4L2ZxRTVrZk0xbmd1akFpUXJ5MXJ6cE1jWGlzd1NjVENFeTd5WXpCdDI4MlRXWHk0MWJqWmYrQjNPTW5FN2VlUzZ0V0w0VjVRZzk3Q1U3OE5HS1NzakVBTTc3a0p2bEhlUmlScUhUOTJ0anNBTFBNY1hsWU5jQ2V1YU9IYXZoUG5HVEdac1dWbG1MSC90eWNKZkdMb0ZFS3NTK3hGckhnaytKMm94TDZwVHh0UEZPUFVtUFRCWHJaaElsV2pjNnlYbkdzRHBBblJSZUpQVWxPL0ZmRVcwWUZsOFc5VFFWZG93anlTSnRMNjFxTEdLVlMvMDRNSk1Zemh2cnpPS0NlSjc0cWZ2NkIvc2VTMktQaVlFaFhmSXlaRnRQTm9HM0lnM1VjYkpYdllVaXU4L3o5YmxQRCsvd2lSZm1zSTFKbVoyMWI5RjBYSWtsdm5NR0E5MXI2QUJ3V1hNeENqSUE5VVJub0ptUHZxUjZ6RDZMc3RTS0ZybnpCeGFxQmlTUWNaaUNDOHFHa1BENm4wb2dHclluaS9zNkt0WHpZbStvZUdwc3ROQ3VPemtBPT0tLWVrWStIQ0NDVXZsVm5XTlBaRDI0Y2c9PQ%3D%3D--6de8b727d901accf2a469f9101ae8f576bb9ccc6; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
pennycronelasvegas.com/
96.126.99.100200 OK 18 kB IP 96.126.99.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash d3c38c127df8c1467f4f88469b12a2b2
ce79c2c46b0082849168ae6a561f1ea1749b32d3
7e6d68a1b48445182196965d77c702ec86283c52f3b222d250206f3ac14ba004
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=NlRJcjRQNmNCNnJYVGoyYkJzREgyMFVad01aTDhvdU9QbW9GeFBhbFNCRzNWdkdENUhNRjRibExWdjhCSDJoOTBTQndXL0FJQ0pObndlRC9Eb1F6Y2k2eGtyK1pRL0x4UDR5RVBkT1RWSG14dXFXU0tBdEt0S0hDWWxabnBjYlFqQVM5QTIvL3Z3bTlxZVN3T0ZnbFVybUsyd0x6WnIyM0c3KzFDRWVDK3hPK1M2REx5dVVjL2NiS3VyMzQvMDlmYkhjQldVa2tpS2g5bmtEc1dtMkxPbXQrdUUzUFlrRVp0RlZPT1FUa2tISlh5dXhYa1dUakUya3p5RXV1ZmhlcEE1OEhGU1MrczBvRDd3TWV6K3VHOUg1b0FvcCtRclc3dk93Z1pkN2psUFp5cWgxdmg2bHNPQ2F5eEdva1FOMnZLS25QMlpYa0toQmJrRVNDSWs5OW4vQ3N6VFN4VHBWT3F6ZFJuOFRDTklmeG5hc2ZtWm5EK3hKV1BrS2FSN0R2QytZamFHcVpvS2wxa2dKV2lmdk1wYXdGL1RTSTNtS0d4RTAzWlhMOFpQWjEwNHlVc3V1R05QU3plRFJzNVNTcm9lblBhY3BVQXgzOUkrd1V3MW9scTFBWmNjbGtRbk9WRmZ4cTNNbXkxWmRKeUNLaWpCU2hDTnJMTVNNN1E1R3psb1BnaHNlaSsrSCtQbmpsWFNrdnErMlRnQXM3S09EdXBzWjAzaE9kSzNpUnpzUGFPQUtzVVBNYU9nalQ1SnIrVUxqcTBock1pN0VvekJiTXJsZFJHeVQ3aWxvRFQrclQ2aVJrdkpKb1VOQVQvMnl6dGo5akMzRHNnVWdReCt6THlCVE9OWlduRDlZQmNWV1RLRjZSUElweld5K1VoZysvMUhCd1lvNmhGejczUVdQL0Z0cUUrR29DVW9DTGdzM3RXekIrWFFmSmJNQmtOQ2ZtREpZRVFnPT0tLWh1NUd2YUNhWCtCZmY2dlh4Z3dTWGc9PQ%3D%3D--d5c45b5aabbc79a8baa55314b4d3460dc7cea0c3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: W/"a186c3a5af38d5bf89bd5f723cea7186"
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 0d94b8e5-f419-4b5f-ab14-c8ae5c748f40
ETag: W/"9503ac9b0e90741f8be8cbb35b4849aa"
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.096339
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 15:05:46 GMT
Set-Cookie: _agentformula_session=dkhkYXBlMG9RU1RDV3ByZVJ1cmdpVUxLdmNWRE5wdmRob2I5U0JuMEhxZktyQ2VCVjNhVXAvWnhLU1cwcUdqSDBPdmJPekZnNnVMUnRqWlVLNlh3QkxzS1BpVndZdU9hbU16Qk1nVTRqeVdvKytXbDRsMUJob1N0ZnU4WjZBYW13bytzWVZmUmxPU1RLK1lhdUtIbW1saDM5dlhCVk9NYkxZWXU5enh0SXYwNzk2aWYybnJyVFM5VlFhZUsranA5ZnlHTHdtVzdUVXNWSUNIQ2NNcngrV1BMMmNMNnNDWTNrMjVOczhSTVVQNzBBanVWYUZOckNYVnpPcngyb0YrTUlhMHVTTGV2aDFFeDV2OWJnYnh1ZnFYd01SWmliUk84aHk5T2YwK2xaRWpSOVF5ZkZWUE84MGF6eEFQdnpuQmNJbG1vNW1pK2FkZ01WbnY3T3lxTVZGVlg2Mi9MWVhYYmZGQzZic0hDNS91RWFTc3czbkROQ0RXMG0xa2QzZVVILS1FUnBIRGRDVmNIMXhyMFFzdkt3eEhBPT0%3D--264e4411840d6939160475c62142c79f8632f678; path=/; HttpOnly
X-Powered-By: Phusion Passenger 6.0.6
Server: nginx/1.17.3 + Phusion Passenger 6.0.4
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Content-Encoding: gzip
dtd26ob4sfq17.cloudfront.net/graphics/icons.png
143.204.42.66200 OK 23 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons.png
IP 143.204.42.66:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f2d04895a3acecc9b674e1b359873552
8757a776f5481d815e920d4f35636e0121bb70e8
1cb040b5c2fe6d7aaa5ea9ae707232973439d5838481e339aa91d155254adefe
GET /graphics/icons.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 23031
Connection: keep-alive
Date: Tue, 27 Sep 2022 04:49:09 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:23 GMT
ETag: "f2d04895a3acecc9b674e1b359873552"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cxZsLElr3d7tgiNHsfbk44jltXOU8hz3CTAKE_pRnUkbLQKxqSF9Ow==
