r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9047
Expires: Sat, 26 Nov 2022 00:38:49 GMT
Date: Fri, 25 Nov 2022 22:08:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5133
Cache-Control: max-age=136124
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 22:08:02 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:56:46 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 21:17:29 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3033
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3276
Expires: Fri, 25 Nov 2022 23:02:38 GMT
Date: Fri, 25 Nov 2022 22:08:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JAP6zlqVClfUzqLa5Io8kI6/VS7LvrSmQHIhXrhNt7hv17DVJmLjIUCgmnDkEAeOLkzbtOLz1SI=
x-amz-request-id: P2DC0GHVPKHAQ7YC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 21:40:57 GMT
age: 1625
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
profitcrow.com/
162.213.255.22301 Moved Permanently 707 B IP 162.213.255.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 25 Nov 2022 22:08:02 GMT
server: LiteSpeed
location: https://profitcrow.com/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 21:11:11 GMT
cache-control: public,max-age=3600
age: 3412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2ca4f3db1187249cd675bf26caaa2aba
78fdb48758198ffcdd12499e1cc3a1672a6fb12b
74a78cf78bae823a565ce162e6b737926d43b342571fd8d4402ed43ab6956ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 22:08:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:39:29 GMT
Expires: Fri, 02 Dec 2022 08:39:28 GMT
Etag: "78fdb48758198ffcdd12499e1cc3a1672a6fb12b"
Cache-Control: max-age=555684,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb3640eefb50b-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2874
Cache-Control: max-age=128802
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 22:08:03 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:54:45 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.202.70.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.70.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E3baPpoRSH/2LpvXrkXuEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Z7R0CJP8ZGdLYps1lfa5ttPXX1I=
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profitcrow.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1227808
expires: Wed, 15 Nov 2023 22:08:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqf1R4LDI9tZmyLhekjxGz8ccV8Fn9APeLh6ORXUDZ2ydtMKreowCFzSZrFNdj2GzxrYzvsfzHFNYth%2Bd7Kfx2Cs9Fq5CuyiH9MWxcrmdT9QqXbaUyCnMNlNUFxSW1Q88TDPQmxC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb368cd02b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
104.17.25.14200 OK 15 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65317)
Hash eaa2e9825d0aa4108e5c61a9058f5434
2c855186ced95e99325836c2af8b9cc2e823848a
65b91a9d675a0b22b90132b403e14db1fe82496a45c2a077ddecb2452e929077
GET /ajax/libs/font-awesome/6.0.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profitcrow.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:03 GMT
content-type: text/css; charset=utf-8
content-length: 15248
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "620188b3-3b90"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8130661
expires: Wed, 15 Nov 2023 22:08:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdszxUUysYJ5%2BH6utl%2FHZAHzadQQWBjGzlVqIO6VYx9mqCjU82%2FjM6nlUt%2FNXajt8%2FafK7AZhBUDW3WSK7f1uO4VYUpjDCmbDXn%2BnJL70uTi3pwpEhzB0rfQqN8EK2pJXsCyG%2BRY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb368ccfeb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 22:08:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:03 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669414083.dop208.sk1.t,1669414083.cds258.sk1.hn,1669414083.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 539efe13eaf4d836228fbb44d096f4d9
579bea6c31a295509ac514a830a119e4b20a56e0
f52cdc43f13bac2b661b60f06d4f9235bb90411ad9dd69909f6a5204dd70294b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5588
Cache-Control: max-age=162857
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 22:08:03 GMT
Etag: "63810018-117"
Expires: Sun, 27 Nov 2022 19:22:20 GMT
Last-Modified: Fri, 25 Nov 2022 17:49:12 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 279
fonts.googleapis.com/css?family=Lora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Lora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1
IP 142.250.74.10:0
Hash 6baaf44396f6104d1047803659b4e0bb
73911ebd4e7547b6b75eb6b453d580d05a877901
26a9ff4fe98b51c919449c2916754b891dfab5ecfd6d80693d45571a343991ec
GET /css?family=Lora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 22:08:04 GMT
date: Fri, 25 Nov 2022 22:08:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/css/dist/block-library/style.min.css
162.213.255.22200 OK 11 kB URL HTTP/2 profitcrow.com/wp-includes/css/dist/block-library/style.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/contact-form-7/includes/css/styles.css
162.213.255.22200 OK 848 B URL HTTP/2 profitcrow.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 162.213.255.22:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 11:30:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/video-popup/css/YouTubePopUp.css
162.213.255.22200 OK 942 B URL HTTP/2 profitcrow.com/wp-content/plugins/video-popup/css/YouTubePopUp.css
IP 162.213.255.22:0
File type ASCII text, with CRLF line terminators
Hash dab981875b77849c08e2ddb279e375ea
c98c3f91dc170e7ec53a83462a1186f7612d97b9
5d5a5845ac72af88574fc634dcc03a297efc05303e4e81f3039a6abb55f65b96
GET /wp-content/plugins/video-popup/css/YouTubePopUp.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
content-type: text/css
last-modified: Tue, 11 Jan 2022 12:22:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 942
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css
162.213.255.22200 OK 259 B URL HTTP/2 profitcrow.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css
IP 162.213.255.22:0
Hash 49736e2d926fb2846e2df8fc0a1b69f8
0c415addd3603df8843209de4fc448ef5c443761
be091ce2d9948f24a59c9d1578557cd92e8180e2318dc0a21308ca180071f8d0
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 05:09:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 259
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css
162.213.255.22200 OK 279 B URL HTTP/2 profitcrow.com/wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css
IP 162.213.255.22:0
Hash 72bfd2d53aa9f299cf392abd69c8b8a6
7f487186ce33a2d1bc60b007c342bd0747cc472c
a7bd064a03209d5852f6dbb767df00cac08962728ed8b961b6cba1e465e54d27
GET /wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Tue, 11 Jan 2022 12:22:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 279
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/stripe-payments/public/assets/css/public.css
162.213.255.22200 OK 1.2 kB URL HTTP/2 profitcrow.com/wp-content/plugins/stripe-payments/public/assets/css/public.css
IP 162.213.255.22:0
File type ASCII text, with CRLF line terminators
Hash 3d213908fe5fb6d51972c9576cb70afa
ee9d05f6948729e9b35456f06072ffa155e5e6d9
404082f0c1289d8b45211b55e2967db60d7654f2277bec1adab2dec5a3926edf
