firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 06:12:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VDFkNNAuArCqvgqgher4mwYa7MqkCO3GunJwm1fhZwlH1StieW_dxw==
Age: 2072
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15661
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 06:47:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iern2Aqb7RFttFLhWpGbTDVaxQ2qbvVswCrIxzE_FbXFzSaq74NywQ==
age: 7918
X-Firefox-Spdy: h2
investonim.com/taiwan?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB
301 Moved Permanently 758 B URL HTTP/1.1 investonim.com/taiwan?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (425)
Hash 4b87b4c104bc21943424fc63e524fdea
13ccee8779014cb9449a49aa52f8d2a5c6e232b4
0f22d0cd079a9ca08e9ed5af474709c77ea3fd27a43bf1b7b8ca145eb6b8edd3
GET /taiwan?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB HTTP/1.1
Host: investonim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 06:47:11 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://investonim.com/taiwan?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=om9FLA57xlw0fGJlprBa%2FyQWZuK%2BbNjqa5KTnx0IE1btbw%2FQGoEGo4T8%2BiFAUh2ZvhUCQ30b7GMpIfi%2FGLUGwPq%2BGsYKAH8duMOhuqTpW%2BQTC2PzbkF0gdCR3xP3%2FHfMkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74d05e55c989b50c-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 06:47:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 06:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 06:17:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 90sCBjjzaVfLAUhA6FGo7ltdOCWRHBkX7jN8RuwvTrnfpZtGLgC5wQ==
Age: 2629
ocsp.digicert.com/
200 OK 471 B IP
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4739
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 06:47:11 GMT
Last-Modified: Mon, 19 Sep 2022 05:28:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5eX5LtWQEIZ0pIazdKmNBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LcESkzlIZszvZyQEdjfsyY/mAOA=
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2284556
expires: Sat, 09 Sep 2023 06:47:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bn3aUacLINyLyq6d3vrM4nXl%2BDKEPPcAsdNfysGyiUFZjj3IkmXSyhtB9BBy5DcEa1QM2diTiFD50AYaryqyjly%2FvsG7QQbDKsVG5LdnRvOBxSn7wBZpKU2HPdZJbXVMabMsUa6A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74d05e6068d6b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1798ee412f53b1827d6f2bafaaba862f
f9b39405ad5c602b7abb39151a64a42124c5d0b8
a3238d75885122b724465a4c6668989c5eec4e35af31b515a309464500278a54
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A3238D75885122B724465A4C6668989C5EEC4E35AF31B515A309464500278A54"
Last-Modified: Sun, 18 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 12:47:12 GMT
Date: Mon, 19 Sep 2022 06:47:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 1798ee412f53b1827d6f2bafaaba862f
f9b39405ad5c602b7abb39151a64a42124c5d0b8
a3238d75885122b724465a4c6668989c5eec4e35af31b515a309464500278a54
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A3238D75885122B724465A4C6668989C5EEC4E35AF31B515A309464500278A54"
Last-Modified: Sun, 18 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Mon, 19 Sep 2022 12:46:26 GMT
Date: Mon, 19 Sep 2022 06:47:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash f6dfa1c7e8f4edf8b450d2fe381e04b3
d2944786c7e0e128d7c5a214dd8ebf623668e035
951d9545e967dca92fbab1a1299a38dfb7383d96222bd4e53beaf32d14d011c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "951D9545E967DCA92FBAB1A1299A38DFB7383D96222BD4E53BEAF32D14D011C1"
Last-Modified: Sat, 17 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 12:47:12 GMT
Date: Mon, 19 Sep 2022 06:47:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash f6dfa1c7e8f4edf8b450d2fe381e04b3
d2944786c7e0e128d7c5a214dd8ebf623668e035
951d9545e967dca92fbab1a1299a38dfb7383d96222bd4e53beaf32d14d011c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "951D9545E967DCA92FBAB1A1299A38DFB7383D96222BD4E53BEAF32D14D011C1"
Last-Modified: Sat, 17 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 12:47:12 GMT
Date: Mon, 19 Sep 2022 06:47:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash f6dfa1c7e8f4edf8b450d2fe381e04b3
d2944786c7e0e128d7c5a214dd8ebf623668e035
951d9545e967dca92fbab1a1299a38dfb7383d96222bd4e53beaf32d14d011c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "951D9545E967DCA92FBAB1A1299A38DFB7383D96222BD4E53BEAF32D14D011C1"
