r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10018
Expires: Sat, 04 Feb 2023 08:52:26 GMT
Date: Sat, 04 Feb 2023 06:05:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e051e6e01b12b9ad6e0014603f93431a
ada9efe77054d8593f2687fb3a7eada8908ef7e8
c41be8ffe176ca674efb0588164fdfd237754c6b5b461f8f46387b96ae7d6090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41BE8FFE176CA674EFB0588164FDFD237754C6B5B461F8F46387B96AE7D6090"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19835
Expires: Sat, 04 Feb 2023 11:36:03 GMT
Date: Sat, 04 Feb 2023 06:05:28 GMT
Connection: keep-alive
westfinancier.com/ways-we-can-help
199.188.200.197301 Moved Permanently 707 B URL HTTP/1.1 westfinancier.com/ways-we-can-help
IP 199.188.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /ways-we-can-help HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 04 Feb 2023 06:05:28 GMT
server: LiteSpeed
location: https://westfinancier.com/ways-we-can-help
x-turbo-charged-by: LiteSpeed
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:43:35 GMT
content-type: application/json
age: 1313
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14435
Expires: Sat, 04 Feb 2023 10:06:03 GMT
Date: Sat, 04 Feb 2023 06:05:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9e7H8hL0Ut0ZO6sGCmgSzk4arGMrXYiAnLLzEEvjQf+EhV3tQkL9PhN713JZP7oTvO+U8aqnx/c=
x-amz-request-id: 8BAEDJ0D9CAFJ27E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 05:23:52 GMT
age: 2496
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:05:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 05:49:07 GMT
age: 981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 14d2ba75d2069aa33eb721f629c74111
834a317ffeec2831e06126c4f642933b49196abd
7571c4ae3f80456190617bbe1cf50c5de4b4caef786971e6e7d39c29eb161ae9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:05:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 06:25:26 GMT
Expires: Fri, 10 Feb 2023 06:25:25 GMT
Etag: "834a317ffeec2831e06126c4f642933b49196abd"
Cache-Control: max-age=518995,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794136ff89d40b55-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18174
Expires: Sat, 04 Feb 2023 11:08:23 GMT
Date: Sat, 04 Feb 2023 06:05:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 00:57:21 GMT
expires: Sun, 04 Feb 2024 00:57:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 18488
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 200199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.121.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.121.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9A38rbXoQzQ4pZfGcorBrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9HwAibGhvZyMjf9kHb7JhzXlIQc=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0
142.250.74.106200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0
IP 142.250.74.106:0
File type ASCII text, with very long lines (2452)
Hash 89488850fb6e4c3bc591e91d4baf077d
e5f067467d2f54781181d5ceeb7cf934019e940e
2575984172e3732795ace79d0a8793b712d811a0252ca4a8d1f7ec0b13bac601
GET /maps/api/js?key=AIzaSyCa6w23do1qZsmF1Xo3atuFzzMYadTuTu0 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sat, 04 Feb 2023 06:05:29 GMT
expires: Sat, 04 Feb 2023 06:35:29 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53188
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=31
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
westfinancier.com/etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css
199.188.200.197200 OK 61 kB URL HTTP/2 westfinancier.com/etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css
IP 199.188.200.197:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 85b922a872fcfc356ab0d21fdd0d9cb8
be9abb0551d48a628f24797de2d45f89409fbea1
fb486d811e5ccf0bb9c026e31979824b2389e28e591759c43693804956ac11b4
GET /etc/clientlib-default.min.001bf72e86ac4a5150822ce748c8d0ae.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:06:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 61375
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/animate.css
199.188.200.197200 OK 2.8 kB URL HTTP/2 westfinancier.com/css/animate.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 18a9bb4df8aa6f105fb3472edd491b2d
a324fc80cec8d49aa3d521fc65dc98d96534e49c
ac7d458eb8794a7669f499221e8f47ee2a0f01376acbf14c681e32cab34cc199
GET /css/animate.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2789
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/font-awesome.min.css
199.188.200.197200 OK 6.6 kB URL HTTP/2 westfinancier.com/css/font-awesome.min.css
IP 199.188.200.197:0
File type ASCII text, with very long lines (30858), with CRLF line terminators
Hash 7a7527d44adf86765fe1d7e751d50658
d6268a0b4f2467570a150d76e5c42e562135a738
83ef0a0be90e7ed1b12ab8a8ed9f099521f5727e50cc7101e5065c617c078be0
GET /css/font-awesome.min.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6647
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/owl.carousel.min.css
199.188.200.197200 OK 791 B URL HTTP/2 westfinancier.com/css/owl.carousel.min.css
IP 199.188.200.197:0
File type ASCII text, with very long lines (2846), with CRLF line terminators
Hash 95b4fe23b999f10faafa1216bf43be99
474c7d2a0306e84fd7dff79f07d01337d14c7873
0a7f3620e6041ae6479fb42f15b9e42cf7397ce9ed3fb315893b233a5dae1ece
GET /css/owl.carousel.min.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 791
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/filterizer.css
199.188.200.197200 OK 296 B URL HTTP/2 westfinancier.com/css/filterizer.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 00140bea10f691dfef8c6a3883255443
bac766ec02f309ad9e5108ae8e4c36ff1bf9f5af
d51a17bc3e282fc2e59ca1ea9f82176d4578fcd4c5e28c98fdd21df980ce4559
GET /css/filterizer.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:11:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 296
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/inc/lightbox/css/jquery.fancybox.css
199.188.200.197200 OK 1.3 kB URL HTTP/2 westfinancier.com/inc/lightbox/css/jquery.fancybox.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 0d4358d55ad90b90fd20c3d990382066