Age: 36998
dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png
143.204.42.66200 OK 2.4 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/ico-home.png
IP 143.204.42.66:0
File type PNG image data, 34 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash f14d7380ba9be0a4929361f6f671db79
4dd6daa55e18da77d63263c090f09aa0ed74e5e0
8c8ab58ccdbce4cbd047f65c5fc8d2164e0c19b1c6c0a77cef3ec9a52f4a9115
GET /graphics/ico-home.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2447
Connection: keep-alive
Date: Tue, 27 Sep 2022 04:49:09 GMT
Last-Modified: Mon, 07 Sep 2015 22:44:22 GMT
ETag: "f14d7380ba9be0a4929361f6f671db79"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z4Ier8fqiPHzKfNriOLctlSveoLPETbl3N8OTG8s010yEdbOLumoUA==
Age: 36998
dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png
143.204.42.66200 OK 960 B URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/nav-arrow.png
IP 143.204.42.66:0
File type PNG image data, 3 x 6, 8-bit/color RGBA, non-interlaced\012- data
Hash bdd44b7aa14603803b2a86bf58ca4e08
970a73a2e0b9f310c2c92ba707d239f423e5d376
8ce0ad22308424363b02ac37b3e85133b7d4f7e50e1e170154af032dc1fe1c95
GET /graphics/icons/nav-arrow.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 960
Connection: keep-alive
Last-Modified: Tue, 08 Sep 2015 00:17:16 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 27 Sep 2022 06:51:01 GMT
ETag: "bdd44b7aa14603803b2a86bf58ca4e08"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5Loz2wk26fkt84gr36Msrpp7_mPew9DPjXIX5GLkCYpBrY3GZpuwVQ==
Age: 29686
dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png
143.204.42.66200 OK 1.1 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/phone.png
IP 143.204.42.66:0
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 7038033dcfc63585fddbf32d5b5cbb05
d911fec0a2d87807514141d2232585202047413d
afac238c5c5371119bea5317bc4a3ce8ed29041b6db6bdc2edfdbe375ab5b5b3
GET /graphics/icons/phone.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1108
Connection: keep-alive
Last-Modified: Tue, 08 Sep 2015 00:15:20 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 27 Sep 2022 11:12:39 GMT
ETag: "7038033dcfc63585fddbf32d5b5cbb05"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lrvK4wiPwjU8ZL4zXJYG96UUfNlNi4OkjTYfjUKX8KxbaUAh6oh4Hw==
Age: 13988
dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png
143.204.42.66200 OK 1.1 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/person.png
IP 143.204.42.66:0
File type PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 05907b6bb1325e05cdf3301298d63ee4
5b9d3e42fd2908d2a3b9fdd2020671238a630e78
f1e2855e03bdae7ab6e4acc4cd8c805ec150029cc053c040994113b6092da278
GET /graphics/icons/person.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1066
Connection: keep-alive
Date: Mon, 26 Sep 2022 21:11:42 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:18 GMT
ETag: "05907b6bb1325e05cdf3301298d63ee4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rKw9Oqq2lbdT7BrJK8FhiCNhyBZXxeK9ZkxgcwK3FF26hva55gQPfg==
Age: 64445
dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png
143.204.42.66200 OK 1.1 kB URL HTTP/1.1 dtd26ob4sfq17.cloudfront.net/graphics/icons/email.png
IP 143.204.42.66:0
File type PNG image data, 15 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash 22b8c3f79865bd8b5b76a7b64ee8f773
ae8121cb8dd5091b8a4e687b7bf88248a238b45a
b79f36abeb8193e42be1cd9aa732224e72390b968788bf4259258234c37f1314
GET /graphics/icons/email.png HTTP/1.1
Host: dtd26ob4sfq17.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1118
Connection: keep-alive
Date: Mon, 26 Sep 2022 16:42:31 GMT
Last-Modified: Tue, 08 Sep 2015 00:15:24 GMT
ETag: "22b8c3f79865bd8b5b76a7b64ee8f773"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B9a4ZsvxqrTz1xitW3DHvX6_ROj1xhtEMnYgxezqzLRfV4ZTXkUyGQ==
Age: 80596