GET /wp-content/plugins/stripe-payments/public/assets/css/public.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Mon, 21 Mar 2022 05:32:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1195
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
162.213.255.22200 OK 3.6 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (18854)
Hash 23d0cda7fbd7f269a200dfff8ee211c6
497cc19819270e7a3795ab61e775c130ac7b255a
299d22db4a8362551089748bb93645f190469be3b392fa206b9872bd298bb41b
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3554
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/css/custom-frontend-lite.min.css
162.213.255.22200 OK 12 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/css/custom-frontend-lite.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash de0a3b4cfa50c6250fcae2e841d308c1
de881601ebbc86cc3edb2d4d19c8ccf4bd66f010
a0992c4ef90ba89f416113c0c6dc897444a76c14b55cd3c57a7caf09f3680160
GET /wp-content/uploads/elementor/css/custom-frontend-lite.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 12:02:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11467
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/css/post-5.css
162.213.255.22200 OK 338 B URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/css/post-5.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (1494), with no line terminators
Hash a38833649aee38c839e70c45cf77eab9
531456a09a87cb4cb4ee40794c978c9437aadd34
bf0f7b2aea27e7889940c290bb6f361261def31415057f4f8119163197d834b3
GET /wp-content/uploads/elementor/css/post-5.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 11:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 338
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/hummingbird-assets/62c5bd855a07086694cec358dc8b97dd.css
162.213.255.22200 OK 1.1 kB URL HTTP/2 profitcrow.com/wp-content/uploads/hummingbird-assets/62c5bd855a07086694cec358dc8b97dd.css
IP 162.213.255.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 771b7d38176d4117a8677c87c91ac101
90f425477018085cc060415c19b08c33550e5b26
6fceca53b30ff562d7d1ad0c6745fde650d08301e33fefdda37be0447c6e0c6b
GET /wp-content/uploads/hummingbird-assets/62c5bd855a07086694cec358dc8b97dd.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-length: 1138
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/jquery/jquery.min.js
162.213.255.22200 OK 32 kB URL HTTP/2 profitcrow.com/wp-includes/js/jquery/jquery.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (57404)
Hash 079bd18335ced970c278ca67bdd02a1c
17899d62843cb4cb5fe067675a82e34e389d7066
1a92b908c7efe886b48fa7ace0384525069dab0c585f85550fe9799f0a12fe00
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 18:13:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32486
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/jquery/jquery-migrate.min.js
162.213.255.22200 OK 6.2 kB URL HTTP/2 profitcrow.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (11834)
Hash ad9a0acc74d703c631bd588a2a25174d
97c071258f83682d3f70e1c81472a27c52c2b09d
19e727fa70ff2d98e4a3ffd33c44394f22c36d6b214d06c77205e29cba3660f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 14:53:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6175
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js
162.213.255.22200 OK 3.2 kB URL HTTP/2 profitcrow.com/wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (7928), with CRLF, LF line terminators
Hash fb83d91c4a414177379f38716d6c1809
2a591fa08f588a6142ae1e915321893083473be5
ab0edcd305fc0f7ec923979e31ae5f3df3a74698e35041396a4d38cee1df9496
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 18:13:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3248
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/video-popup/js/YouTubePopUp.js
162.213.255.22200 OK 1.5 kB URL HTTP/2 profitcrow.com/wp-content/plugins/video-popup/js/YouTubePopUp.js
IP 162.213.255.22:0
File type ASCII text, with CRLF, LF line terminators
Hash 0852648646af5f4c849b2fde4c32c567
4ad1becf8162081e8c11c8d6f68f88c3c87b59cd
866f1fa457b3ebe98585a1121e8e85e8b80e7573cb39d3ee217613fa2a51add5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/video-popup/js/YouTubePopUp.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Tue, 11 Jan 2022 12:22:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1545
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/stock-market-ticker/assets/stockdio-wp.js
162.213.255.22200 OK 4.3 kB URL HTTP/2 profitcrow.com/wp-content/plugins/stock-market-ticker/assets/stockdio-wp.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (6787), with CRLF, LF line terminators
Hash 8dda53a0928c12064eda9228d1b4c83e
d9a390405841546929ea86f0e39777cd4f716c86
7c4d0111ce008644fd69861203496ea4404f29b109e6c322f291465933c3d007
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stock-market-ticker/assets/stockdio-wp.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Mon, 27 Dec 2021 10:39:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4254
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/stockdio-historical-chart/assets/stockdio_chart_historical-wp.js
162.213.255.22200 OK 4.3 kB URL HTTP/2 profitcrow.com/wp-content/plugins/stockdio-historical-chart/assets/stockdio_chart_historical-wp.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (6787), with CRLF, LF line terminators
Hash e2cb082d3a8b14ed950ba26da1e62614
4204ec21dcb7078d0651206b23b6919efea98217
36ae889e9de9dfba52c44151e1f5178e991fadfb57194df3435a3f5caf495dd6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stockdio-historical-chart/assets/stockdio_chart_historical-wp.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Mon, 27 Dec 2021 10:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4260
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash a1081bed636353a7ab10a85bbbfbcdb6
c503ffdf823ddf1c72e2fef52b45aa2cdf405de6
6022132a52444bde22cf48da37c6384fc07edf18e0ef6afb05fbe715a9adb8f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6022132A52444BDE22CF48DA37C6384FC07EDF18E0EF6AFB05FBE715A9ADB8F3"
Last-Modified: Thu, 24 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 04:08:04 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive
profitcrow.com/wp-content/themes/profitcrow/pagination.js
162.213.255.22200 OK 2.3 kB URL HTTP/2 profitcrow.com/wp-content/themes/profitcrow/pagination.js
IP 162.213.255.22:0
File type HTML document, ASCII text, with CRLF, LF line terminators
Hash 282e81c5dc42399f44033b488ecf3f15
da4c08cb9a36f751e45ba244f4f33fe9315dad3c
568de54b6ab279b0b6c18d267028eddfef996ee8538886bd07dc08bd17ecfd80
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/profitcrow/pagination.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 29 Dec 2021 12:11:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2323
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/css/global.css
162.213.255.22200 OK 1.3 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/css/global.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (6697)
Hash fc6edda31e164cee7091e25022bf94dd
689541cb538ad30d128ed13bfdded51fad82d3e8
704545d1d0d5ef3cc50b0cb5301da68ff6669f1cf1a734b05be20f8198a24530
GET /wp-content/uploads/elementor/css/global.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 12:02:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1274
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/css/post-6.css