2494a8cbc69bf3d7614e7c02668accae26147d16
349fbe631dd7f44f25ffb865329bae087b572faccf04b7858f34569d668baa41
GET /inc/lightbox/css/jquery.fancybox.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:07:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1295
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/bootstrap-4-navbar.css
199.188.200.197200 OK 654 B URL HTTP/2 westfinancier.com/css/bootstrap-4-navbar.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash a111093adb5ff88374f2a9ffde32030f
a57274095b2ce6dd993cb543757c75bb87e74d96
16afe8b7615213e683dc6489a3f7ac2400dec861aa72784d6ce20509a6a9b25c
GET /css/bootstrap-4-navbar.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 654
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/bootstrap.min.css
199.188.200.197200 OK 19 kB URL HTTP/2 westfinancier.com/css/bootstrap.min.css
IP 199.188.200.197:0
File type ASCII text, with very long lines (65319), with CRLF line terminators
Hash e32054386bce60d80c4e540ac061f8c1
8d5cc382dfb1dd3c5263f92d4d885557ec2419a4
3a59ba1b697e12b398f0d92d245cb905277fdf727b867f2ba109dd34c00073f8
GET /css/bootstrap.min.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19049
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/owl.theme.default.min.css
199.188.200.197200 OK 336 B URL HTTP/2 westfinancier.com/css/owl.theme.default.min.css
IP 199.188.200.197:0
File type ASCII text, with very long lines (846), with CRLF line terminators
Hash 589c8779b05e475ec342595ea1fef2c3
5beb287f858c8b7516cb838341fc1e8393d4d509
fbbfa2ec74fef5e7483c07d0a1a957115a14d727bf287c95209c72de103f3639
GET /css/owl.theme.default.min.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 336
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/fakeLoader.css
199.188.200.197200 OK 1.3 kB URL HTTP/2 westfinancier.com/css/fakeLoader.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash d14416da972d86447756dc41ffe1a0d3
9474160f098fc4761f8e2ddb65d4fe846f6c713b
438e9971ea2ef7cc7a18e7fe37f795557a3771d2895330feec6072edfaaf401b
GET /css/fakeLoader.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1286
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/style.css
199.188.200.197200 OK 14 kB URL HTTP/2 westfinancier.com/style.css
IP 199.188.200.197:0
File type ASCII text, with very long lines (491), with CRLF line terminators
Hash 6d71b7d2961913bc3f049d18a4e330a4
b2a5292a6136ad3646ca987f60e42dce5a478c6e
f7512951241b5f2d8b17131d0c1f90b2903ee82c391272598505a0be38ef32ec
GET /style.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:11:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14136
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/responsive.css
199.188.200.197200 OK 2.4 kB URL HTTP/2 westfinancier.com/css/responsive.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 643e670e8cb971069eba329f33006207
d2776832c455db8a5746cef5dbe6986025e5b003
59627cb47ff0159565b67ac0782bc5590d1e6166414ccb46a034662f7feb1920
GET /css/responsive.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:11:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2440
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/sweetalert.css
199.188.200.197200 OK 3.5 kB URL HTTP/2 westfinancier.com/css/sweetalert.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash b3a7ec0287467a3c352557e01b56766c
183198886baee8a97782314d5f4e4accdc811472
e88c075b66a55042eab55c25d0cf47853cd3ec9436b321bde7125d99ec6a7d7f
GET /css/sweetalert.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:11:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3492
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/toastr.css
199.188.200.197200 OK 2.9 kB URL HTTP/2 westfinancier.com/css/toastr.css
IP 199.188.200.197:0
File type Unicode text, UTF-8 text, with very long lines (821), with CRLF line terminators
Hash 4cfdc74b9d3668e76b1ea9d9bb027d81
9bc2a18bb94313b0f41aa1137044fc06ba4db63c
f60250769192a7f1f59f53dec2b5fc295272908a8a1b1ef5228d09e096415d6d
GET /css/toastr.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2936
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/color/color-switcher.css
199.188.200.197200 OK 2.7 kB URL HTTP/2 westfinancier.com/color/color-switcher.css
IP 199.188.200.197:0
File type ASCII text, with very long lines (4431), with CRLF line terminators
Hash 88bc42a7af979952f6b41b669ccc8973
f323163ced10172f1ad9b86f4e9ee9ca4975e98f
7cda679723e91e0b6aaac1af5595f1ca89e17404178687ecc397e5f987e9a19a
GET /color/color-switcher.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:11:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2684
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/css/customcss.css
199.188.200.197200 OK 89 B URL HTTP/2 westfinancier.com/css/customcss.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash e74cc393f0eb1c928a61f4a905587645
111baad88be18649c64139557f83fdb0053cc2dc
3905954654fa396aa0b64496f1394d11e2f932fcf7a2aecfc70d3cf0f6c58a93
GET /css/customcss.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:12:00 GMT
accept-ranges: bytes
content-length: 89
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/color/default.css
199.188.200.197200 OK 1.9 kB URL HTTP/2 westfinancier.com/color/default.css
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash a741fa6b334b0c208ff9ad132c95916b
8eda05699ded277378877d119cdcffa224429968
09742605c8403ec5a98953acb9a654d83047b01f5ae3d2da0171fadabb4cec43
GET /color/default.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:11:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1899
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/blog-8.jpg
199.188.200.197200 OK 31 kB URL HTTP/2 westfinancier.com/images/blog-8.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x511, components 3\012- data
Hash 804b8e44e1c43286f78b89a422c9a620
93c2a2097512c6949df2e0b6de0f3d0b1338266e
d8bf28bd319981ed47b5d871397b837f84f311716fdb0ab92c3686103bfd285c
GET /images/blog-8.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:07:14 GMT
accept-ranges: bytes
content-length: 31177