content.jwplatform.com/thumbs/8SH0iieO-720.jpg
54.230.111.69302 Found 0 B URL HTTP/2 content.jwplatform.com/thumbs/8SH0iieO-720.jpg
IP 54.230.111.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/8SH0iieO-720.jpg HTTP/1.1
Host: content.jwplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: image/jpeg
content-length: 0
location: https://assets-jpcust.jwpsrv.com/thumbnails/v4gzxlua-720.jpg
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
date: Tue, 27 Sep 2022 15:05:46 GMT
server: openresty
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SPL-IKpw3y1ujgix6BwJw_X6acV9oh8pvssZXqCJe9Fyn_nOtvttMA==
X-Firefox-Spdy: h2
pennycronelasvegas.com/favicon.ico
96.126.99.100200 OK 1.2 kB URL HTTP/1.1 pennycronelasvegas.com/favicon.ico
IP 96.126.99.100:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 29ceaf045e68c6ad5712cc20077dafb4
c6b11f6e1771a1c2688dc1599e4c4241c1544543
2138186dfa4453368676ca8a6e95248e8e5b93f411798c083a968502893a9baf
GET /favicon.ico HTTP/1.1
Host: pennycronelasvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _agentformula_session=dkhkYXBlMG9RU1RDV3ByZVJ1cmdpVUxLdmNWRE5wdmRob2I5U0JuMEhxZktyQ2VCVjNhVXAvWnhLU1cwcUdqSDBPdmJPekZnNnVMUnRqWlVLNlh3QkxzS1BpVndZdU9hbU16Qk1nVTRqeVdvKytXbDRsMUJob1N0ZnU4WjZBYW13bytzWVZmUmxPU1RLK1lhdUtIbW1saDM5dlhCVk9NYkxZWXU5enh0SXYwNzk2aWYybnJyVFM5VlFhZUsranA5ZnlHTHdtVzdUVXNWSUNIQ2NNcngrV1BMMmNMNnNDWTNrMjVOczhSTVVQNzBBanVWYUZOckNYVnpPcngyb0YrTUlhMHVTTGV2aDFFeDV2OWJnYnh1ZnFYd01SWmliUk84aHk5T2YwK2xaRWpSOVF5ZkZWUE84MGF6eEFQdnpuQmNJbG1vNW1pK2FkZ01WbnY3T3lxTVZGVlg2Mi9MWVhYYmZGQzZic0hDNS91RWFTc3czbkROQ0RXMG0xa2QzZVVILS1FUnBIRGRDVmNIMXhyMFFzdkt3eEhBPT0%3D--264e4411840d6939160475c62142c79f8632f678; pennycronelasvegas.com=1; jwplayer.captionLabel=Off
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.3
Date: Tue, 27 Sep 2022 15:05:46 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 06 Sep 2022 19:42:49 GMT
Connection: keep-alive
ETag: "6317a2b9-47e"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Referrer-Policy: no-referrer
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
142.250.74.163200 OK 1.6 kB URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
IP 142.250.74.163:0
File type PNG image data, 68 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a931d597decd2553aac6634b766cf2
6ec84fb4a2745b4b71520241be77db1fd1013830
f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e
GET /images/branding/googlelogo/1x/googlelogo_color_68x28dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pennycronelasvegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1597
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:08 GMT
expires: Sun, 24 Sep 2023 18:01:08 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 248678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.163200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 14:02:48 GMT
expires: Wed, 27 Sep 2023 14:02:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 3778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 15:03:05 GMT
expires: Wed, 27 Sep 2023 15:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets-jpcust.jwpsrv.com/thumbnails/v4gzxlua-720.jpg
151.101.86.114200 OK 45 kB URL HTTP/2 assets-jpcust.jwpsrv.com/thumbnails/v4gzxlua-720.jpg
IP 151.101.86.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.24.102", baseline, precision 8, 720x406, components 3\012- data
Hash 45a5ab5f981430a787c9b764998fc324
ee748fd41153f54f4945d28f3eb8188bdae8c99f
539f5c88ce6feacceb0c98f6e2edc7589438f6631fec0384e1e40264efd99ac2
GET /thumbnails/v4gzxlua-720.jpg HTTP/1.1
Host: assets-jpcust.jwpsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Oct 2017 14:49:39 GMT
etag: "2c292ea8322cd63e24f047860808008c"
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
content-type: image/jpeg
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:47 GMT
age: 0
