r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11600
Expires: Fri, 10 Feb 2023 06:08:16 GMT
Date: Fri, 10 Feb 2023 02:54:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84247d80b610d0c6da587141b21323ae
46461f8709d099f5295998f41aaafa5be4387ea6
bee5e9e0d7b4a24609950ceb40194bffb482c36152d376bb119e7cc3aba488dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEE5E9E0D7B4A24609950CEB40194BFFB482C36152D376BB119E7CC3ABA488DC"
Last-Modified: Thu, 09 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6774
Expires: Fri, 10 Feb 2023 04:47:50 GMT
Date: Fri, 10 Feb 2023 02:54:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 10 Feb 2023 02:34:17 GMT
content-type: application/json
age: 1239
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6795
Expires: Fri, 10 Feb 2023 04:48:11 GMT
Date: Fri, 10 Feb 2023 02:54:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d9tstRQjQWbi+fZtliHdka9m5iXoDJr6bqA9jzwJtppYOJUGzRxxeDfrvb1vZ/vz1Qpw4yYZEmg=
x-amz-request-id: JZ1VMWK12FVXJTGM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 10 Feb 2023 02:46:38 GMT
age: 498
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
personal-finance.xyz/ar-cards-l3/
172.67.203.132200 OK 4.5 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/
IP 172.67.203.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (339)
Hash 701915ed50cae9258279d46e0175fece
8e4c6984744c31064fe3fb4d75594ebb5bc31e79
8842f1b8ef8cae85030693ffa5c83030b339ee06d61ec532f0da635f6ad38071
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/ HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5W3NVzxp1Qj%2BHqWqSeXq3keR577Xi%2F3Lb5VGgseqCD4fYFP2PqOb5yOOZFenUWmPlRTCdq0a9PNfG3nS6LTqfGaGZmRFJG6pJWcW8q5ryy4fC0wvwUoMndTTnjLMFkNQYAsFXYi8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719022dab1fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 Feb 2023 02:54:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 764f6498bfc9fce44fcfaca97119697f
d285cc1f81ca9f23891ff68c2380e0f9e9e96e0c
8d1b5c3b41446c6b296d3a8c96bfdfca8f1a68cc8aa2008ea1b86a8194281f5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 Feb 2023 02:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 764f6498bfc9fce44fcfaca97119697f
d285cc1f81ca9f23891ff68c2380e0f9e9e96e0c
8d1b5c3b41446c6b296d3a8c96bfdfca8f1a68cc8aa2008ea1b86a8194281f5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 Feb 2023 02:54:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 10 Feb 2023 02:14:53 GMT
age: 2404
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
personal-finance.xyz/ar-cards-l3/css/template.css
172.67.203.132200 OK 946 B URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/css/template.css
IP 172.67.203.132:0
Hash 4a573fb4035db1d715a9ee688325f3b5
5185f8ceccfaf9c280f06171fee957d29b990b32
5052c01690544225c1dc2a9d487c340937590a3f97bc1152cc78df0e78705d3b
GET /ar-cards-l3/css/template.css HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"213b-tr6t+4aqL4gLS1SIOp6eTxnG1vo"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfojdXB%2FrVFzwS%2F39hL%2BCeRoY67bhKKjiqLnmRQvFdKHhXcXoOEqrBb5h4PqiYy8SZGqHSrZJF5nsApzJLe3ijAkANNC3mrh6EWXHywBjMc3cvuYVOh3h95twgcBPkBkqVv7UwuANA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719025af0db4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/css/reset.css
172.67.203.132200 OK 460 B URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/css/reset.css
IP 172.67.203.132:0
Hash d246c3fa7cd8ce8509632141aceecd35
e81e31f7750507761a8894931f9a63ff6715b748
ab60dd09b7f70dd83d27518f7278da0506de9d3132e3eabf22871d5e113b34ac
GET /ar-cards-l3/css/reset.css HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"334-vtbSNB5jv6mRyXkZAY7Cn5WEEAE"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewnFjuT%2B0WkXuHoCKHpv%2BsY3RH4MDQShxgPa8uP%2Fu%2FZdNymB4gxJtRdsdzh%2F0BxqSxAxQRw%2FG2ki%2BBeEYbFBQ5VBMchKRPUZjEZ3pnitth83NdTqE60sBmEAZiNNJ9lvQmT88UsoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719025ab25fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/css/style.css
172.67.203.132200 OK 3.4 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/css/style.css
IP 172.67.203.132:0
File type assembler source, ASCII text, with very long lines (668), with CRLF, LF line terminators
Hash 8b8dca80c11e2bc0fdaac62e0ce16f21
6adb9cb3f1861aff62b06631d76025793e144c7d
d87ae0f4fd6d78edfa9bf272a5c0dd8b3215c624d93a2755741534352386d088