162.213.255.22200 OK 2.4 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/css/post-6.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (27484), with no line terminators
Hash 4f4bcac502200ba217a1be604293d1a3
06d56236cdec9f49e3b84594b1b8daf58367eb37
cbe9d9b56f6ec932e87ab0279b0c85badb01c3739b2848a9e2d3bf58513d806e
GET /wp-content/uploads/elementor/css/post-6.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Sat, 02 Apr 2022 09:31:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2376
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/css/post-8.css
162.213.255.22200 OK 597 B URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/css/post-8.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (1769)
Hash 3e7491096c099cda879eb7fabf1fd4d2
4e1b0a8a39c9f7fed39297e7224425d4ac8fa0ae
c84494234c88ac816adedaf41cc2b81632d90f027920fd0bf2b98ea79edb9e64
GET /wp-content/uploads/elementor/css/post-8.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Mon, 21 Mar 2022 05:11:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 597
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/css/post-66.css
162.213.255.22200 OK 1.1 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/css/post-66.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (9093), with no line terminators
Hash c091095a23032852d0fb1e3b99c68061
090ecb4cdab14e79a8c1fcce9a50440c9105b191
bde4854b85bcc99dd3785e0589f4ea9b3368620d84c992b38a48a5f5dfd0c83d
GET /wp-content/uploads/elementor/css/post-66.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Mon, 28 Mar 2022 10:38:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1099
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/themes/profitcrow/style.css
162.213.255.22200 OK 4.2 kB URL HTTP/2 profitcrow.com/wp-content/themes/profitcrow/style.css
IP 162.213.255.22:0
Hash d7e88376bb05c54b033792ab7f6f513b
3ffaf2240fbbf738e7727ba1fd23e83dcd50987f
0d1923b7fc22037ddbafa26ffc8a91264fb08716aacccfb9960eb2ba67cbebb7
GET /wp-content/themes/profitcrow/style.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 05:54:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4226
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css
162.213.255.22200 OK 7.4 kB URL HTTP/2 profitcrow.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css
IP 162.213.255.22:0
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 806afc62d640eb03fccbd5fe46ed8666
31259bb9e403fbe379125ea0c562ac11d76dc4d7
f7ceb3661377e98e71ccebe4d91336ac77e4e62a84bff79a1e6f865f3d00c26f
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 05:09:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7374
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
162.213.255.22200 OK 2.4 kB URL HTTP/2 profitcrow.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/themes/twentytwentyone/style.css
162.213.255.22200 OK 22 kB URL HTTP/2 profitcrow.com/wp-content/themes/twentytwentyone/style.css
IP 162.213.255.22:0
File type Unicode text, UTF-8 text, with very long lines (403)
Hash 62daf70bcac352a086ee7c6c0498068e
c8d6502c4f964874a0016223cf246e1dd81528e7
f15ba3c042055ec36a3714964cce47932b19c5f428e696d4630225c315944e31
GET /wp-content/themes/twentytwentyone/style.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Mon, 19 Jul 2021 00:45:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21920
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
162.213.255.22200 OK 12 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
162.213.255.22200 OK 286 B URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/pum/pum-site-styles.css?generated=1641964841&ver=1.16.2
162.213.255.22200 OK 3.1 kB URL HTTP/2 profitcrow.com/wp-content/uploads/pum/pum-site-styles.css?generated=1641964841&ver=1.16.2
IP 162.213.255.22:0
File type ASCII text, with very long lines (7400), with CRLF, LF line terminators
Hash 920f89b21ad5a2d8ed4efa9f0fda0b03
648ae8495290bbe008f86f0638162dded33a3f16
e97e6e5e0ed3ce4ed759ddd41f67f288240459a78cf350d40359b83c6ec47699
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1641964841&ver=1.16.2 HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 05:20:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3102
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
162.213.255.22200 OK 982 B URL HTTP/2 profitcrow.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
trick.cofounderspecials.com/track.js?v=9.999
91.211.91.112404 Not Found 729 B URL HTTP/1.1 trick.cofounderspecials.com/track.js?v=9.999
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 604eea713faef1ae8dafc0224112e662
89f4a04f3088b7fdb308cd0af944a38c6ed99c2b
3905c65876c7b7c1f0a8efae5c758b100d3903c2f94e7177285e898c80eb10f2
Analyzer Verdict Alert fortinet Malware
GET /track.js?v=9.999 HTTP/1.1
Host: trick.cofounderspecials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 22:08:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 29 Jul 2022 15:36:49 GMT
ETag: W/"5b0-5e4f36b22e013"
Content-Encoding: gzip
profitcrow.com/wp-content/uploads/elementor/thumbs/2-pmkl2wqht9wn13yhe2adcrd3furau760twajm8xi1g.png
162.213.255.22200 OK 13 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/thumbs/2-pmkl2wqht9wn13yhe2adcrd3furau760twajm8xi1g.png
IP 162.213.255.22:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash ec96ac85442a6381a7e762e716974df4
879e3d5c7965091b1aff35feb5a7a7b8b4c83fd8
78e1791fc3b878a7a461d68a098d7a3d7ec3bc21ab5ca5ffdd6d81abb571e7e7
GET /wp-content/uploads/elementor/thumbs/2-pmkl2wqht9wn13yhe2adcrd3furau760twajm8xi1g.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 08:34:39 GMT
accept-ranges: bytes
content-length: 13030
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/thumbs/Untitled-4-pi82g9b1s4qlpfyf5iy2ov6tttz3gdf0qamvz4fxgg.png
162.213.255.22200 OK 5.1 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/thumbs/Untitled-4-pi82g9b1s4qlpfyf5iy2ov6tttz3gdf0qamvz4fxgg.png
IP 162.213.255.22:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 76aa60c2d1385f56e5b05560927cdfb7
8867884634b19102e751a2441b2f45f86fad792d
bc97a3f653cfc70af9b11a489149c6741f0e51a1acc1cf5c39627cb57003a763
GET /wp-content/uploads/elementor/thumbs/Untitled-4-pi82g9b1s4qlpfyf5iy2ov6tttz3gdf0qamvz4fxgg.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: image/png
last-modified: Wed, 29 Dec 2021 10:41:38 GMT
accept-ranges: bytes
content-length: 5086
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/thumbs/3-pmkfrnip7u3apfrn6w45iito4ffnnaw6v9mvaeia38.png
162.213.255.22200 OK 9.3 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/thumbs/3-pmkfrnip7u3apfrn6w45iito4ffnnaw6v9mvaeia38.png
IP 162.213.255.22:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash a1aa7295ba56eb8716240a1792bf5d5d
441badab503b3466a7fe589fedf298fa3bacb192
1b87b30adff34e79488b34e0dd5c616f9b464ced0172da0ee0c591585491818a
GET /wp-content/uploads/elementor/thumbs/3-pmkfrnip7u3apfrn6w45iito4ffnnaw6v9mvaeia38.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 06:34:43 GMT
accept-ranges: bytes
content-length: 9349
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/elementor/thumbs/1-pmkl57gaip1vesmbz21jg6hnprflnkaeh9p9uliutw.png
162.213.255.22200 OK 15 kB URL HTTP/2 profitcrow.com/wp-content/uploads/elementor/thumbs/1-pmkl57gaip1vesmbz21jg6hnprflnkaeh9p9uliutw.png