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/bootstrap.min.js
199.188.200.197200 OK 13 kB URL HTTP/2 westfinancier.com/js/bootstrap.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (50395), with CRLF line terminators
Hash ee4c93001e687f8e408fa47774885caa
c74894a0484263851b49c9035207a37a76dcba28
7543d05257a2025e5cf0c3ce8b5dfd5fb21ab112c6c7f5a34e9a2f8a0752728d
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13372
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/wow.min.js
199.188.200.197200 OK 2.6 kB URL HTTP/2 westfinancier.com/js/wow.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (8385), with CRLF line terminators
Hash f101be151d34fc6aa063c15fca9424c7
e07274f12af2ebac7e04cd43c406054b041da795
769d7bb6f79a961d1292584985c450a0bbe1c2e3f8bb2cca160e4d66222dae3b
Analyzer Verdict Alert fortinet Phishing
GET /js/wow.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2576
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/jquery.counterup.min.js
199.188.200.197200 OK 503 B URL HTTP/2 westfinancier.com/js/jquery.counterup.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (917), with CRLF line terminators
Hash aad91b6956f87fd9f1d6c54f12c9bed3
22dcf0fea95e79845bb12b10cb00e5c8047484b7
3d9d14026801c521fb952c372d425f52662a86fd7c15421fe6f701f46a86a4cf
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.counterup.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 503
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/waypoints.min.js
199.188.200.197200 OK 2.5 kB URL HTTP/2 westfinancier.com/js/waypoints.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash ad6b080ac59ba98eef5f14bf994ba2fd
40560927d531a59fa0cbdc24a5855951a3988f08
68b703a9aa76b7583d1d22f051f026652bebeaa98307da5b3c8e5d437f7923c1
Analyzer Verdict Alert fortinet Phishing
GET /js/waypoints.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2469
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/jquery.filterizr.min.js
199.188.200.197200 OK 3.6 kB URL HTTP/2 westfinancier.com/js/jquery.filterizr.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (12034), with no line terminators
Hash 2d75690f93c23abf43e40dece2dddad9
0ef25a395ef5a97fdbbd60744f91fe2ce4c02425
999e7d27c7c7e615837ecd37a25708b297b00cc9ba30ad0bd94bcffaaab5fff4
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.filterizr.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3628
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
199.188.200.197200 OK 11 kB URL HTTP/2 westfinancier.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
IP 199.188.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2395)
Hash e79a1b4d4f95d99ecfce673d4c835106
f4de7c61b35ff70e1a623810ee35f82a8488fcf6
5da9d306e7d7755bf656e5556ec6e1c2607d2dd752add45b2a39e59fe5bcaba3
Analyzer Verdict Alert fortinet Phishing
GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 10771
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/site.min.css
199.188.200.197200 OK 51 kB URL HTTP/2 westfinancier.com/site.min.css
IP 199.188.200.197:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 0ea2b093cdb39b8d85b60acbd316e4c7
c59ef340a358bc2d60f0e54ebe65d67b1ec5201e
2762a1f212eb36596b65c4983843b30b02bc5c2f576571128d50fa48504e564d
GET /site.min.css HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 20:11:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50816
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/cdn.weglot.com/weglot.min.js
199.188.200.197200 OK 17 kB URL HTTP/2 westfinancier.com/cdn.weglot.com/weglot.min.js
IP 199.188.200.197:0
File type Unicode text, UTF-8 text, with very long lines (48054), with no line terminators
Hash 2ac2db647d1744f101ad5bd4e2cab866
aae72108fd2cd56ef723d7931b6977f8b2126de2
c4dff0bbd1ebced80c93d816063e791f05e8cb441291e9e01b8f92936f4e537f
Analyzer Verdict Alert fortinet Phishing
GET /cdn.weglot.com/weglot.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:11:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16944
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12176
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:05:30 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12176
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:05:30 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12176
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:05:30 GMT
Connection: keep-alive
westfinancier.com/images/blog-6.jpg
199.188.200.197200 OK 42 kB URL HTTP/2 westfinancier.com/images/blog-6.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Hash dd8fc778f54121666896bc7e399323eb
4abc3d9b8bf97a9914d65807ef04a8e99b4ffa67
ebe230389404c32af8df72ddaabc5102477eea6693c1af9c53ebfdab12a7ab36
GET /images/blog-6.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:42 GMT
accept-ranges: bytes
content-length: 42180
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/blog-7.jpg
199.188.200.197200 OK 29 kB URL HTTP/2 westfinancier.com/images/blog-7.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Hash 58042d50e2139db5e3b4d265c1aab916
d100a0db9c6b7c011562be7b153252466ef18259
1230940cd7817047fb178deadc01b3900a3854089bf24c8f305f16ca8d30adf4
GET /images/blog-7.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:42 GMT
accept-ranges: bytes
content-length: 28606
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/blog-9.jpg
199.188.200.197200 OK 31 kB URL HTTP/2 westfinancier.com/images/blog-9.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 812x540, components 3\012- data
Hash a5c44207c57853163a53a23d43a89726
74a2a6a0ba70788bad4ca07e88aab235aa82289b
c1f74b20c558359aba86eacf49a3bb469f527b963161bbd68b3608ee27f7333d
GET /images/blog-9.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:07:22 GMT
accept-ranges: bytes
content-length: 30616
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 28068
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 28509
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 28509
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
age: 28509
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 28497
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:05 GMT