Last-Modified: Sat, 17 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Mon, 19 Sep 2022 12:46:28 GMT
Date: Mon, 19 Sep 2022 06:47:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash f6dfa1c7e8f4edf8b450d2fe381e04b3
d2944786c7e0e128d7c5a214dd8ebf623668e035
951d9545e967dca92fbab1a1299a38dfb7383d96222bd4e53beaf32d14d011c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "951D9545E967DCA92FBAB1A1299A38DFB7383D96222BD4E53BEAF32D14D011C1"
Last-Modified: Sat, 17 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Mon, 19 Sep 2022 12:46:28 GMT
Date: Mon, 19 Sep 2022 06:47:13 GMT
Connection: keep-alive
fin-report.net/landings/G9wr22QWusP6/img/f4.jpg
200 OK 40 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/f4.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:07:22 11:53:02], baseline, precision 8, 568x342, components 3\012- data
Hash 86703d80c0631de5c9b0faec22b0d85f
c8452f4c86d7793827f77622cfd8dc2de33eb55f
1e9ef0ff3204d3a5a2ae6ed0ed36ec8dd170da996d7e07baf4fd6867101bfb7d
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/f4.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 40325
last-modified: Fri, 22 Jul 2022 08:53:02 GMT
etag: "62da656e-9d85"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOx7fqrAIknU9bztp2p3PdVbwSf8vvDpqChTFVCdEf4%2FlD8dY7HcCBmUNcwRZypJ7bI1XbzqhKuhzW6HciQcwkvmpMZg90W5OwFvyz%2BNpYY%2F492hGgm%2B8q6x93Mt9AUmCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8d5b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/s3.jpg
200 OK 72 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/s3.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:07:13 15:32:08], baseline, precision 8, 892x876, components 3\012- data
Hash be30a84363c31543e00df1cedf4a09b5
cc5db8d857704c1334025a95e22f4ea072662621
145c78efdc4eda391e0b87fd7f754bbc67472fe4e9f019450ae846f1a0b26f10
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/s3.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 72276
last-modified: Wed, 13 Jul 2022 12:32:08 GMT
etag: "62cebb48-11a54"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CcW2VlblEpL7%2B3%2FzhejyAOq0NCSheSAQ4bvRGEcFxq0%2BekO%2BQFno2Y1OIF0ypNRPe8JerhuFUMCZpK%2F4uNqtuY6MmUvDMOoEYSh4AlMPI1rJHHxfD03GjwpLOSSDBBM0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8cfb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/f3.jpg
200 OK 104 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/f3.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3733, bps=218, compression=none, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D600, orientation=upper-left, width=5592], progressive, precision 8, 1200x801, components 3\012- data
Size 104 kB (104154 bytes)
Hash 9344669a36d15b32965d6b389a1283cc
c9f1e04f9723e9f93b83684517f866779da05b34
24f7fa866ea5d1f79be5b86728a8dfe613e671a1a99beaec797055ff0794dd9b
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/f3.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 104154
last-modified: Wed, 06 Jul 2022 13:20:56 GMT
etag: "62c58c38-196da"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1lWlyDIXnJJ0OV3ox3TfWqiHUhm2F0XNZ2mpL%2FBa966EAkxDg4PYLytnN01fzRwgROVSxeEvd2WeB9thYPAzvi03icNt8BsQ8rZn8gKiDuSGdnCm7sIeFKUUp0d536L2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8d2b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3596
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 06:47:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3596
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 06:47:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3596
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 06:47:13 GMT
Connection: keep-alive
investonim.com/taiwan?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB
301 Moved Permanently 8.3 kB URL HTTP/2 investonim.com/taiwan?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB
IP
Hash 171f4e3a2608ccbeebde918c7747e882
c7960c39ba3a5ada79a09e816a1d403dcae1a492
001a26e4d5399ea26251021c8de22147bf9a1c8c6749b2cd96f05fe7a0580975
GET /taiwan?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB HTTP/1.1
Host: investonim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Mon, 19 Sep 2022 06:47:11 GMT
content-type: text/html; charset=iso-8859-1