GET /ar-cards-l3/css/style.css HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"405e-MWga7edQd0NDcXmZqy0Wb2RTXA4"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMv0ahGyK0Ataknib6NhnmjAeEAo5FR9JfH0eZ%2B9Y%2B%2Bs7bupXaqxMkz7eSB60%2BJKj16%2BacBFx7y2lYkMH0nRCz7XCiej2qqX2V%2FWnSYi8Rvaf96zhEq25%2FmHiKKqeZtFEMb7abmVbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719025ad7db51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Fri, 10 Feb 2023 04:03:38 GMT
Date: Fri, 10 Feb 2023 02:54:57 GMT
Connection: keep-alive
personal-finance.xyz/ar-cards-l3/css/index.css
172.67.203.132200 OK 3.4 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/css/index.css
IP 172.67.203.132:0
File type ASCII text, with very long lines (384), with CRLF, LF line terminators
Hash 23c5b0ca594f0ccf5a509b100cb24407
7aa621cf18ba75f45d9df227e795276eed2129a5
3b0e9b31b7de4ad2c1c517e48b3c39bd8078aedf071e054f83eaebe46411fba8
GET /ar-cards-l3/css/index.css HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"b9be-5theJXrAI/FhON+Pk0kbUvWDWQY"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9Lq3e0%2BmqETj0W2wYVt57J6Ztht6He6RUWpL%2FzKCT6ZHs%2FKBZrVHEQ2ZNHlV0ybGnSPt7Cfs5ESp0keBxY2s3LSZkqMFP7IKsB0txS5SHhaJ6JpIeFWPaL13hWxji9zDgPz8sAeyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719025ab40b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/js_1
172.67.203.132200 OK 92 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js_1
IP 172.67.203.132:0
File type ASCII text, with very long lines (1815)
Hash b972c59c42fc0de65372474b25b96a12
3bba3e74ccc4cc378b8c38d5b15403f5b8d64af2
2a068b73d768a8288390ada95cc85fbfb129fb480cef4affa212c76afa5dd893
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js_1 HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: application/octet-stream
Content-Length: 92331
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"168ab-O7o+dMzEzDeLjDjVsVQD9bjWSvI"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze4VuGBNrC1ZVPrt8VNBmupFjZhTw5LcfKWXWUjL1Dqqo%2FboOfg0dM%2F7869c3eDmOtgtYKSKwlytxgxyJMKvNEdLej8iQ4mrqTYhJA9iWgmE0PDc7FXHWBiXT9TcNpAPsLxpVKN0%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719025acebb4ff-OSL
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/js/jquery.js
172.67.203.132200 OK 30 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/jquery.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash 4045a2446d43c1b458e83dff3011a214
e68275891d72853b4e3ee88d215d216529bd0064
39182f573e83a5649cd59e075691a40e0742e5f149a2074b3830f16053cd259f
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/jquery.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"15147-eprmT0azxZqwZkjVaBQ0qJw9YFw"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3wccv8WnAGlW4yEcYnqNdBfyIzSWZKSKx28wa812SBEdQhE319TomxlJxRTqiuCM%2B6CkMKreApQJGjIQOe%2B2LTP4ZYSXiemG6FPZDIo8am8IxR%2B7D9RL0if3n%2Fbx4bw%2BxIgkcpaYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719025a8fbb503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/js/fv.js
172.67.203.132200 OK 1.9 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/fv.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (5053), with no line terminators
Hash d8ee9efbae037c2b6fe2a95eac9812b1
6c93c6d688b37c69bb68f5f8974dca00d6a47200
fd0f3dd1f599ba6cbaf304774ae42b034df48df8244fd482b70fc233691b4834
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/fv.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"13bd-gDoDg4ksadlKETjNTkzm5msSf5k"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gllsJByclX2JzV1nEGnQIIRJpGrn6AbpcgBts4cTM6A%2BxaMFx8V5V3PQvzmMuJshkaQuB5Re9yvOPhmWJCKtHO8rk6FAgs8QSt86rjd7dBDca0rt0Zj%2FWx0jbQsaTdUxaPqID7mBag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719028abb0fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/js/fv_1.js
172.67.203.132200 OK 1.9 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/fv_1.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (5053), with no line terminators
Hash d8ee9efbae037c2b6fe2a95eac9812b1
6c93c6d688b37c69bb68f5f8974dca00d6a47200
fd0f3dd1f599ba6cbaf304774ae42b034df48df8244fd482b70fc233691b4834