IP 162.213.255.22:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash a62538a857b9423187a009083b45aa16
424f3f7c6208b9fc25db044a655fd3258dc02be2
87cf17d8ba09369f62c1906e29b066341763c3cb95ec6c2cc596a80bd7861ccb
GET /wp-content/uploads/elementor/thumbs/1-pmkl57gaip1vesmbz21jg6hnprflnkaeh9p9uliutw.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 08:34:39 GMT
accept-ranges: bytes
content-length: 14777
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
162.213.255.22200 OK 1.8 kB URL HTTP/2 profitcrow.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (1213)
Hash 12045a493fe71cd86696bc193d512d1e
7e061eb7721ac84f1ae59d093af07dc756937e6e
2b94f6d902c60d5376a162522874fccdc8d7e54c1befbab1df32091f0f68364a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1751
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
162.213.255.22200 OK 1.7 kB URL HTTP/2 profitcrow.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
IP 162.213.255.22:0
File type HTML document, ASCII text, with very long lines (928)
Hash a1482c9dcef3633f83929e0f810a0939
697c20961e00099597911848396ae7a6051808ab
17f72ff4442a051ac09b971abedc3c8278f9ad192b99cb60db1908393d5f1857
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1678
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
162.213.255.22200 OK 8.2 kB URL HTTP/2 profitcrow.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 162.213.255.22:0
File type Unicode text, UTF-8 text, with very long lines (19160)
Hash a6433517266477ff06e6f99332ba4b51
10d396d74458024e4cef9da9bde6f640c7255d62
4ac649253d4eaf595a196a7a50def87064451a81f702f35ef7f2ced7e04b1d12
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8194
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
162.213.255.22200 OK 2.4 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
IP 162.213.255.22:0
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: text/css
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/contact-form-7/includes/js/index.js
162.213.255.22200 OK 4.9 kB URL HTTP/2 profitcrow.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 162.213.255.22:0
File type HTML document, ASCII text, with very long lines (11884)
Hash 5b1cb80f27a0b3ce5c5911ac842cd370
108ef33ff23345ae3deea8c96d6f51e77b59d8a4
8e9fad5c6fcc62d5a7868bdb202fdfdb602a444b42f1e7faa4345beedb7c5a8d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 11:30:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4852
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js
162.213.255.22200 OK 1.8 kB URL HTTP/2 profitcrow.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js
IP 162.213.255.22:0
Hash 64f4fafbb654071b435c0d8429ff2424
1a9368b246c6e2303f01052f1bdd4e565a6e8754
a1fabf1c4dd892f4d9b9c5c791619c9971f4b69d396677ec98bc04876243369a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 17 Dec 2020 14:57:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1762
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a82cc688f934411a894427bd493c429
fd67260f92d7faee2360956e8d2ed50a00c1dbcf
fbd1a487dac7233861d173e711218d3e3402bc71f538025c540b93696309dc67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12319
x-amzn-requestid: 6973e196-9eb3-4aea-9c60-b8e2158641ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOoGkgIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813590-62965d4c607d4f0a060265d9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U2lRuGTHsBCJ7HqZcNbwMXTuNJsghqL0p-hMJyUfiWAdXla2pJ6JRw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
etag: "fd67260f92d7faee2360956e8d2ed50a00c1dbcf"
content-type: image/jpeg
age: 1318
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 62960
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9443750de7962c9e235cbb6dbda24df0
05de7f68103849bd0cd80a704ef97685d0150800
d84e37f9bfd9888a385364c52cdc0d817aa680ee0a83e579ca1f1083f1131468
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12505
x-amzn-requestid: a89c780f-e1a4-451e-842b-656ba43958be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOeHzfIAMFpGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358f-3478b6c81d94ec65388bd3da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mUic7CJjKQ8l7EKhTTSs2LTLaCqnVQUBuxzmfzET4TwSa_LX8na-MA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:28 GMT
age: 1476
etag: "05de7f68103849bd0cd80a704ef97685d0150800"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
162.213.255.22200 OK 3.7 kB URL HTTP/2 profitcrow.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (6497)
Hash 8d388f2c3006f4570ee4c6499d29570d
9bab3f56143a3f3d4da298c4e1f2d7daf9be8b34
ff623286211f4f108e8ddd9c9676b67cdaad2b18e4664afb954392ee86e3364c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3688
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js
162.213.255.22200 OK 3.6 kB URL HTTP/2 profitcrow.com/wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (365)
Hash 2cdc04d78f7ee7a7a45bfa0f71748bba
c02d3f7108cea894457bc649fb8140d1823c4e14
ddfe23792f318770019fdf20f4121f4c85796ffd938ff72dceb06d27bc42ec6a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Mon, 21 Mar 2022 05:32:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3626
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js
162.213.255.22200 OK 3.0 kB URL HTTP/2 profitcrow.com/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js
IP 162.213.255.22:0
Hash e4a16c411111952ff1102ed8259d2050
f8857129dd5052a2b00ef5faa638fa89ad7ca6be
1e37c3bd3728db033adb56e0dbfb9ba5a0bc5588f0378f50065ddd373f8984a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentytwentyone/assets/js/primary-navigation.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Fri, 02 Jul 2021 19:08:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3027
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/mediaelement/renderers/vimeo.min.js
162.213.255.22200 OK 3.4 kB URL HTTP/2 profitcrow.com/wp-includes/js/mediaelement/renderers/vimeo.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (6216)
Hash 3992e282ab32666818c2d0e616dc1b77
515f5c4dd13f8ef3a887fdcf16b3303ef44c8683
ed272ac58e0c1443d08e7b44296b36e9d4063414e38f7ce0afb703cfb194aebc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3373
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/jquery/ui/core.min.js
162.213.255.22200 OK 8.0 kB URL HTTP/2 profitcrow.com/wp-includes/js/jquery/ui/core.min.js
IP 162.213.255.22:0
File type Unicode text, UTF-8 text, with very long lines (8211)
Hash 5dd1bc1f3ea8e5e4a837ea607e2b77e3
74211160587dca82bd900ada3516b6c8f0e4efde
ed11ec8e4fdd0616ed2b2483fcbff6164ee99c54e310db5cdc4305bbac46832f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 05:15:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7961
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0f860248042a8499ffb1701a880b2ba
845842c789e6e97fd1687e668d446bbb8309ffc7
9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TpEr70sCNigNhVg7rDFIUG12AVpzC0BUW6-xW3QTvjLcBUrpehjJbQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 1318
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whO__FB0B2ywDP_p63eQ044RXbT207sX1i87I6nPAFUB85nSYc0Cuw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 1318
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 1318
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/js/frontend.min.js