location: https://investonim.com/taiwan/?utm_source=ad_20&utm_medium=tw.msn.com&utm_campaign=Investonim%20%3C%E7%94%B7%E5%AD%90%E5%A4%B1%E6%A5%AD%EF%BC%8C%E7%84%A1%E6%B3%95%E9%A4%8A&utm_content=%E5%8F%B0%E7%81%A3%E9%8A%80%E8%A1%8C%E4%B8%8D%E6%83%B3%E8%AE%93%E4%BD%A0%E7%9C%8B%E9%80%99%E5%80%8B%EF%BC%8C%E4%BD%86%E4%BB%96%E5%80%91%E7%8F%BE%E5%9C%A8%E4%B8%8D%E8%83%BD%E9%98%BB
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPjwP0xe7AJgVdAn6kf7wmFSlXAm1OKwedO%2BvDmojc8Ba9CayI0puqxG%2BEObO4LVP5y7mbT6XamBDVeFkzGRqCjOfTYGwYacHwUepw2zVN8s%2B49Jp9ijZGe4wJgIzXNpXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d05e580f951bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/portrain_photo.png
200 OK 63 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/portrain_photo.png
IP
File type PNG image data, 206 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash 06b3bd9bbcf702e104605c67f3a14d8c
1996689d42640567071d9aff0dc1919bd7edb0a9
dc8e958ca8340742752692bf43c0587f8f5ec2a85b57387a304703a140f80ae3
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/portrain_photo.png HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/png
content-length: 62730
last-modified: Thu, 07 Jul 2022 09:13:20 GMT
etag: "62c6a3b0-f50a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGnXvP6lKI6ijTYjmACsXV5snwRUgoHWsi0%2F%2F8C3ZSq0b833RLrLYq0IBNi9ZtpENaE1gXtPF1t2Tluq%2BwtM2BVtSrfLxNC95%2FJudB0z1D3iybwJsqv3LdRL6RU1GRS3NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8cbb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893f3495f1f575e946a57c8e8411b2a5
480182fd29c7edd369339847b85e4e2580cef0f6
097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 32008
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/css/logo.css
200 OK 8.9 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/css/logo.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash 6e4dc1e0f1317870ca3767bec5e6194e
1647341cc9839e207771c559d0943dd462288bc3
99112f8ff428702556cc2ac33cb41de6ef32c760cd67165da290734472597e90
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/css/logo.css HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: text/css
last-modified: Fri, 13 May 2022 15:22:00 GMT
etag: W/"627e7798-195"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJCvUcjQyeQOCL1Y0MmfhaTVA9b9Hw9r%2Fvs09I0e%2Fg4zY7X785lEVqPSXn4U6AVBm4Wp4ToCvyDPhiXET4IHPxL9vtDt75FsqbvQqhio9ZhRIisyB8gOinDVTqPe2qcjVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61d90cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f99c08fdd1a74ec569e02207b9919df8
3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df
7b5f48166db186dcf19987f5f91cb03cbd069ec74de8ea42059626019b00fc14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9371
x-amzn-requestid: dd94b1a0-f6a1-4e41-8b97-9c9904b6f6b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRFF6rIAMFY2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf39-289c5acb4e5bcb715b689f55;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ru8zmqf8FBNIJatpnkFCgjq49arUFR2o8pqE50dzLOXsgsyaf5oMKg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 10:16:51 GMT
age: 73822
etag: "3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.0.4/css/all.css
200 OK 17 kB URL HTTP/2 use.fontawesome.com/releases/v5.0.4/css/all.css
IP
File type ASCII text, with very long lines (33714)
Hash 6cb65196a5a088be720efeb58dd642b4
3e4699724b3f24f8810bfa84868d5eff050474ef
a3fc6dee3a73eb42d8371e1242ab42b12e4ff37631c5b8c54c6d5bae9b9ee908
GET /releases/v5.0.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://investonim.com
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: text/css
x-amz-id-2: M4TFMkJDrQlK7DsNv3nS9VjahPO71lyRn+5ZwInTPFimQ4AiGcQvX684D+puXI28ubkC3a/qr7Y=
x-amz-request-id: NPT48842QG7CH1Y3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:27:48 GMT
etag: W/"bc230296e25b578ef593d18e06365424"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5UCgiPanq%2FUJ81BDUk%2FB%2BfD8sUuGiBIj97e0Z5fdDrOK1AlITpRpxVz6U3Kc3AAO5CXx7WnKsIEKF4tut4pk4ck0UUiSmLexL5hGWc9qQEck1QM6cFTgaCVlpeLmiwPCDeEQBsM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d05e60c9f27759-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/css/style.css
200 OK 11 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/css/style.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash 04173acc839140855da3fe46efaf9d99
14af555266473a551ebbe9c19669075dfce7410c