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/fv_1.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"13bd-gDoDg4ksadlKETjNTkzm5msSf5k"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChfvHz9DCKzmn%2FcxOiL8N1ElrQ8lixK9gobhlr7l5BQw%2FreQBpwcrLjssGZWCLHINyZIVY%2B7xb9dRyednqqEmn2Fv8OijAVtAqg1MpO3a6bJ0aR5gLrGSBj72FOb2k2h0voCWLB0sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7971902888beb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
35.80.120.72101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.120.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rHd92U/9waFvRSOvWuXXyw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eu8+j+CmzuaL/mlrYulv9pUhwLs=
personal-finance.xyz/ar-cards-l3/js/firebase-app.js
172.67.203.132200 OK 3.9 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/firebase-app.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (11292)
Hash 40c6b848f571338176270525c6112413
2a5c03c82fdcb42aaf2e71095fd7f30113c258ac
aacdcf3c74cf139f1a7749f436c985ed8bc7d542f1d04e3688622169e7874073
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/firebase-app.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2c46-1Ytgp/mknM/sKijr7sig/LY8tLg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1W61qRPh3m9G2tbaQJOvUzmM3B0x9htFgXJf4ObPxR%2FGuk9FMVw4KgFF3dcP0b7ejsxSkaYAiAgwWwwlanS7iCoDN75VldxHoVWSPwPqYL4k4CVeuJzkZWFH1YhHJg928w4ylzzKdw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719029ccfeb50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/js/mobile-detect.min.js
172.67.203.132200 OK 16 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/mobile-detect.min.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (32731)
Hash 9dcd2e1239e3c21d45667fd11c852182
8b950dafe74e56ec3a4fd27383ea963715ac7998
0037fcb2829075778be1407183aa0a8c2f90a0c875cb3c43a1fa232cbcf282b9
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/mobile-detect.min.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"9624-5TKQ5jJ6p1niey96Hdig/kbgLbw"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C33EsSTr7mrirrge%2Bz51Xkkbj06jCK2fKAoF4z61A9j7%2BmU5V29%2BvK8A8s2V%2FcjowjGGPNQfL%2BGX8%2F6lOMPwwzTo4r5QXQHO9ec243Wa%2BH2MeG87U01wlcQIuOQok1qoYflNxkNRyA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 797190295f08b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/js/notificationscript.js
172.67.203.132200 OK 3.6 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/notificationscript.js
IP 172.67.203.132:0
Hash 1d554e53687ba6b503589d76147524cf
28ce5f3a48dd276e252e5ed347371680fe3bd399
d5497c032d6306ae14f28cd14895cade48c1b7fbc9cb50e10cb59d149bf0db8d
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/notificationscript.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2e95-rh709ZrZl0hvaKMqwCvJV9J2Fo8"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n0bo3rFhftud%2F50P6xA0kro7%2FPIe56xTHXMKSD2voYrOeuI9nOeb5wUSbDG9L0gxrV3i70Dz8%2BwUDR14JXArDUAGVxDeMA%2FaIVlMBgUkZ7cfWpsvhSkNBEg0MmH8kxsEVOTKezT7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7971902acbfdfac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/js/firebase-messaging.js
172.67.203.132200 OK 8.7 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/firebase-messaging.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (32755)
Hash 53aecd5059f442225c986b71f8dacbee
1917c9cb6b2272996d3958f348ee12c7ff77f57b
0be2821ff9bc2c65833ee6ad6bb4429a68d68861f68cded5252632766c6cf729
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/firebase-messaging.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"8023-yqHR5NaDJ8IMYBtbm7bcNitNbfg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BMgOXARjgnk5yDltfN3on6vvoA4OMD574N3sle3ECpimdLdqn1QL8FTu3XVsb2btoY8nwMAe6sGIturGX66BjCAHaVwY88Gn%2FbVyfk81s0t7Tgvmxxyz%2Fuwjxc9u%2FB3gUABkNo%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719029fac3b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5472343ceb05515332d894a5ce413ae9
1487abaddd359382d283b5ae88126b39509daa82
f24e8239062bb2cb52ad151a9d30f9f90a4f9557dae0719fd56dd6d8fe997894
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 20:20:02 GMT
Expires: Wed, 15 Feb 2023 20:20:01 GMT
Etag: "1487abaddd359382d283b5ae88126b39509daa82"
Cache-Control: max-age=494102,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7971902bbcd6b51b-OSL
personal-finance.xyz/ar-cards-l3/css/print.css
172.67.203.132200 OK 279 B URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/css/print.css
IP 172.67.203.132:0
File type assembler source, ASCII text
Hash b0e70712c6a8d40e037f65050fc14148
