Overview

URL elitefinancinggroup.com/
IP104.21.40.235
ASNCLOUDFLARENET
Location
Report completed2022-09-21 05:35:08 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-21 2 elitefinancinggroup.com/ Phishing
2022-09-21 2 www.elitefinancinggroup.com/ Phishing
2022-09-21 2 www.elitefinancinggroup.com/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (17)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-20 12:21:15 UTC 35.82.13.103
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-21 04:08:37 UTC 23.36.77.32
mnemonic passive DNS elitefinancinggroup.com (1) 0 2014-10-17 23:10:05 UTC 2022-09-20 16:36:08 UTC 172.67.140.1 Unknown ranking
mnemonic passive DNS cdn2.editmysite.com (12) 11564 2012-10-02 18:27:39 UTC 2022-09-21 04:28:02 UTC 151.101.85.46
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-20 22:30:14 UTC 142.250.74.164
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-20 13:42:45 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-21 04:08:37 UTC 143.204.55.35
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-21 04:07:23 UTC 93.184.220.29
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-20 23:23:28 UTC 216.58.207.234
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-20 04:47:45 UTC 142.250.74.3
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-20 04:47:04 UTC 34.117.237.239
mnemonic passive DNS www.elitefinancinggroup.com (2) 0 2017-01-29 08:05:29 UTC 2022-09-16 21:38:02 UTC 104.21.40.235 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-21 00:49:48 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-20 20:31:37 UTC 143.204.55.115
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-21 04:08:37 UTC 52.36.24.174
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-21 04:19:08 UTC 142.250.74.72


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.40.235

Date UQ / IDS / BL URL IP
2022-11-26 15:47:17 +0000
0 - 0 - 5 quartzfiles.com/show.php 104.21.40.235
2022-11-25 14:35:05 +0000
0 - 0 - 4 quartzfiles.com/show.php 104.21.40.235
2022-11-05 19:26:19 +0000
0 - 0 - 86 quartzfiles.com/show.php?l=0&u=917826&id=3955 (...) 104.21.40.235
2022-10-25 21:29:43 +0000
0 - 0 - 2 quartzfiles.com/show.php 104.21.40.235
2022-10-23 09:53:13 +0000
0 - 0 - 4 quartzfiles.com/show.php 104.21.40.235

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 09:20:25 +0000
0 - 0 - 2 sitebox.site/dating/e11/ 172.67.206.11
2022-12-04 09:18:28 +0000
0 - 0 - 2 superdeals.pro/sweeps/de/aldi/1/ 104.21.17.65
2022-12-04 09:17:09 +0000
0 - 0 - 2 customizeme.shop/snf/7f29a1786da43a4e59afa5a6 (...) 104.21.48.249
2022-12-04 09:17:05 +0000
0 - 0 - 3 www.customizeme.shop/snf/7f29a1786da43a4e59af (...) 104.21.48.249
2022-12-04 09:15:13 +0000
0 - 0 - 2 sercieskontenserces.art/app?686409629812/tV0a (...) 104.21.12.105

Last 5 reports on domain: elitefinancinggroup.com

Date UQ / IDS / BL URL IP
2022-09-21 05:35:08 +0000
0 - 0 - 3 elitefinancinggroup.com/ 104.21.40.235
2022-09-15 04:37:30 +0000
0 - 0 - 3 elitefinancinggroup.com/ 104.21.40.235
2022-09-14 06:37:26 +0000
0 - 0 - 3 elitefinancinggroup.com/ 172.67.140.1
2022-09-09 16:42:25 +0000
0 - 0 - 3 elitefinancinggroup.com/ 104.21.40.235
2022-09-06 18:45:31 +0000
0 - 0 - 4 elitefinancinggroup.com/ 104.21.40.235