age: 29845
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
westfinancier.com/1.12.4/jquery.min.js
199.188.200.197200 OK 33 kB URL HTTP/2 westfinancier.com/1.12.4/jquery.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (32077), with CRLF line terminators
Hash 9d40be15d45339a82847b3c3935790eb
cbe728a7d5f3843c66f93b0be678d9ef01b9ab18
0c1cd434e908bd4ce993709b2c71794569f4b65801acb5446df05b08ed46d67e
Analyzer Verdict Alert fortinet Phishing
GET /1.12.4/jquery.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:11:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32859
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/owl.carousel.min.js
199.188.200.197200 OK 11 kB URL HTTP/2 westfinancier.com/js/owl.carousel.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (32000), with CRLF line terminators
Hash be26b2f07a169d833605ce6ed90b1844
e0b7ec790045bac6ac346d61cc5e2d0005a0ad62
2bce2ca4363721be8365f7375a4cde8f0a81fc47196bbb39c5f702ed2d84e103
Analyzer Verdict Alert fortinet Phishing
GET /js/owl.carousel.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10657
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/filterizer-controls.js
199.188.200.197200 OK 156 B URL HTTP/2 westfinancier.com/js/filterizer-controls.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 84319975d774d8cce907b74dbf17c595
44c54fced89a9c6e88ae3aa3f1bdf39064cd417d
2dd1b693dd30e6c45704c7fa07a4657a1f264c989b0d1c53f0c295a1aef11caa
Analyzer Verdict Alert fortinet Phishing
GET /js/filterizer-controls.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 156
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/inc/lightbox/js/jquery.fancybox.pack.js
199.188.200.197200 OK 8.3 kB URL HTTP/2 westfinancier.com/inc/lightbox/js/jquery.fancybox.pack.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (645), with CRLF line terminators
Hash 8364af7c752aa56484775138122ed134
a95e90e209c7fe20df31e76842ac80286d4f1bac
24e50d21a5188b62cffd194c22ddd735a6e7fd1416a6f54f175349cf9776a467
Analyzer Verdict Alert fortinet Phishing
GET /inc/lightbox/js/jquery.fancybox.pack.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8271
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/inc/lightbox/js/lightbox.js
199.188.200.197200 OK 481 B URL HTTP/2 westfinancier.com/inc/lightbox/js/lightbox.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 02dfb9a89e7e34ddabfe09510ea654b3
555cb20f3c3ea993f2b45d53665c34ab3e60324d
929a48177322072f9979487d6c20a0c32336b1df4da00bd24a5e6d397e0ad7b3
Analyzer Verdict Alert fortinet Phishing
GET /inc/lightbox/js/lightbox.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 481
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/fakeLoader.min.js
199.188.200.197200 OK 587 B URL HTTP/2 westfinancier.com/js/fakeLoader.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (2181), with no line terminators
Hash 0f8f5c895c96aaaae16caff67b081db0
eea8865077d920282ff7a51fdc586657344fac22
0cb307c91198e3aea9689f06cd7b72ecac082ff04a86eabfc242bd4bad51264b
Analyzer Verdict Alert fortinet Phishing
GET /js/fakeLoader.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 587
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/map.js
199.188.200.197200 OK 569 B URL HTTP/2 westfinancier.com/js/map.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash d43cd01fe53d640fb4c234090a427e30
a4db27160e131cbba028b677a72c10504754496a
e96670aaf2bfad4ee8da650c54575b5a3d9d4bd37bcaccc73629e83f6ff53bd0
Analyzer Verdict Alert fortinet Phishing
GET /js/map.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 569
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/scrolltopcontrol.js
199.188.200.197200 OK 1.5 kB URL HTTP/2 westfinancier.com/js/scrolltopcontrol.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 9546695663e09384de5a22ee1a3fc766
5161848c658cf9c449298b14222f25a98cb3623e
22a88002a9fed04858e692acf674bbffa58a0d36f227cc45f13a121e087393b9
Analyzer Verdict Alert fortinet Phishing
GET /js/scrolltopcontrol.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1487
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/jquery.sticky.js
199.188.200.197200 OK 2.3 kB URL HTTP/2 westfinancier.com/js/jquery.sticky.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 12a8da005766c9a8f18ea355304e1013
e84eb155cb1666af1e534e615f229e55a6bc0b28
89a5596d8b14359018d1aef4daadb6434352065704c74f54d61ef4cbf1ef14d1
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.sticky.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2318
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/color-switcher.js
199.188.200.197200 OK 593 B URL HTTP/2 westfinancier.com/js/color-switcher.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 661cd024ad17578285688aed85af57d9
e4802010a230c7512ed73c7d0f4c981cd5d18fe9
da54c9af570e1437d3ed1310c52323ad008ec490f5c403bc2c3561ca93f6a1d1
Analyzer Verdict Alert fortinet Phishing
GET /js/color-switcher.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 593
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/jquery.magnific-popup.min.js
199.188.200.197200 OK 7.0 kB URL HTTP/2 westfinancier.com/js/jquery.magnific-popup.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (20087), with CRLF line terminators
Hash cd77ebaa4544fc721b35a2c7f8ac06f2
54797d61a69f0f375e7484f9151fcffeabda919f
6481824a1cfa4ba748d3b4378dd1c648e7ea077a9131990c8efc9d7f301bfe48
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7046
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/bootstrap-4-navbar.js
199.188.200.197200 OK 408 B URL HTTP/2 westfinancier.com/js/bootstrap-4-navbar.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 4c0c382e5375b33e5634bbd76ce8afe9
e0cee88591317c0ff2761d60e97f680022551e30
585088fe8a34fbbbb475ceb05eb60e9eb25d665a684f78d2fb3f1f693691bb0b
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap-4-navbar.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 408
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/color-switcher-active.js
199.188.200.197200 OK 230 B URL HTTP/2 westfinancier.com/js/color-switcher-active.js
IP 199.188.200.197:0