x-served-by: cache-iad-kjyo7100040-IAD, cache-bma1627-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664291147.850463,VS0,VE159
vary: Accept-Encoding
server: nginx
content-length: 44658
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
142.250.74.164200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 27 Sep 2022 15:05:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/cleardot.gif
142.250.74.164200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pennycronelasvegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 27 Sep 2022 15:05:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg
54.230.245.84200 OK 277 kB URL HTTP/1.1 d2s0ek76zke5go.cloudfront.net/backgrounds/main/55/las-vegas-home.jpg
IP 54.230.245.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 973x730, components 3\012- data
Size 277 kB (276582 bytes)
Hash 98b48b014a9e0de112d6e44c7d36e820
c6d7362ab6783767b6ff90e99bfaf0e9a5a246dd
f369ed133fc0dd61576218d708e09825ff0c6ee328d2d48956ca441a18e78ef2
GET /backgrounds/main/55/las-vegas-home.jpg HTTP/1.1
Host: d2s0ek76zke5go.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 276582
Connection: keep-alive
Date: Tue, 27 Sep 2022 15:05:48 GMT
Last-Modified: Tue, 16 Apr 2013 22:49:03 GMT
ETag: "98b48b014a9e0de112d6e44c7d36e820"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iUZDN0rLbFJbXfAxY6RoIZ-iokhh7SpY03IHPQys1-UbufyM6eMRvA==
jwpltx.com/v1/jwplayer6/ping.gif?h=-1612906001&tv=2.6.0&n=1515090513308935&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Lake%20Mead&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=291&hls=&cp=0&sdk=0&emi=fwi7z9hjmbt0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2F8SH0iieO-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=8SH0iieO&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart
151.101.130.114204 No Content 0 B URL HTTP/2 jwpltx.com/v1/jwplayer6/ping.gif?h=-1612906001&tv=2.6.0&n=1515090513308935&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Lake%20Mead&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=291&hls=&cp=0&sdk=0&emi=fwi7z9hjmbt0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2F8SH0iieO-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=8SH0iieO&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart
IP 151.101.130.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/jwplayer6/ping.gif?h=-1612906001&tv=2.6.0&n=1515090513308935&aid=QDLcWlTPEeWgFgp%2BlcGdIw&e=e&i=0&ifd=0&pv=7.0.3&m=1&d=0&vl=90&t=Lake%20Mead&pid=&ed=0&ph=1&ps=4&wd=744&pl=419&fv=&vp=1&ab=0&po=1&sn=seven&pd=0&pad=&dd=0&s=0&r=0&cb=0&ga=0&st=291&hls=&cp=0&sdk=0&emi=fwi7z9hjmbt0&pli=&mt=0&vi=0.997&ap=456%2C324&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fvideos%2F8SH0iieO-720.mp4&eb=-1&pu=https%3A%2F%2Fpennycronelasvegas.com%2F&id=8SH0iieO&pt=Penny%20Crone%20%7C%20Call%20Me%20At%20(702)%20210-7683%20%7C%20HomeSmart HTTP/1.1
Host: jwpltx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:05:47 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic
IP 142.250.74.10:0
GET /css?family=Playfair+Display:400,400italic,700,700italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 15:05:44 GMT
date: Tue, 27 Sep 2022 15:05:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quicksand
IP 142.250.74.10:0
GET /css?family=Quicksand HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 15:05:45 GMT
date: Tue, 27 Sep 2022 15:05:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 15:05:45 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+610; expires=Thu, 26-Sep-2024 15:05:45 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
104.16.124.96200 OK 0 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP 104.16.124.96:0
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pennycronelasvegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:46 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 751523b0ec01b506-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2