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-15 04:37:30 +0000
0 - 0 - 3 elitefinancinggroup.com/ 104.21.40.235
2022-09-14 06:37:26 +0000
0 - 0 - 3 elitefinancinggroup.com/ 172.67.140.1
2022-09-09 16:42:25 +0000
0 - 0 - 3 elitefinancinggroup.com/ 104.21.40.235
2022-09-06 18:45:31 +0000
0 - 0 - 4 elitefinancinggroup.com/ 104.21.40.235
2022-09-04 21:52:22 +0000
0 - 0 - 4 elitefinancinggroup.com/ 172.67.140.1


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (46)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7450
Expires: Wed, 21 Sep 2022 07:39:06 GMT
Date: Wed, 21 Sep 2022 05:34:56 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 05:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zFt_onGzmNaAZfLDIlmF_4OOdoXY0OfSe9LETfqHVwYlWGcIEaVexQ==
Age: 1284


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LzNP-b2i0bhFx6gi8aozcj15DL9K8Ycf52RNGfSLwsx-bOmdg-XOKA==
age: 3584
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: elitefinancinggroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.140.1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 21 Sep 2022 05:34:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.elitefinancinggroup.com/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dejtQStOcjhUj7bb0xXW1wCzVxN3nHUYTGgAOpVzFw73WvQqQr%2B8RPAM2%2BtHBuGcuPUZ7J%2BwU38Gn%2Fy2bSK%2F7OPyb40SH4%2FBBmM0S0oEhkiom4j%2BqSYxItfTeebyP%2FhRHRu8GDR44uvOw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e06f44bda0b527-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   243
Md5:    2cb7d82399ba94ef6483d8fe9ebb259c
Sha1:   0ee8fa583f51af26b6802ad903d14915a116b68b
Sha256: 373a08790336ada8181697cb050cd82ada0938f88cb46f33c064e9c0bd316b79

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 21 Sep 2022 05:34:57 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 05:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 05:38:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _wnDwfkR15xOiGig7F8-qKmRZ_YNh94xqn3kuZRDkR5R2U89_UYhVw==
Age: 1895


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: www.elitefinancinggroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.40.235
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 21 Sep 2022 05:34:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: is_mobile=0; path=/; domain=www.elitefinancinggroup.com
Vary: X-W-SSL,User-Agent
Location: https://www.elitefinancinggroup.com/
X-Host: blu56.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYngsdWHwekW7%2Fu0jQhrFGO0Z9SbqAiHRCaI%2Fba8LHBJTNUhzypwFLAT4eS24SOm%2FRwvMpX5zQj%2BD2zvXo0GNIs93vRGQLbf21eTSycwizjzG7VvEGSmMalt7yA3eJscK8OGppE65n%2Fw5GgeQGA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e06f46fcca0af6-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   390
Md5:    2d43ffd89f4c751e4e87a99b1cbaa59b
Sha1:   94408b92c40673504c124a67e7e5db13c49b6d46
Sha256: d258c520aac0df12141af3078021d1571e0f9394b0af31c058e4e75d03789be6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5239
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 05:34:57 GMT
Last-Modified: Wed, 21 Sep 2022 04:07:38 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: clFCGnsRmID1Oh1hVdC/YQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.36.24.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5Dc2Eoa3Q0MTQxKRfIZ5zafgF5Q=

                                        
                                            GET /css/old/fancybox.css?1663173998 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:19:04 GMT
etag: "6321fef8-f47"
expires: Wed, 28 Sep 2022 16:49:07 GMT
cache-control: max-age=1209600
x-host: grn17.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:58 GMT
age: 564352
x-served-by: cache-sjc10078-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 596
x-timer: S1663738498.375170,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /css/social-icons.css?buildtime=1663173998 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:18:59 GMT
etag: W/"6321fef3-3319"
expires: Wed, 28 Sep 2022 16:49:05 GMT
cache-control: max-age=1209600
x-host: blu41.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:58 GMT
age: 564352
x-served-by: cache-sjc10060-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 160
x-timer: S1663738498.377712,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1640
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1640
Md5:    fd938feb72b773e2087a7c3ed2545d99
Sha1:   c26a26748a555b5963be1b3d952aa2185e4ca02a
Sha256: 5c0d2f42235a0d5ab1d73d46165560d5fb6acbad10d58d6d91750e447efe2f56
                                        