162.213.255.22200 OK 12 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/js/frontend.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (36864)
Hash 4df8270b9bef8842f86ee55d1056915d
e20ebeac9b5bb923a60c8450b2d050830a736312
19954f6aef0c2ea22736d4f24daa47c21a696b1589191b18abe8638d950578e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11756
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
162.213.255.22200 OK 5.8 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (14218)
Hash 1f43b2d49313bf72e06ee4c7d3293363
92b34fe1d79f01addcd66101fd4483e47bbd4ac4
2e6a02fd2942f482850fbb250e911d678678dc000a57bccffdfb6907bb2ab2eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5772
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js
162.213.255.22200 OK 4.7 kB URL HTTP/2 profitcrow.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js
IP 162.213.255.22:0
Hash 6e4cb2fa645238bdc0f574672f15a1fa
912a37467b48a43be834cb792383ca762d9c1821
6195b94cd8bcb7324ca47180bcbd1aa7093c8e76756822ecf038a3d04fe16ca6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 05:09:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4699
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
162.213.255.22200 OK 4.2 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (12220)
Hash 6fe5bb96a023659232ce4325f44d33f7
7ec823f8282b61aabfb554822fd1b6c2da4391e0
5d3ce78e4a36a2b30806af6904d874109265da5ae16761f5683e1eb74fb4ab5b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4191
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
162.213.255.22200 OK 3.3 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (4888)
Hash 9c082a8068c41865ef59f1304596126e
6882584706cbfd89a38156a15de51355b467a06f
a89a9a40a380cdf15ec7285508d9b188648b3d0b4fcf2027e643b4668e135a08
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3313
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/hummingbird-assets/e49d536499e990405f601b33fd712665.css
162.213.255.22200 OK 1.1 kB URL HTTP/2 profitcrow.com/wp-content/uploads/hummingbird-assets/e49d536499e990405f601b33fd712665.css
IP 162.213.255.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash b8b9e50df0ad408c6ba99ad19a04bec3
2fcf28e9519f5609e4f21a68a185bb3fa10e5bc3
7803fd5ce1d93c86bbcef77bc28276951844c42acf6705226db9085843489467
GET /wp-content/uploads/hummingbird-assets/e49d536499e990405f601b33fd712665.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-length: 1140
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1641964841&ver=1.16.2
162.213.255.22200 OK 18 kB URL HTTP/2 profitcrow.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1641964841&ver=1.16.2
IP 162.213.255.22:0
File type Unicode text, UTF-8 text, with very long lines (65398)
Hash 83c7e8fc21afce24b9b7f13427a94e19
db68ab99deca6b19d33c3f03750e84245a1b4641
7505fda2d6c2b4d8d3a5ce366bd1d08342a66c668b527cb1c67a03461807efe6
GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1641964841&ver=1.16.2 HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 05:20:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17941
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
162.213.255.22200 OK 38 kB URL HTTP/2 profitcrow.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
IP 162.213.255.22:0
File type ASCII text, with very long lines (65266)
Hash 20b247de3bf92a6db16a55d35e84c219
98bfdc1c13085c6d32101e441fdebf71970328d0
14f496c4ead6b1346a50a96bb7f019a3f444c2a5ead00b63c8457c0922fba07b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37603
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/hummingbird-assets/8dac274b8cd5a47d46ebbe881c0604bb.css
162.213.255.22200 OK 1.1 kB URL HTTP/2 profitcrow.com/wp-content/uploads/hummingbird-assets/8dac274b8cd5a47d46ebbe881c0604bb.css
IP 162.213.255.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash af2fb701e56c0a8f6e8d8b9102ea5392
0a649bd36c780499ca515ced85f753985de6b125
71d68c40acd613e9ff3f8cfe1d233c07c35e4623c49ed0ddc54059806c24c660
GET /wp-content/uploads/hummingbird-assets/8dac274b8cd5a47d46ebbe881c0604bb.css HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-length: 1139
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 22:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Hash 0d0d3e5824e5e67a9e993960df2b67a9
328d67bb1d5899a7809df9f4385181863fd035f1
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:03:57 GMT
expires: Thu, 23 Nov 2023 08:03:57 GMT
cache-control: public, max-age=31536000
age: 223448
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 22:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2
104.17.25.14200 OK 127 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 126828, version 768.256\012- data
Size 127 kB (126828 bytes)
Hash 297973a488f688271dd223d542ba2697
ed99d812e4c88826335f93acede3fad85c90fb54
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d
GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 126828
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "620188b3-1ef6c"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7145923
expires: Wed, 15 Nov 2023 22:08:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB7eu7RzhfN3zxYdsPKA%2FtgJxvGL0a%2BYgZLi0feJqUXpdXkAnk4%2BwH14eobuM8VwOSQNDAdp0z6kVJ1RFVbJw32MvP04FlmzDcYqv3svE8hsOAn19BheFF6hpM2%2BDjiqRfvX4Bdw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb371adb9b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-brands-400.woff2
104.17.25.14200 OK 104 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-brands-400.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 104544, version 768.256\012- data
Size 104 kB (104544 bytes)
Hash a9afdb72826cde196ddf29eb8f9d0f8f
69fc982ace0b9fdd2cfa68c6628bcaad00f407fd
29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5
GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 104544
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "620188b3-19860"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20309511
expires: Wed, 15 Nov 2023 22:08:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vC%2BYAVF0QxF6OGVbTLJxNulZ4qMjcRS6VkBfS1Ip0lsRSLchc%2BTtwTsV46q7NZoQparMWyvHcfACWEbNGkHJhPXIh0AxAfI6rSfpS2ZBsWPFhAh1qI5Ow93WzTwpMVAx4VNgsQgl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb371adbeb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash c291e1ffbd415795e7b2a43263e0976d
dc9f47b7d53de57981087087e2a148c3439b2402
a61b9d2f2a9b8fff88f70ea8f94094f43a4487aa39c7090509bb74486a2d558d
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 22:08:05 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 10:55:04 GMT
Expires: Wed, 30 Nov 2022 10:55:03 GMT
Etag: "dc9f47b7d53de57981087087e2a148c3439b2402"
Cache-Control: max-age=391017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb371ffc10b55-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3248b7ce9699db3a999f2a4837b7e998
dd7c28cd7dcdf619f1319c1eb0b33cb6b9e16ef9
1d4c7c064407876285b049699d0fdf89ddc08fbe84829256fef8cc1bdc151b40
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137117
Date: Fri, 25 Nov 2022 22:08:05 GMT
Etag: "6380aa3f-1d7"
Expires: Sun, 27 Nov 2022 12:13:22 GMT
Last-Modified: Fri, 25 Nov 2022 11:42:55 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4si3StyH6e6n9bTs8SRZnTnRErOWZ8mpFuV2uB6x5mDxVdLhDQ9rvg==