File type ASCII text, with CRLF line terminators
Hash 671e2b6204e0ddb392c6912cc33ff48c
24497aafdac2676786f144e175c1dc38553a649b
8ea8125bdcaf740bb681b18c122ed8c4b3baec9fb8a55723ff1f028137508f8d
Analyzer Verdict Alert fortinet Phishing
GET /js/color-switcher-active.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 230
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/custom.js
199.188.200.197200 OK 1.6 kB URL HTTP/2 westfinancier.com/js/custom.js
IP 199.188.200.197:0
Hash 61b7dc702abd4a4269833c20245fa8a2
87b5917402b9c18efc85b253bcc71c8cc68bb615
a705fb53d40cd37bd1d3a81f15774b655faa392ac0a95791374c7a9d09a315b2
Analyzer Verdict Alert fortinet Phishing
GET /js/custom.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1622
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/visa1%20(2).png
199.188.200.197200 OK 37 kB URL HTTP/2 westfinancier.com/images/visa1%20(2).png
IP 199.188.200.197:0
File type PNG image data, 396 x 260, 8-bit/color RGBA, non-interlaced\012- data
Hash 049ce8bca6336a5a45e6aeec6b956dda
1e10b17f52f2780013f96c14ccd3ca2f6a66bd67
ae4d25e08e8c063c9b0a6c4dd39a43e0c9e99848b5180ce515eaa19cacd96d7f
GET /images/visa1%20(2).png HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/png
last-modified: Sat, 19 Feb 2022 20:07:08 GMT
accept-ranges: bytes
content-length: 37414
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/blog-1.jpg
199.188.200.197200 OK 42 kB URL HTTP/2 westfinancier.com/images/blog-1.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Hash bab4874be3238db6dab8c701f427a96f
d21d82a83b8bde19fd16ffea616f75ffe37e3a6e
202d5e31c8db7a1b0c9a8a75de061f53b357223d6c6e0afe8375bc2d0b98f217
GET /images/blog-1.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:07:10 GMT
accept-ranges: bytes
content-length: 41726
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/blog-4.jpg
199.188.200.197200 OK 51 kB URL HTTP/2 westfinancier.com/images/blog-4.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x370, components 3\012- data
Hash 355e149413ab293e1f8e76f1aab4559d
22acb164f38ae80fd8cd5d5984f9b4dadb6f11b2
82871af3cb7d32d68779917061f60538324f8262dd1a706448fccea0cf229386
GET /images/blog-4.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:07:22 GMT
accept-ranges: bytes
content-length: 50781
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/sweetalert.js
199.188.200.197200 OK 11 kB URL HTTP/2 westfinancier.com/js/sweetalert.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (40808), with no line terminators
Hash d7e78f52022130781f8ab56e5d2a3f30
8ea87e09e28af89bea8fb08785191e32e081f623
d389209f14d88a5601669701ca8ee3ab4d1c7c99ea5579ced8e461401bb41313
Analyzer Verdict Alert fortinet Phishing
GET /js/sweetalert.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11427
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/toastr.js
199.188.200.197200 OK 2.0 kB URL HTTP/2 westfinancier.com/js/toastr.js
IP 199.188.200.197:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c4bc820e9d3479c77a1a985ed041bde6
eac7aea85226e19264b05bfab128dae46bcfb9e8
74be51fdb33deedf9db9c06499ae9bf6e7aa263e103b8ea64eb54f2f79dd8ae1
Analyzer Verdict Alert fortinet Phishing
GET /js/toastr.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1996
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/js/jquery.bxslider.min.js
199.188.200.197200 OK 4.9 kB URL HTTP/2 westfinancier.com/js/jquery.bxslider.min.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (19040), with CRLF line terminators
Hash 7d0cfa25b69be39875d986b60b5417a5
da09c489beef3cfda4606cca3c3884c5a9a84794
049d52e8a0e609cff274af5499bbc32187ac6d79804745ef5d088a0262ae4600
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.bxslider.min.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4928
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
199.188.200.197200 OK 12 kB URL HTTP/2 westfinancier.com/etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (873), with CRLF line terminators
Hash f52002f2458e74e5c0bf4e0489528de7
3ca9c4e3b5153d1e59e1121a7ae6b57b26df4104
27af0c3412c95de439e4ca74114d17b13f4625045e55a08a44e9b8e33635cd53
Analyzer Verdict Alert fortinet Phishing
GET /etc/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:06:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11521
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/ways-we-can-help
199.188.200.197200 OK 63 kB URL HTTP/2 westfinancier.com/ways-we-can-help
IP 199.188.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2395)
Hash ecd63899cdd018a8d5ade67f25289759
1e61ff2f9a2bd52f8fa4157cd0ff6ef36d84a713
e701b302edb0d90879a2125f6aa73ba02c6eeef31551890eb45b6770958d9137
Analyzer Verdict Alert fortinet Phishing
GET /ways-we-can-help HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
set-cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/blog-5.jpg
199.188.200.197200 OK 78 kB URL HTTP/2 westfinancier.com/images/blog-5.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 971x649, components 3\012- data
Hash 69ce9bdf66f0c76eb1a80ef7baf41260
adfb7cd1a2f9a9b53d38cbef3b7f4e52b38fd170
75343815a2e8e1c48c82100b40b1bfb6e5b74b028e8b708d9db1efee89f646af
GET /images/blog-5.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:58 GMT
accept-ranges: bytes
content-length: 78295
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/logo.png
199.188.200.197200 OK 71 kB URL HTTP/2 westfinancier.com/logo.png
IP 199.188.200.197:0
File type PNG image data, 250 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash e665b4c6d7365cad9f43b5a67a8649b7
fec25c36e2377f3c4592e4ca551ceca89d2891fb
def244a1afb6bf5cdd4fab1625ddf5654e7dfce6517576777caaa6fbfa3bcbde
GET /logo.png HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/png
last-modified: Sat, 09 Jul 2022 08:03:59 GMT
accept-ranges: bytes
content-length: 70703
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/visa.png
199.188.200.197200 OK 72 kB URL HTTP/2 westfinancier.com/images/visa.png
IP 199.188.200.197:0
File type PNG image data, 403 x 261, 8-bit/color RGBA, non-interlaced\012- data
Hash e8270036c4afed927f6850600296fbee
12b0ee8ae9830d46926b24d2f2020e2716f85276