                                            GET /fonts/Raleway/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-6b1"
expires: Thu, 22 Sep 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: grn98.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:58 GMT
age: 1078037
x-served-by: cache-sjc10057-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 67
x-timer: S1663738498.378318,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 318
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   318
Md5:    2ad8307758bc44c36781537e65c682df
Sha1:   d11b12c6899d51858b94a1e244c1de96ff9ebec6
Sha256: 86d13d47326e5c4024a04dc04c67a7d084a86c4ab5384446a4ee5981aa730540
                                        
                                            GET /fonts/Lora/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:44 GMT
etag: "631a2868-6aa"
expires: Thu, 22 Sep 2022 18:06:24 GMT
cache-control: max-age=1209600
x-host: blu26.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:58 GMT
age: 1078113
x-served-by: cache-sjc10069-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 9
x-timer: S1663738498.378996,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 321
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   321
Md5:    73bc8f5c36181a89bab4c7388c6e964b
Sha1:   a1489dba52342bcb09ae18bb2c71805489ac2c6a
Sha256: ffe360dfb861aaf517a2bea4dd5dcb9615073984186f2e3bd4a49b00871b776d
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1663173998 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:19:21 GMT
etag: "6321ff09-8250f"
expires: Wed, 28 Sep 2022 16:49:03 GMT
cache-control: max-age=1209600
x-host: blu106.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:58 GMT
age: 564356
x-served-by: cache-sjc10071-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1663738498.375109,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158930
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32007)
Size:   158930
Md5:    f740fdfbcf394f270a9b176029fa6f37
Sha1:   5f20c49627104282744508eb0278d7185128532e
Sha256: 3021f0f944c9bd7c6e995601f25b3d970e0bd41f9a411f08b2871bb5415a8707
                                        
                                            GET / HTTP/1.1 
Host: www.elitefinancinggroup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.40.235
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 21 Sep 2022 05:34:58 GMT
set-cookie: is_mobile=0; path=/; domain=www.elitefinancinggroup.com language=en; expires=Wed, 05-Oct-2022 05:34:58 GMT; Max-Age=1209600; path=/
vary: X-W-SSL,Accept-Encoding,User-Agent
cache-control: private
x-host: grn49.sf2p.intern.weebly.net
x-ua-compatible: IE=edge,chrome=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIcW3WnVvjuussavs7YVRNFVzL%2B%2F0LI3QF%2FTs6TA5n8hMY7LooISu8zw3TeJlBJ7AHSARqgGB8FWbstWSahJ76RLtvgX4mwNU7OpAYnjzfhyuL021rKv1Mjy1Fojfp4hMaS0RfYP7aVzAWG3Rm4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e06f497b16b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1374), with CRLF, LF line terminators
Size:   38540
Md5:    22d23427b88c913674685e4e84c594ae
Sha1:   821fd14d4053026dc32a695a129f9d1d5539fef5
Sha256: a25df7fbbc3e3abd71b335a70925c9e274322db967421b9f0d08d88828bc9973