Age: 1827
trick.cofounderspecials.com/track.js?v=9.999
91.211.91.112404 Not Found 729 B URL HTTP/1.1 trick.cofounderspecials.com/track.js?v=9.999
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 604eea713faef1ae8dafc0224112e662
89f4a04f3088b7fdb308cd0af944a38c6ed99c2b
3905c65876c7b7c1f0a8efae5c758b100d3903c2f94e7177285e898c80eb10f2
Analyzer Verdict Alert fortinet Malware
GET /track.js?v=9.999 HTTP/1.1
Host: trick.cofounderspecials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 22:08:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 29 Jul 2022 15:36:49 GMT
ETag: W/"5b0-5e4f36b22e013"
Content-Encoding: gzip
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash c291e1ffbd415795e7b2a43263e0976d
dc9f47b7d53de57981087087e2a148c3439b2402
a61b9d2f2a9b8fff88f70ea8f94094f43a4487aa39c7090509bb74486a2d558d
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 22:08:05 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 10:55:04 GMT
Expires: Wed, 30 Nov 2022 10:55:03 GMT
Etag: "dc9f47b7d53de57981087087e2a148c3439b2402"
Cache-Control: max-age=391017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb3715db20b06-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash c291e1ffbd415795e7b2a43263e0976d
dc9f47b7d53de57981087087e2a148c3439b2402
a61b9d2f2a9b8fff88f70ea8f94094f43a4487aa39c7090509bb74486a2d558d
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 22:08:05 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 10:55:04 GMT
Expires: Wed, 30 Nov 2022 10:55:03 GMT
Etag: "dc9f47b7d53de57981087087e2a148c3439b2402"
Cache-Control: max-age=391017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb3721f80b4ee-OSL
profitcrow.com/wp-content/uploads/2021/12/Hue_Saturation-1.png
162.213.255.22200 OK 275 kB URL HTTP/2 profitcrow.com/wp-content/uploads/2021/12/Hue_Saturation-1.png
IP 162.213.255.22:0
File type PNG image data, 1920 x 825, 8-bit/color RGBA, non-interlaced\012- data
Size 275 kB (274736 bytes)
Hash 8148085f8be86c27e55ac1ebfcede4f3
8614958426bd898d140fccded6f498621e0c2a67
c46f0a60b61fa9a29497ba2780a5d8d6a0156bd8854dc9750c1d02dc758f62aa
GET /wp-content/uploads/2021/12/Hue_Saturation-1.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
content-type: image/png
last-modified: Fri, 24 Dec 2021 05:34:49 GMT
accept-ranges: bytes
content-length: 274736
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
away.cdnbestplatform.com/go.php?id=9677-22-5680954-11
91.211.91.104200 OK 414 B URL HTTP/2 away.cdnbestplatform.com/go.php?id=9677-22-5680954-11
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 2195bef4e17d775027cbb80db63e6f18
1a4ccabbd3b9d4048a70c2bbba0e9911b6081a16
4773d2081026ee36a5f87fc0a2b9c257d1b44b23d67b8187fcb9c031eeadcfe5
Analyzer Verdict Alert fortinet Malware
GET /go.php?id=9677-22-5680954-11 HTTP/1.1
Host: away.cdnbestplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:06 GMT
content-type: text/html; charset=UTF-8
content-length: 414
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf
162.213.255.22200 OK 203 kB URL HTTP/2 profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf
IP 162.213.255.22:0
File type TrueType Font data, 13 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size 203 kB (202744 bytes)
Hash 605ed7926cf39a2ad5ec2d1f9d391d3d
c1b9fae262f42868c075ac865a8ab34920e20a2c
3d06af1f31cd83ace7a265a014b8fb5dee15770ecac8f7a55555190e627e03c2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447; trainmeassyst=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:06 GMT
content-type: font/ttf
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-length: 202744
date: Fri, 25 Nov 2022 22:08:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash f6baf0707fffd4d9553fa938ae7f5b6d
cf088fb3165e3c98f6009db1d5dd4410095cc01f
366fadc9ddd844f08d7221f39a82b1d11f30f4e60c16b0a6c413f9ce59b2d327
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "366FADC9DDD844F08D7221F39A82B1D11F30F4E60C16B0A6C413F9CE59B2D327"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 04:08:07 GMT
Date: Fri, 25 Nov 2022 22:08:07 GMT
Connection: keep-alive
blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
185.177.94.108200 OK 53 kB URL HTTP/2 blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (29334)
Hash 4f71824f663aeaca1fe5c429583d7ed1
752c61875bc0159c6f250d121037208e15c40d3b
f898c854c4dbc1d57ab9b9e0f7c37ac5c0d49e61dd64e9d384f9a9d929bcfe60
GET /?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17 HTTP/1.1
Host: blueskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:07 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; expires=Sun, 25-Dec-2022 22:08:07 GMT; Max-Age=2592000; path=/; domain=blueskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
freeserv-static.dukascopy.com/2.0/v/0.42.63/runboard/runboard.css
104.22.7.183200 OK 8.1 kB URL HTTP/2 freeserv-static.dukascopy.com/2.0/v/0.42.63/runboard/runboard.css
IP 104.22.7.183:0
File type ASCII text, with very long lines (32370), with no line terminators
Hash 097f20cd8af38062abcfd6d605b4806b
8205885c03337b589441595cf670963cc4183650
a7d3c5bcaffd1bbb13cf27fbb8c53e6d037da63edbae23114dcd5706e71717b0
GET /2.0/v/0.42.63/runboard/runboard.css HTTP/1.1
Host: freeserv-static.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/css
last-modified: Tue, 03 May 2022 08:54:50 GMT
vary: Accept-Encoding
etag: W/"6270edda-7e72"
expires: Tue, 29 Nov 2022 16:08:47 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 280758
server: cloudflare
cf-ray: 76fdb373afa7fac8-OSL
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/2022/03/rm373batch4-07-11.png
162.213.255.22200 OK 33 kB URL HTTP/2 profitcrow.com/wp-content/uploads/2022/03/rm373batch4-07-11.png
IP 162.213.255.22:0
File type PNG image data, 1920 x 1477, 8-bit colormap, non-interlaced\012- data
Hash e1a901c26fadecf3957e9727cb284195
eeb0dd0b74e04b8fa4d2b99e3816a2739d2ab94b
8c4dbb37efe743ca182a1499329cd0e3926138f5079a07951653d128e489273c
GET /wp-content/uploads/2022/03/rm373batch4-07-11.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 07:14:13 GMT
accept-ranges: bytes
content-length: 98678
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
api.stockdio.com/visualization/financial/charts/v1/HistoricalPrices?app-key=F533042BF81842ADBF5DA2F24C79C4A6&symbol=AAPL÷nds=true&splits=true&palette=Financial-Light
34.232.23.18200 OK 39 kB URL HTTP/2 api.stockdio.com/visualization/financial/charts/v1/HistoricalPrices?app-key=F533042BF81842ADBF5DA2F24C79C4A6&symbol=AAPL÷nds=true&splits=true&palette=Financial-Light
IP 34.232.23.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (697), with CRLF line terminators
Hash 9ba5d142e000263fa4aaf9e9c37a4854
2ff4634251b004860087bcb69d48a547b20d41d5
9925b12681abed6d2e1ae8543c705e2f2cf70ff7a69f79ab34149d9d98be1cae
GET /visualization/financial/charts/v1/HistoricalPrices?app-key=F533042BF81842ADBF5DA2F24C79C4A6&symbol=AAPL÷nds=true&splits=true&palette=Financial-Light HTTP/1.1
Host: api.stockdio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/html; charset=utf-8
content-length: 67777
set-cookie: AWSALB=dxTWw/NWL51e/q8woKZP85fllJLD9v5q4rFrNQuIvz7caEE5Jo5lYvK/LpOKv1G/G5SF4r5jYzxBuopbCtN4HqmmvDB31L6fI+dA5PEW8BJoJmJ0a753IGMXOJRP; Expires=Fri, 02 Dec 2022 22:08:05 GMT; Path=/