772a492f73d64140152befd63d15ae432f41adea1584137aa0617a48c3ce6219
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/css/style.css HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 16:32:10 GMT
etag: W/"62c5b90a-2f99"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPM0HKqCdymQVM7ShQco%2F4ZQvG7cMqlb5jsCrTXFJtPJkt7D50hm20IEPaj7M0OQ3uTClpmYZ6XemqPP4jP28ohWnks4XK0t7hJnWOqG1Bq81oFXpmGUP5BAxEkfNE63CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8c7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 672ffe8377dcaf5bad2d7e4534441984
e1b634652b4112c30f80745059523cbfce09365a
a4b6bcfb246be2d02b5d04b49f9d8c13fef8661abc7d9f146d5cc9c766fc96f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad78a6f9-e73d-465c-b7fd-7c8b261e5825.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4878
x-amzn-requestid: 2d39705a-e054-428a-a3c8-fc0b12e70724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeH-EGvAoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322538d-6ca748d854879c6b0d6194cd;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:19:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f_oUXd6cq-KWQHisWISSBu2cMNK706Zy8EhLTx1Ij8YVkKYJNpwPjA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 04:20:07 GMT
age: 8826
etag: "e1b634652b4112c30f80745059523cbfce09365a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/bitcoin_future_side_step1.png
200 OK 54 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/bitcoin_future_side_step1.png
IP
File type PNG image data, 402 x 492, 8-bit/color RGBA, non-interlaced\012- data
Hash 75d0bcb64776fc5d1310be6bd52ec4a2
0290a70ef1139f80091164b2591c890ab10e1638
0bddd4e0eec29930d944d4cd9cc5df4af40caf2537fddfbf827538818b28a906
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/bitcoin_future_side_step1.png HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/png
content-length: 54247
last-modified: Wed, 13 Jul 2022 12:28:46 GMT
etag: "62ceba7e-d3e7"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGZw86z5bnThDbVVDPwe4hPtzngQCrukoBJyAlu5drlF6v24IPyX%2B2Yz5STRYHD2pOsadAH5kvsO%2FHBhMAJJ%2B8ZXDdjWNgoLn5%2Bceqw9ysx3raW%2FHiawTy2VWOtkGwZ20A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8ccb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/f5.jpg
200 OK 122 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/f5.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3733, bps=218, compression=none, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D600, orientation=upper-left, width=5592], progressive, precision 8, 1200x801, components 3\012- data
Size 122 kB (122234 bytes)
Hash 417754765431d36259cbb1b3b4fb372b
5e5be37da20484ae723898eee08dc5733beb5b2f
2048784d60728b5a08517f25dd61d09c925ec702a9e0edaf976dc2b3023be486
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/f5.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 122234
last-modified: Wed, 06 Jul 2022 13:24:12 GMT
etag: "62c58cfc-1dd7a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYrcJQEloOObcAlHF5jc0ef7JahR4uiAz5VjBq%2BLlpxnN%2FPWgTJ0%2BcW8yT0aPPCL9flYDlF0KxoBgb0tm4dDXnZT%2FobyoC%2FZ6IGmYp%2BnOa%2B0GZl7TagJlHnQQWp2qj%2FayA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8d7b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/s2.jpg
200 OK 38 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/s2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:06:20 12:14:02], baseline, precision 8, 786x546, components 3\012- data
Hash b73e8b34eaf79ac1d0fd9ca75bb5b499
bb8141764f3eaeebee1174e10770ac38bbf64388
e63153481af9148e82e659be35ee2ec9b7ae0c5fd07d2bde077f4af4efec4e3b
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/s2.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 38123
last-modified: Wed, 13 Jul 2022 12:28:48 GMT
etag: "62ceba80-94eb"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur5X2r9NudnaZYu4nj62uVhwb8MvnLRfWH5tNFqw1VKFkXBCIg88fJbeWRGJkDDebGs7R2SN%2BaSK00%2BTlQLUcMxwNJmiCjzef7%2FZXyWywjdcdLS3M5gcawrQ52L4Fj6IIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8ceb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/f6.jpg
200 OK 18 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/f6.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x275, components 3\012- data
Hash 048074f1531f9d08cc3056bdc9ad8c6b
be66adc2383adc933774b88897bd96da142437e9
98b42f84d252c4c47ccfacd58b38b05f28df5317f11bf6a7fea881329c5190e8