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/lang/en/stl.js?buildTime=1663173998& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:18:05 GMT
etag: "6321febd-2c4a6"
expires: Wed, 28 Sep 2022 16:49:02 GMT
cache-control: max-age=1209600
x-host: grn86.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:58 GMT
age: 564355
x-served-by: cache-sjc10060-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 823
x-timer: S1663738498.378273,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32828
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32828
Md5:    9a49c00a13898c31cb9ae140287b524d
Sha1:   79aa80ae3e30b6f4ea929e6e118b16c68db216c2
Sha256: 7d4c52ebfd0e158669a414ec9c2ee33a1296b20d59370d8b3193c1ec81a9ec35
                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.234
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 09:37:50 GMT
expires: Sun, 17 Sep 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 331028
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10199
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 05:34:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10199
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 05:34:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10199
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 05:34:59 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   5972
Md5:    1d6e3b3d3aada3ee8f3f5f539d89d1bd
Sha1:   a59f3ac6070d1326e3298cbab5bcab36dd7fa0cb
Sha256: 498ad86d642c0d6cd4f053e2c5904d32bc45804c322daacb2e6ce1bf59423447
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10199
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 05:34:59 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 25782
etag: "09bd3300d710c3212483159f8398b84cde09da26"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7507
Md5:    4d98acc059a69d51165fb5e0c7430ea3
Sha1:   09bd3300d710c3212483159f8398b84cde09da26
Sha256: 6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 36987
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11333
Md5:    ef1fc51c51dd451366244ff0959b44e9
Sha1:   a9328cc38f80c9508e3bc5351eee5e7d41449046
Sha256: c155ecb64269fc43a377505277daa3a978b4aebf67b6bef44f6cf508f344d875
                                        
                                            GET /fonts/Raleway/regular.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elitefinancinggroup.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-5320"
expires: Thu, 22 Sep 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: blu93.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:59 GMT
age: 1078038
x-served-by: cache-sjc10058-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 2
x-timer: S1663738499.110127,VS0,VE0
access-control-allow-origin: *
content-length: 21280
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Size:   21280
Md5:    16911581ab7ea10687a5aee74cbc5612
Sha1:   b0b24248345739209d753a4ac77ccfc1f627b219
Sha256: c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5a64d4-8802-4886-ab88-03c39eb96f1a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5174
x-amzn-requestid: 19cef827-7a71-4789-ae2f-03861f7d65c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YsvkiG9BoAMFqRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63282c83-695865cd7f0a236300a179cb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 08:46:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pt-UpDrev8YQvpm0E3xWMpkUSsxo80_jlCq1jJ0ePrpLb9rE7_kQ8w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:45:39 GMT
age: 24560
etag: "cf334c1fc3191c5dcafaa2df55f62a10e16fda69"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5174
Md5:    5a21b393fc4213d090f794f3eeee2333
Sha1:   cf334c1fc3191c5dcafaa2df55f62a10e16fda69
Sha256: 43553a352e6d7c8108bd5152d1c949d8acfb922344a00f8c77c986e2d8f665d9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7383
x-amzn-requestid: 32b97df0-b979-4e80-a54f-cae77affc915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy2sHJ_oAMF0bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31c4-2c6db6e21fa1db233a4c1f49;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgtMqpEEGh4T-E7vTcy_XhKVaoN9trQ_gtoxx1igk62zYATMmZBQCA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:30 GMT
age: 28409
etag: "96048f054243b5a13f14ab3dd9f4a0f3f2e0feae"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7383
Md5:    681b3e236c8b9bc524d935af247ec72b
Sha1:   96048f054243b5a13f14ab3dd9f4a0f3f2e0feae
Sha256: aaa2f649fd336f89b3c0fc1d9226f8763f5a8cd850826a7f0819ebe7414fbf2a
                                        
                                            GET /fonts/Lora/regular.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elitefinancinggroup.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:44 GMT
etag: "631a2868-4b1c"
expires: Thu, 22 Sep 2022 18:06:28 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:59 GMT
age: 1078110
x-served-by: cache-sjc10031-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663738499.112422,VS0,VE1
access-control-allow-origin: *
content-length: 19228
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19228, version 1.0\012- data
Size:   19228
Md5:    4de1acb111366ff5358a27c36bfff049
Sha1:   3e746862c43c9bf6080efa2e67985c6017013db1
Sha256: df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: huvZVDXGF4n0xe8WcPyCtzH4E4UzNo4xprREMsCnwi0aTDhsRWVFhg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:30 GMT
age: 28409
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9574
Md5:    eff7103898a5102e685ce6741cdf19f8
Sha1:   3371965b4417ee0b74a3a5094adfc1632d4849b1
Sha256: c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 07:21:22 GMT
age: 80017
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12654
Md5:    f7b780d39877eea116277625aaa01f1b
Sha1:   d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
Sha256: ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
                                        