AWSALBCORS=dxTWw/NWL51e/q8woKZP85fllJLD9v5q4rFrNQuIvz7caEE5Jo5lYvK/LpOKv1G/G5SF4r5jYzxBuopbCtN4HqmmvDB31L6fI+dA5PEW8BJoJmJ0a753IGMXOJRP; Expires=Fri, 02 Dec 2022 22:08:05 GMT; Path=/; SameSite=None; Secure
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2
0.blueskymotions.net/favicon.ico
185.177.94.108204 No Content 0 B URL HTTP/2 0.blueskymotions.net/favicon.ico
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.blueskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 22:08:07 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
dn9.biz/sw/w1s.js
195.154.50.108200 OK 1.4 kB IP 195.154.50.108:0
Hash 34c00cf5443febeae48dc3c896896d69
ce1d1d13e299e89fe868e917f48a92b82a1363b3
793861760be013eec01e380fcc6b939e702437cfa71e43a67cba51c243dfc903
GET /sw/w1s.js HTTP/1.1
Host: dn9.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 25 Nov 2023 22:08:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9353d5dba23feea61e9b68966f4849b0
1a2ea1b32eea8d3c2e20f0e12ebd03656b6d591a
1613886e84406dcc6b175b2273d8bb1a58b035d16ed71fe53a65386b21247f03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1613886E84406DCC6B175B2273D8BB1A58B035D16ED71FE53A65386B21247F03"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sat, 26 Nov 2022 01:06:29 GMT
Date: Fri, 25 Nov 2022 22:08:09 GMT
Connection: keep-alive
freeserv.dukascopy.com/2.0/?path=realtime_sentiment_index/index&liquidity=consumers&type=swfx&showPairs=true&showCurrencies=true&availableInstruments=l%3AEUR/USD%2CGBP/USD%2CUSD/CHF%2CUSD/JPY%2CAUD/USD%2CXAU/USD%2CE_SandP-500%2CE_Brent&availableCurrencies=AUD%2CCAD%2CCHF%2CGBP%2CJPY%2CNZD%2CUSD%2CEUR&headingColor=%23000000&dateColor=%23000000&bgColor=%23ffffff&width=940&height=535&adv=popup
194.8.15.120200 OK 0 B URL HTTP/2 freeserv.dukascopy.com/2.0/?path=realtime_sentiment_index/index&liquidity=consumers&type=swfx&showPairs=true&showCurrencies=true&availableInstruments=l%3AEUR/USD%2CGBP/USD%2CUSD/CHF%2CUSD/JPY%2CAUD/USD%2CXAU/USD%2CE_SandP-500%2CE_Brent&availableCurrencies=AUD%2CCAD%2CCHF%2CGBP%2CJPY%2CNZD%2CUSD%2CEUR&headingColor=%23000000&dateColor=%23000000&bgColor=%23ffffff&width=940&height=535&adv=popup
IP 194.8.15.120:0
ASN #41623 Dukascopy Bank SA
GET /2.0/?path=realtime_sentiment_index/index&liquidity=consumers&type=swfx&showPairs=true&showCurrencies=true&availableInstruments=l%3AEUR/USD%2CGBP/USD%2CUSD/CHF%2CUSD/JPY%2CAUD/USD%2CXAU/USD%2CE_SandP-500%2CE_Brent&availableCurrencies=AUD%2CCAD%2CCHF%2CGBP%2CJPY%2CNZD%2CUSD%2CEUR&headingColor=%23000000&dateColor=%23000000&bgColor=%23ffffff&width=940&height=535&adv=popup HTTP/1.1
Host: freeserv.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
0.blueskymotions.net/?auf=mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx&s=1&sub1=&sub2=dfastspeed17&sub3=&sub4=&cpc=0&cpm=0
185.177.94.108200 OK 0 B URL HTTP/2 0.blueskymotions.net/?auf=mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx&s=1&sub1=&sub2=dfastspeed17&sub3=&sub4=&cpc=0&cpm=0
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
GET /?auf=mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx&s=1&sub1=&sub2=dfastspeed17&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: 0.blueskymotions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:08 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; expires=Sun, 25-Dec-2022 22:08:08 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
freeserv-static.dukascopy.com/2.0/v/0.42.63/rsindex/rsindex.css
104.22.7.183200 OK 0 B URL HTTP/2 freeserv-static.dukascopy.com/2.0/v/0.42.63/rsindex/rsindex.css
IP 104.22.7.183:0
GET /2.0/v/0.42.63/rsindex/rsindex.css HTTP/1.1
Host: freeserv-static.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/css
last-modified: Tue, 03 May 2022 08:54:50 GMT
vary: Accept-Encoding
etag: W/"6270edda-4718"
expires: Fri, 02 Dec 2022 13:56:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 29500
server: cloudflare
cf-ray: 76fdb373bfb7fac8-OSL
X-Firefox-Spdy: h2
scripts.bettershitecolumn.com/sort.js?v=100
91.211.91.104200 OK 0 B URL HTTP/2 scripts.bettershitecolumn.com/sort.js?v=100
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Analyzer Verdict Alert fortinet Malware
GET /sort.js?v=100 HTTP/1.1
Host: scripts.bettershitecolumn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 31 Aug 2022 20:23:49 GMT
vary: Accept-Encoding
etag: W/"630fc355-92c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
new.weatherplllatform.com/stick.js?v=7.77.7
91.211.91.114200 OK 0 B URL HTTP/2 new.weatherplllatform.com/stick.js?v=7.77.7
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
Analyzer Verdict Alert fortinet Malware
GET /stick.js?v=7.77.7 HTTP/1.1
Host: new.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 06 Nov 2022 00:27:12 GMT
vary: Accept-Encoding
etag: W/"6366ff60-a40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
simple.cofounderspecials.com/strong.js?v=4.40
91.211.91.114200 OK 0 B URL HTTP/2 simple.cofounderspecials.com/strong.js?v=4.40
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
GET /strong.js?v=4.40 HTTP/1.1
Host: simple.cofounderspecials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 26 Sep 2022 14:52:14 GMT
vary: Accept-Encoding
etag: W/"6331bc9e-920"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/2022/03/stock-market-graph-financial-data-electronic-board-laptop-screen1.png
162.213.255.22200 OK 0 B URL HTTP/2 profitcrow.com/wp-content/uploads/2022/03/stock-market-graph-financial-data-electronic-board-laptop-screen1.png
IP 162.213.255.22:0
GET /wp-content/uploads/2022/03/stock-market-graph-financial-data-electronic-board-laptop-screen1.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 07:12:45 GMT
accept-ranges: bytes
content-length: 162283
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
dn9.biz/sw/w1s.js
195.154.50.108200 OK 0 B IP 195.154.50.108:0
GET /sw/w1s.js HTTP/1.1
Host: dn9.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blueskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:07 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 25 Nov 2023 22:08:07 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
profitcrow.com/
162.213.255.22200 OK 0 B IP 162.213.255.22:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
set-cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447; expires=Fri, 02-Dec-2022 22:08:03 GMT; Max-Age=604800; path=/; secure
content-type: text/html; charset=UTF-8
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
freeserv.dukascopy.com/2.0/?path=fxmarkethours/index&showHeader=false&displayMainMenu=true&displayTimezoneChange=true&displayInstrumentChange=true&displaySpreadIndicator=true&displayVolumeIndicator=true&displayVolatilityIndicator=true&displayFollowButton=true&allowTimezoneChange=true&allowInstrumentChange=true&defaultTimezone=0&showIndicator=0&defaultFollowMode=false&worldMapColor=red&hoursBackground=%23444f5f&hoursActiveBackground=%237d92b0&hoursTextColor=%23ffffff¤tHourBGColor=%23f9fdff&dstHourColor=%230cf6ff&indicatorBarColor=%235090c6&graphPointsColor=%23ffffff&spreadTopGraphColor=%23208c1c&spreadBottomGraphColor=%23dc0e0e&volatilityGraphColor=%23146fba&availableInstruments=l%3A&instrument=EUR/USD&width=743&height=466&adv=popup&lang=en