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/f6.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 17957
last-modified: Wed, 06 Jul 2022 13:30:26 GMT
etag: "62c58e72-4625"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81ZowkzVy7Uem7KFAhDTB2xLn1Sfgc61fuscEAkVTj1l7NEvL81soD6cM1hxfVNEpTaAnDNgA5bGic9XQfD%2F2mYkdPab%2BNleKh4SZDC1bDsRham821lM5whfTJY%2Bz7zoBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8deb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/f7.jpg
200 OK 106 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/f7.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3733, bps=218, compression=none, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D600, orientation=upper-left, width=5592], progressive, precision 8, 1200x801, components 3\012- data
Size 106 kB (106363 bytes)
Hash ed11d42c8c904ef594a7ea90ea8ead4a
e7c33c7f09d8c71a72e36b4f2b234ed7953b72f3
8067493bdbcc16e85de61fe05a1b2758c40356eaa86eeba4da6f3c57117d1d66
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/f7.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 106363
last-modified: Wed, 06 Jul 2022 13:24:44 GMT
etag: "62c58d1c-19f7b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vS9LYafTTB2T%2BSJ%2BsRnxhyOm82tN4UFh5UmWzZvpvTVEc5evtDdZixTa18UmXWtP%2FTzNJtv5O67rq%2B%2FKRY%2FzZ8N2etm%2BfRn181oYX7Fz5YPxMdd4b3Sa7EXU0r2X8PObuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8e2b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/f2.jpg
200 OK 170 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/f2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3733, bps=218, compression=none, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D600, orientation=upper-left, width=5592], progressive, precision 8, 1200x801, components 3\012- data
Size 170 kB (170423 bytes)
Hash adf6879bdf71d1602058f6bab53c246e
c83caa0d8fc5dafad7464053d645c16f0703b09f
14f55026311232ccb0cd29930077f2b20f03a032f7b01959697f7f6e977d67b9
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/f2.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 170423
last-modified: Wed, 06 Jul 2022 13:26:34 GMT
etag: "62c58d8a-299b7"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTVDD6Gxl%2BwM5qhG2jB14bnr3tw7%2BdI4loZ4psGuZvf3FYoy%2Ba1ydNjYRMPirQYRY1RhZnTc9RzuBJZx8wN6YYclrvxbdwKrRIiRPkbhGpSZqdQKz57EA1HTY9SyloVWqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8d0b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/img/f8.jpg
200 OK 690 kB URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/img/f8.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3733, bps=218, compression=none, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D600, orientation=upper-left, width=5592], progressive, precision 8, 1200x801, components 3\012- data
Size 690 kB (690459 bytes)
Hash ba01b8f53ff80a21b10012499a26c84c
0396f857e41fc832862937f383e9b4dd15886b21
7bdf32fc8d3bd4105589264deaa508adfc83037fa37daaf16b524702239d9c59
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/img/f8.jpg HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: image/jpeg
content-length: 690459
last-modified: Wed, 06 Jul 2022 13:22:38 GMT
etag: "62c58c9e-a891b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59Du4q1tAAbfuTYv%2B7tbitV2UNZfTjJeFK3ThR3MncgQJopah9EHA3WYS5YvEifsOQZ55d8JnGoHE94%2Fp5e0Jss8IYTGFSxqgxXA6OQdizkVGrBZqJqN1fhXvzrtfZ%2BF%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61b8c9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fin-report.net/landings/G9wr22QWusP6/css/bootstrap.min.css
200 OK 0 B URL HTTP/2 fin-report.net/landings/G9wr22QWusP6/css/bootstrap.min.css
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/G9wr22QWusP6/css/bootstrap.min.css HTTP/1.1
Host: fin-report.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investonim.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 06:47:13 GMT
content-type: text/css
last-modified: Fri, 13 May 2022 15:22:00 GMT
etag: W/"627e7798-1e4ea"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhQY4IW%2FeM%2BEGKm%2B2DaZWJTp4VTipoIk3fXc%2FIdSsYmJ7cwRCMpQ2cZAO%2BmujqIfU3KewWSjg%2BTkS7Q8f2ge9HxId4l2qyTKGKqnMWW9p%2FneiUPR4O7XeZxCZsvjUBIT9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d05e61c8e7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
188.114.97.1
143.204.55.27
23.36.76.226
93.184.220.29
104.17.25.14