2b1713d31a3bf731afbba5a76a5eb8e7e00c0fe126bf5b971c29e586ebd75577
GET /images/visa.png HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/png
last-modified: Sat, 19 Feb 2022 20:51:16 GMT
accept-ranges: bytes
content-length: 72266
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/footerlogo.png
199.188.200.197200 OK 71 kB URL HTTP/2 westfinancier.com/footerlogo.png
IP 199.188.200.197:0
File type PNG image data, 250 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash a5c01d64220695e052a0da008a3c3df1
9a860a6840442c4512fe504342be88fb6298154c
fbce4f8f63c27e4d95a3ec38b773ea5d70ca002bbfdf4e738729f6b16fe21fa5
GET /footerlogo.png HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/png
last-modified: Sat, 09 Jul 2022 08:16:27 GMT
accept-ranges: bytes
content-length: 70703
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/b1.jpg
199.188.200.197200 OK 106 kB URL HTTP/2 westfinancier.com/images/b1.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x640, components 3\012- data
Size 106 kB (105550 bytes)
Hash 6be0a85a85a1ff0fb1026b53a11a1f70
b12974005bc57a523677ae27ebdd2384f9470004
efaba296ecc888b632df1fd42aaa1e2a608fc2a6cee52684539a5265dc181829
GET /images/b1.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:42 GMT
accept-ranges: bytes
content-length: 105550
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/couple-hiking-840.jpg
199.188.200.197200 OK 94 kB URL HTTP/2 westfinancier.com/images/couple-hiking-840.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2018:09:06 12:55:13], progressive, precision 8, 601x400, components 3\012- data
Hash fbd399a4fb4cfd05b5786d8608651760
332d3ad7975e78c48eeef929609adc63b0170aed
96927945a2f7fdcddc4ba1b97e5ee55ade5d16b05ce5a56123321cf47c62bb46
GET /images/couple-hiking-840.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:42 GMT
accept-ranges: bytes
content-length: 93653
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/Question-mark.jpg
199.188.200.197200 OK 91 kB URL HTTP/2 westfinancier.com/images/Question-mark.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1774x2365, components 3\012- data
Hash db34e90d64234eedf1530f4187547d80
c0e222b7c416438d4a7c7eff68c70448aeae8300
e6b1e3a4498fe376871c68a809d741fe3a828284b7a8715726770c7dee3562a5
GET /images/Question-mark.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:40 GMT
accept-ranges: bytes
content-length: 91165
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/bl-840.jpg
199.188.200.197200 OK 146 kB URL HTTP/2 westfinancier.com/images/bl-840.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2018:09:06 12:53:01], progressive, precision 8, 812x540, components 3\012- data
Size 146 kB (145862 bytes)
Hash 7312b8b13b3be58c8118fadb3f15c8a8
24fed7013a2d3459d8641f6231651c63ab49589d
c4249eb98c7fa39a43bb8cd1026497cda3112e9e320dfc001e508f47cb025b88
GET /images/bl-840.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:07:14 GMT
accept-ranges: bytes
content-length: 145862
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/visa2.png
199.188.200.197200 OK 215 kB URL HTTP/2 westfinancier.com/images/visa2.png
IP 199.188.200.197:0
File type PNG image data, 775 x 322, 8-bit/color RGBA, non-interlaced\012- data
Size 215 kB (215093 bytes)
Hash c2a5ff703b6e7c71f994eeb0f67ca40b
97095cd707e896c47b028e3b3d117d3057a71412
512678a6350d49dd9ee674adaa4b75e8548b04b740e502a3ccc63c3e9052b962
GET /images/visa2.png HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/png
last-modified: Sat, 19 Feb 2022 20:06:36 GMT
accept-ranges: bytes
content-length: 215093
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
westfinancier.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js
199.188.200.197200 OK 194 kB URL HTTP/2 westfinancier.com/etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js
IP 199.188.200.197:0
File type ASCII text, with very long lines (1421), with CRLF line terminators
Size 194 kB (193477 bytes)
Hash d504948a2988dc149c81fc7dcdf58a17
f642de73a7159d580f3b8f92f8f205a0c35703ca
3bd67837769bb7f949a12e2f723982b758f2c5665a5c8918b04998528251d2b0
Analyzer Verdict Alert fortinet Phishing
GET /etc/clientlib-all.min.2f2dbb3959c1dcdb1f3b1f52f1375b62.js HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: application/javascript
last-modified: Sat, 19 Feb 2022 20:06:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 193477
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/bg-2.jpg
199.188.200.197200 OK 69 kB URL HTTP/2 westfinancier.com/images/bg-2.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 570x370, components 3\012- data
Hash a5147fb69b0d501b6690f6548b1a9af6
7bfd9304ac9fd82aeaeb9e4e95ea9ba919149b28
3ff0e12658143c927418c8783fed132470717b9ea46c05536a4bc677c7690390
GET /images/bg-2.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/color/default.css
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:30 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:58 GMT
accept-ranges: bytes
content-length: 68737
date: Sat, 04 Feb 2023 06:05:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
142.250.74.35200 OK 4.3 kB URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
IP 142.250.74.35:0
File type ASCII text, with very long lines (23413), with no line terminators
Hash c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c
GET /_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:28:28 GMT
expires: Fri, 02 Feb 2024 18:28:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/css; charset=UTF-8
age: 128222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
westfinancier.com/images/bg-4.jpg
199.188.200.197200 OK 87 kB URL HTTP/2 westfinancier.com/images/bg-4.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Hash 4e630e7ac70b8485413ce35c6b375966
c188d6e67310b5b93b22debef7fdd0323c8d08d5
b3721db605cfd56e61cd25e1cfde2527226f0a528b03c480eaaebdba77384782
GET /images/bg-4.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/color/default.css
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:30 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:58 GMT
accept-ranges: bytes
content-length: 87406