194.8.15.120200 OK 0 B URL HTTP/2 freeserv.dukascopy.com/2.0/?path=fxmarkethours/index&showHeader=false&displayMainMenu=true&displayTimezoneChange=true&displayInstrumentChange=true&displaySpreadIndicator=true&displayVolumeIndicator=true&displayVolatilityIndicator=true&displayFollowButton=true&allowTimezoneChange=true&allowInstrumentChange=true&defaultTimezone=0&showIndicator=0&defaultFollowMode=false&worldMapColor=red&hoursBackground=%23444f5f&hoursActiveBackground=%237d92b0&hoursTextColor=%23ffffff¤tHourBGColor=%23f9fdff&dstHourColor=%230cf6ff&indicatorBarColor=%235090c6&graphPointsColor=%23ffffff&spreadTopGraphColor=%23208c1c&spreadBottomGraphColor=%23dc0e0e&volatilityGraphColor=%23146fba&availableInstruments=l%3A&instrument=EUR/USD&width=743&height=466&adv=popup&lang=en
IP 194.8.15.120:0
ASN #41623 Dukascopy Bank SA
GET /2.0/?path=fxmarkethours/index&showHeader=false&displayMainMenu=true&displayTimezoneChange=true&displayInstrumentChange=true&displaySpreadIndicator=true&displayVolumeIndicator=true&displayVolatilityIndicator=true&displayFollowButton=true&allowTimezoneChange=true&allowInstrumentChange=true&defaultTimezone=0&showIndicator=0&defaultFollowMode=false&worldMapColor=red&hoursBackground=%23444f5f&hoursActiveBackground=%237d92b0&hoursTextColor=%23ffffff¤tHourBGColor=%23f9fdff&dstHourColor=%230cf6ff&indicatorBarColor=%235090c6&graphPointsColor=%23ffffff&spreadTopGraphColor=%23208c1c&spreadBottomGraphColor=%23dc0e0e&volatilityGraphColor=%23146fba&availableInstruments=l%3A&instrument=EUR/USD&width=743&height=466&adv=popup&lang=en HTTP/1.1
Host: freeserv.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/2021/12/financial-data.png
162.213.255.22200 OK 0 B URL HTTP/2 profitcrow.com/wp-content/uploads/2021/12/financial-data.png
IP 162.213.255.22:0
GET /wp-content/uploads/2021/12/financial-data.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
content-type: image/png
last-modified: Wed, 29 Dec 2021 04:37:03 GMT
accept-ranges: bytes
content-length: 1313979
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
freeserv.dukascopy.com/2.0/?path=intraday_movers_and_shakers/index&headingColor=%23000000&dateColor=%23000000&valueColor=%23000000&bgColor=%23ffffff&width=100%25&height=100%25&adv=popup
194.8.15.120200 OK 0 B URL HTTP/2 freeserv.dukascopy.com/2.0/?path=intraday_movers_and_shakers/index&headingColor=%23000000&dateColor=%23000000&valueColor=%23000000&bgColor=%23ffffff&width=100%25&height=100%25&adv=popup
IP 194.8.15.120:0
ASN #41623 Dukascopy Bank SA
GET /2.0/?path=intraday_movers_and_shakers/index&headingColor=%23000000&dateColor=%23000000&valueColor=%23000000&bgColor=%23ffffff&width=100%25&height=100%25&adv=popup HTTP/1.1
Host: freeserv.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
freeserv-static.dukascopy.com/2.0/v/0.42.63/rsindex/rsindex.js
104.22.7.183200 OK 0 B URL HTTP/2 freeserv-static.dukascopy.com/2.0/v/0.42.63/rsindex/rsindex.js
IP 104.22.7.183:0
GET /2.0/v/0.42.63/rsindex/rsindex.js HTTP/1.1
Host: freeserv-static.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: application/javascript
last-modified: Tue, 03 May 2022 08:54:50 GMT
vary: Accept-Encoding
etag: W/"6270edda-20e97"
expires: Fri, 02 Dec 2022 13:56:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 29500
server: cloudflare
cf-ray: 76fdb373bfbafac8-OSL
X-Firefox-Spdy: h2
freeserv.dukascopy.com/2.0/index.php?path=common/translation&lang=en
194.8.15.120200 OK 0 B URL HTTP/2 freeserv.dukascopy.com/2.0/index.php?path=common/translation&lang=en
IP 194.8.15.120:0
ASN #41623 Dukascopy Bank SA
GET /2.0/index.php?path=common/translation&lang=en HTTP/1.1
Host: freeserv.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/2.0/?path=fxmarkethours/index&showHeader=false&displayMainMenu=true&displayTimezoneChange=true&displayInstrumentChange=true&displaySpreadIndicator=true&displayVolumeIndicator=true&displayVolatilityIndicator=true&displayFollowButton=true&allowTimezoneChange=true&allowInstrumentChange=true&defaultTimezone=0&showIndicator=0&defaultFollowMode=false&worldMapColor=red&hoursBackground=%23444f5f&hoursActiveBackground=%237d92b0&hoursTextColor=%23ffffff¤tHourBGColor=%23f9fdff&dstHourColor=%230cf6ff&indicatorBarColor=%235090c6&graphPointsColor=%23ffffff&spreadTopGraphColor=%23208c1c&spreadBottomGraphColor=%23dc0e0e&volatilityGraphColor=%23146fba&availableInstruments=l%3A&instrument=EUR/USD&width=743&height=466&adv=popup&lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
profitcrow.com/wp-content/uploads/2022/03/financial-data.png
162.213.255.22200 OK 0 B URL HTTP/2 profitcrow.com/wp-content/uploads/2022/03/financial-data.png
IP 162.213.255.22:0
GET /wp-content/uploads/2022/03/financial-data.png HTTP/1.1
Host: profitcrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
content-type: image/png
last-modified: Tue, 29 Mar 2022 07:10:26 GMT
accept-ranges: bytes
content-length: 217808
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
dn9.biz/sw/w1s.js
62.210.10.215200 OK 0 B IP 62.210.10.215:0
GET /sw/w1s.js HTTP/1.1
Host: dn9.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:09 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 25 Nov 2023 22:08:09 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
freeserv-static.dukascopy.com/2.0/core.js
104.22.7.183200 OK 0 B URL HTTP/2 freeserv-static.dukascopy.com/2.0/core.js
IP 104.22.7.183:0
GET /2.0/core.js HTTP/1.1
Host: freeserv-static.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 22:08:04 GMT
content-type: application/javascript
last-modified: Thu, 01 Aug 2019 13:33:11 GMT
vary: Accept-Encoding
etag: W/"5d42ea17-6e6"
expires: Mon, 28 Nov 2022 17:10:15 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 363469
server: cloudflare
cf-ray: 76fdb3690b35fac8-OSL
X-Firefox-Spdy: h2
freeserv.dukascopy.com/2.0/?path=runboard/index&instruments=EUR/USD%2CUSD/JPY%2CGBP/USD%2CEUR/JPY%2CGBP/JPY%2CUSD/CAD%2CXAU/USD%2CAUD/USD%2CUSD/CHF%2CNZD/USD%2CE_Brent%2CE_SandP-500%2CE_DJE50XX%2CE_N225Jap&showDelta=true&showDeltaPercent=true&animationSpeed=100000&fontSize=12&fontFamily=Verdana%2C%20Geneva%2C%20sans-serif&instrumentColor=%23666666&priceColor=%23000000&delimeterColor=%230000FF&bgColor=%23FFFFFF&width=100%25&padding=30px&height=30&adv=popup
194.8.15.120200 OK 0 B URL HTTP/2 freeserv.dukascopy.com/2.0/?path=runboard/index&instruments=EUR/USD%2CUSD/JPY%2CGBP/USD%2CEUR/JPY%2CGBP/JPY%2CUSD/CAD%2CXAU/USD%2CAUD/USD%2CUSD/CHF%2CNZD/USD%2CE_Brent%2CE_SandP-500%2CE_DJE50XX%2CE_N225Jap&showDelta=true&showDeltaPercent=true&animationSpeed=100000&fontSize=12&fontFamily=Verdana%2C%20Geneva%2C%20sans-serif&instrumentColor=%23666666&priceColor=%23000000&delimeterColor=%230000FF&bgColor=%23FFFFFF&width=100%25&padding=30px&height=30&adv=popup
IP 194.8.15.120:0
ASN #41623 Dukascopy Bank SA
GET /2.0/?path=runboard/index&instruments=EUR/USD%2CUSD/JPY%2CGBP/USD%2CEUR/JPY%2CGBP/JPY%2CUSD/CAD%2CXAU/USD%2CAUD/USD%2CUSD/CHF%2CNZD/USD%2CE_Brent%2CE_SandP-500%2CE_DJE50XX%2CE_N225Jap&showDelta=true&showDeltaPercent=true&animationSpeed=100000&fontSize=12&fontFamily=Verdana%2C%20Geneva%2C%20sans-serif&instrumentColor=%23666666&priceColor=%23000000&delimeterColor=%230000FF&bgColor=%23FFFFFF&width=100%25&padding=30px&height=30&adv=popup HTTP/1.1
Host: freeserv.dukascopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2