                                            GET /fonts/Lora/bold.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elitefinancinggroup.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:44 GMT
etag: "631a2868-4af4"
expires: Thu, 22 Sep 2022 18:07:38 GMT
cache-control: max-age=1209600
x-host: grn142.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:59 GMT
age: 1078041
x-served-by: cache-sjc10053-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663738499.115430,VS0,VE1
access-control-allow-origin: *
content-length: 19188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19188, version 1.0\012- data
Size:   19188
Md5:    e11506fd2abfb28d6c9ed844cc9ca385
Sha1:   03c49d153b54686e55a2467777ba44bc8c53505b
Sha256: 491eefcabd598d637352eaed5bc4293acf7518aec5396cafed85458c10dbbcd6
                                        
                                            GET /fonts/Raleway/bold.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elitefinancinggroup.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-53c0"
expires: Thu, 22 Sep 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: grn75.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:59 GMT
age: 1078038
x-served-by: cache-sjc10074-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-timer: S1663738499.120004,VS0,VE1
access-control-allow-origin: *
content-length: 21440
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21440, version 1.0\012- data
Size:   21440
Md5:    94fafbcc94523bdae26461e70966bae3
Sha1:   2225772fffa5f225d427cbcf27348c5eed29dcd2
Sha256: 80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:18:50 GMT
etag: "6321feea-124fe"
expires: Thu, 29 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:59 GMT
age: 507378
x-served-by: cache-sjc10051-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 4850
x-timer: S1663738499.237116,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:34:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?_=1663738499280 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Wed, 21 Sep 2022 05:34:59 GMT
date: Wed, 21 Sep 2022 05:34:59 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   556
Md5:    27b68162c75bebb4dacf518c46e974d5
Sha1:   99abc7e3e02891bec5de3dda3cb18a6f865f82bc
Sha256: 93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:34:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:34:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 21 Sep 2022 04:29:20 GMT
expires: Wed, 21 Sep 2022 06:29:20 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
age: 3939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:34:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.elitefinancinggroup.com
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
age: 604650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (581)
Size:   157726
Md5:    6519c7c04cf32a57b1c5ee45a73c233e
Sha1:   4939bb921988e9eb13780cc2244f3099776e9bfb
Sha256: 8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:34:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 05:34:59 GMT
Last-Modified: Wed, 21 Sep 2022 03:53:37 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FYe_F5PcOMxImncsYXATb2lL7mDsnka6CckA4SbWVYjw7n2wwjUOMQ==
Age: 6082

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 05:34:59 GMT
Last-Modified: Wed, 21 Sep 2022 04:26:18 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9F-w9RLhLYB2KI2OFpAt38VnEzH6z9RYzjOXO0HDevUTShXiNoP5jA==
Age: 4121

                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.elitefinancinggroup.com/
Origin: https://www.elitefinancinggroup.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.82.13.103
HTTP/2 200 OK
                                        
date: Wed, 21 Sep 2022 05:34:59 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.elitefinancinggroup.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2

                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1797
Origin: https://www.elitefinancinggroup.com
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.82.13.103
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Wed, 21 Sep 2022 05:35:00 GMT
content-length: 2
server: nginx
set-cookie: sp=73033f9c-e083-47c7-866c-e574c9a1e432; Expires=Thu, 21 Sep 2023 05:35:00 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.elitefinancinggroup.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /js/site/main.js?buildTime=1663173998 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elitefinancinggroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:19:21 GMT
etag: "6321ff09-74804"
expires: Wed, 28 Sep 2022 16:49:03 GMT
cache-control: max-age=1209600
x-host: grn112.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:34:58 GMT
age: 564354
x-served-by: cache-sjc10046-SJC, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663738498.375143,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---