date: Sat, 04 Feb 2023 06:05:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/bg-5.jpg
199.188.200.197200 OK 98 kB URL HTTP/2 westfinancier.com/images/bg-5.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Hash 7f096f50c88548931dd0df7831200e8b
30dc16e18926dd80bd73e3b4c291307f86d90b7e
861d9ce39e5a4852c9dbacb24a8f20a5121995414c8d0e431e1586689c4fccd2
GET /images/bg-5.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/color/default.css
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:30 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:07:08 GMT
accept-ranges: bytes
content-length: 97824
date: Sat, 04 Feb 2023 06:05:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html
199.188.200.197200 OK 77 kB URL HTTP/2 westfinancier.com/fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html
IP 199.188.200.197:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /fonts/fontawesome-webfont3e6e3e6e3e6e3e6e.html HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://westfinancier.com/css/font-awesome.min.css
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 19 Feb 2022 20:06:28 GMT
accept-ranges: bytes
content-length: 77160
date: Sat, 04 Feb 2023 06:05:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/images/bg-1.jpg
199.188.200.197200 OK 129 kB URL HTTP/2 westfinancier.com/images/bg-1.jpg
IP 199.188.200.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 944x689, components 3\012- data
Size 129 kB (128804 bytes)
Hash e197355547cbef209427632bd7b2b866
8f9da60df1b9b6014cad7e830a4cb6fd1fb4f225
7f7c832aa8b7cc957e2a58427a62e6add5f054a88b24e0693f3d7490ac17c689
GET /images/bg-1.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/color/default.css
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:30 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:42 GMT
accept-ranges: bytes
content-length: 128804
date: Sat, 04 Feb 2023 06:05:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
westfinancier.com/fonts/icomoon87f487f487f487f4.ttf
199.188.200.197200 OK 53 kB URL HTTP/2 westfinancier.com/fonts/icomoon87f487f487f487f4.ttf
IP 199.188.200.197:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash c0f9a8825c938a3f34c3699831427236
265e5236fd5361bc3b80cb169020caf619397680
93a180d6de5a94708086d7ceddd1dc5fc2795e503a9c2528e6f0a87fe59a6278
Analyzer Verdict Alert fortinet Phishing
GET /fonts/icomoon87f487f487f487f4.ttf HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/site.min.css
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:30 GMT
content-type: font/ttf
last-modified: Sat, 19 Feb 2022 20:06:26 GMT
accept-ranges: bytes
content-length: 52948
date: Sat, 04 Feb 2023 06:05:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.67200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 252812
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.67200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 320185
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.67200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 461011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.67200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 12:49:39 GMT
expires: Sun, 28 Jan 2024 12:49:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 580552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3ce1bc23c86ace6b4d4949b2224e9132
f851119c51f81bc066be434187579385fb01efa0
a557c7ae0ad294e00d85e6aa2b556ce3a64009127d159ebb9b98c83969ac39ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2927
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:31 GMT
Last-Modified: Sat, 04 Feb 2023 05:16:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
westfinancier.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
199.188.200.197200 OK 87 kB URL HTTP/2 westfinancier.com/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min
IP 199.188.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2395)
Hash e0a8f38cbb46381e245f7c3755890d4b
4839c108fe5036d168c2b5f23bcca2e5968d5d2d
a19f3e73790706fb49a260ccfaa95ebff5027f755c279472aabf50a8a13a5032
Analyzer Verdict Alert fortinet Phishing
GET /cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 06:05:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
embed.tawk.to/62c937907b967b117998bf89/1g7h0240k
172.67.38.66200 OK 934 B URL HTTP/2 embed.tawk.to/62c937907b967b117998bf89/1g7h0240k
IP 172.67.38.66:0
Hash ba65ba276cb281e2dbdf671ae389cca5
e4faa6e6d446e9dec905a0798197787abe5400e0
9f71e4e3c9792c53e700b30d31a21b70646209908843fb9424459d4f421b39ee
GET /62c937907b967b117998bf89/1g7h0240k HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:05:31 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941370f1e4fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
westfinancier.com/images/favicon.png
199.188.200.197200 OK 17 kB URL HTTP/2 westfinancier.com/images/favicon.png
IP 199.188.200.197:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 5bd783a1e2738e53d1c709bfe0d00a67
4a376b19571b0255bf7be6394339f0c55a7eb6c6
78fd9a426858401501ed389b7f438229d5e08f1eeee7b7e64446ea05e473af9a
GET /images/favicon.png HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:31 GMT
content-type: image/png
last-modified: Sat, 09 Jul 2022 08:06:41 GMT
accept-ranges: bytes
content-length: 17036
date: Sat, 04 Feb 2023 06:05:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f41704111b2b547c3d01ab8121f8ae3a
8965ab3869d7b1b0de705964e5b12c295e2acbf8
7239c1c731719d5e789e7af0207174477483b98d3f8faf92bf831225efa42fcf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4151
Cache-Control: max-age=127740
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 06:05:31 GMT
Etag: "63dd3570-1d7"
Expires: Sun, 05 Feb 2023 17:34:31 GMT
Last-Modified: Fri, 03 Feb 2023 16:25:20 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 471
col.eum-appdynamics.com//eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0A
44.237.103.14404 Not Found 0 B URL HTTP/2 col.eum-appdynamics.com//eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0A
IP 44.237.103.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //eumcollector/error.gif?version=1&appKey=AD-AAB-AAC-WHN&msg=M10%20%7C%20onerror%20%7C%20TypeError%3A%20wrong%20type%20of%20url%20value%2C%20number%20passed%20in%20but%20should%20be%20a%20string.&stack=g%2Ff%5Bd%5D%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A287%3A13%0Ad%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A299%3A6%0Af%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A335%3A61%0Af.prototype.Ac%2Fwindow.onerror%3C%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A352%3A153%0Ae.around%2F%3C%40https%3A%2F%2Fwestfinancier.com%2Fetc%2Fclientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js%3A222%3A13%0A HTTP/1.1
Host: col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 04 Feb 2023 06:05:31 GMT
content-length: 0
server: envoy
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
172.67.38.66200 OK 57 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
IP 172.67.38.66:0
File type ASCII text, with no line terminators
Hash 49f90fae3af1303eda174f5847273fda
e97a95b3157db4138419fd7f87152e394ff757be
5333b31f71ea7dc62796701199d8093603607d8b8b5e05593174fc1d23877829
GET /_s/v4/app/63b77dcd282/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:05:32 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79413713483cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash b114c84e8ebe20b37587130b62e5ed34
e9e65505f253003fbc0a86661f087f69897363ac
d6da4347a4c0cc8c976fccb36c24456953f36dcdcc8100fd0d3376ca559fb33e
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:05:34 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "58F326A250DCF0827EA5A6758ED1BAD7E22420AF"
Expires: Sat, 04 Feb 2023 17:00:00 GMT
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 140
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941371fdf87b51b-OSL
vsb107.tawk.to/s/?k=63ddf5adee771623a21269e5&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmM5Mzc5MDdiOTY3YjExNzk5OGJmODkiLCJ2aWQiOiI2MmM5Mzc5MDdiOTY3YjExNzk5OGJmODkta3BBSnExVHNib0w4Q01TZWlWbnZwIiwic2lkIjoiNjNkZGY1YWRlZTc3MTYyM2EyMTI2OWU1IiwiaWF0IjoxNjc1NDkwNzMzLCJleHAiOjE2NzU0OTI1MzMsImp0aSI6ImQ3MWN4d0tLLUVhaXZCMkhNVmNULSJ9.QL9-7OVKvNQhpTtmw1h_bEbcyGbnUufuFTfT5H1p80ORSiALH6BjzUsLQooqZ9wgaYMzbk--kLqIAak7qGYBFw&EIO=3&transport=websocket&__t=OOR23J6
104.22.25.131101 Switching Protocols 3.4 kB URL HTTP/1.1 vsb107.tawk.to/s/?k=63ddf5adee771623a21269e5&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmM5Mzc5MDdiOTY3YjExNzk5OGJmODkiLCJ2aWQiOiI2MmM5Mzc5MDdiOTY3YjExNzk5OGJmODkta3BBSnExVHNib0w4Q01TZWlWbnZwIiwic2lkIjoiNjNkZGY1YWRlZTc3MTYyM2EyMTI2OWU1IiwiaWF0IjoxNjc1NDkwNzMzLCJleHAiOjE2NzU0OTI1MzMsImp0aSI6ImQ3MWN4d0tLLUVhaXZCMkhNVmNULSJ9.QL9-7OVKvNQhpTtmw1h_bEbcyGbnUufuFTfT5H1p80ORSiALH6BjzUsLQooqZ9wgaYMzbk--kLqIAak7qGYBFw&EIO=3&transport=websocket&__t=OOR23J6
IP 104.22.25.131:0
Hash 7ecf8c0e89809a797f0b8fbdc1c062df
846b24cf07457d4377e443b50f98d6949acc211f
37e8223ca10dfe622a7ffbb7f9fe56abe4a977f6634c6f4cfb965c83168d638f
GET /s/?k=63ddf5adee771623a21269e5&cver=0&pop=false&asver=4&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmM5Mzc5MDdiOTY3YjExNzk5OGJmODkiLCJ2aWQiOiI2MmM5Mzc5MDdiOTY3YjExNzk5OGJmODkta3BBSnExVHNib0w4Q01TZWlWbnZwIiwic2lkIjoiNjNkZGY1YWRlZTc3MTYyM2EyMTI2OWU1IiwiaWF0IjoxNjc1NDkwNzMzLCJleHAiOjE2NzU0OTI1MzMsImp0aSI6ImQ3MWN4d0tLLUVhaXZCMkhNVmNULSJ9.QL9-7OVKvNQhpTtmw1h_bEbcyGbnUufuFTfT5H1p80ORSiALH6BjzUsLQooqZ9wgaYMzbk--kLqIAak7qGYBFw&EIO=3&transport=websocket&__t=OOR23J6 HTTP/1.1
Host: vsb107.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://westfinancier.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /tgWFORDgogCIVKSYxlt0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 04 Feb 2023 06:05:34 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: Dsid+mdTork2SBI6X/s8ze4mstQ=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7941371e8996b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 28058
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.142200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.142:0
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 06:05:29 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+771; expires=Mon, 03-Feb-2025 06:05:29 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:05:32 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794137134839b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:05:32 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79413713483bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:05:32 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794137133834b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:05:32 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"385105148a50079bafff97e9c9476109"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79413713483ab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://westfinancier.com
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 06:05:32 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79413713382eb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP 142.250.74.106:0
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 06:05:29 GMT
date: Sat, 04 Feb 2023 06:05:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,100i,300,400,400i,500,500i,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,100i,300,400,400i,500,500i,700
IP 142.250.74.106:0
GET /css?family=Roboto:100,100i,300,400,400i,500,500i,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 06:05:29 GMT
date: Sat, 04 Feb 2023 06:05:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
westfinancier.com/images/blog-2.jpg
199.188.200.197200 OK 0 B URL HTTP/2 westfinancier.com/images/blog-2.jpg
IP 199.188.200.197:0
GET /images/blog-2.jpg HTTP/1.1
Host: westfinancier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://westfinancier.com/ways-we-can-help
Cookie: PHPSESSID=5d2c7e54e445ac71e2faacb2407df58d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 Feb 2023 06:05:29 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 20:06:42 GMT
accept-ranges: bytes
content-length: 53321
date: Sat, 04 Feb 2023 06:05:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2