51cd2cda6e5ad22ee49ec84882e730c09a04dbaf
e3dd0cf7ef07b162827a0cb72ef222916fede87e56bb64159b7c717ada91e2a0
GET /ar-cards-l3/css/print.css HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"308-NrGRup11TBS8Cry9hX46iAzr4dM"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4fN4FTRdDHMGhwUfhu8Pa%2BVwaRviXFob%2Fh1%2F4a1OF93hVdAwjiDz%2FUbF5AQbEVcYprncnZ81t2O2DJviNROYTJ2uJGor%2BPrELXzmQeL0r60AlyNQLb1YL7swqpgaZ884rULbFLeTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7971902afa3bb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
propeller-tracking.com/vctx?t=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vctx?t=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 10 Feb 2023 02:54:58 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 557f7180ae5d07888f2bf2034ca22914
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5472343ceb05515332d894a5ce413ae9
1487abaddd359382d283b5ae88126b39509daa82
f24e8239062bb2cb52ad151a9d30f9f90a4f9557dae0719fd56dd6d8fe997894
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 20:20:02 GMT
Expires: Wed, 15 Feb 2023 20:20:01 GMT
Etag: "1487abaddd359382d283b5ae88126b39509daa82"
Cache-Control: max-age=494102,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7971902bba82b4ed-OSL
propeller-tracking.com/vctx?t=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vctx?t=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 10 Feb 2023 02:54:58 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 290692a21dcdc3deb17d868903a6b850
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=NaN&bid=undefined&aid=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 Feb 2023 02:54:58 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 96cb9149ec9941f35ffcf48bbd5ebf0d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
accentbiz.com/click.php?event9=0
3.93.65.61200 OK 20 B URL HTTP/1.1 accentbiz.com/click.php?event9=0
IP 3.93.65.61:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /click.php?event9=0 HTTP/1.1
Host: accentbiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
personal-finance.xyz/ar-cards-l3/js/firebase-database.js
172.67.203.132200 OK 48 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/js/firebase-database.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c74c5bab6139d847c8e22f764e1335b8
ddc008c0f76f5c7540eb54474dc7e2358e9a74c1
f28b37b8a8e51a22e093da219e41a8ef2003b9296e6c70d1175b96d2d440ed5f
Analyzer Verdict Alert fortinet Phishing
GET /ar-cards-l3/js/firebase-database.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2c503-/H1IiUmennR7XyvWp/sYzDB8GYg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpoN13RDYrkIQ0Q2f0UE%2FcOxIhp9rMAgmJuzYuJTvW93%2FuaD9lYvfYcSx9nceIV%2BCK4IungLceLJTwdTLL3VsKesQAcoyYsCUD9TJpaoy4dOdf8tOYJ5t4r6AdXdUpJ72HNQl16Raw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719029eec7b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=NaN&bid=undefined&aid=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 Feb 2023 02:54:58 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 270b3d1237f6b28ae87f56f3a5d6f688
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
personal-finance.xyz/ar-cards-l3/images/empty-GT_imagea-1-.png
172.67.203.132200 OK 2.2 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/images/empty-GT_imagea-1-.png
IP 172.67.203.132:0
File type PNG image data, 140 x 140, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d469e4e000d36612b286b44d06613b9
185719b2d110f3ec54800cfa522c2d0698af33cc
e39a652c5804f4eda7f62e61324c6fa6526840b45b9a3b3ee7ebb05cc723b7c8
GET /ar-cards-l3/images/empty-GT_imagea-1-.png HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: image/png
Content-Length: 2157
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"86d-GFcZstEQ8+xUgAz6UiwtBpivM8w"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9ayYtsgCPyUn%2Bjjh7wtIiV%2FJTVYJuJMeg082EaClEY%2FrhgBtJLruGHapNIXjMT2xghmVr3p4CG57uBkPWTad758F49M%2FWRVQdUukFVtZ03GMVVvqD%2By4eZ%2FuXqkXfkp0Aqu8LZ5jA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7971902cbc1ab503-OSL
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/images/45454.png
172.67.203.132200 OK 2.9 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/images/45454.png
IP 172.67.203.132:0
File type PNG image data, 46 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fe2bb3891113f0dbb8cf28d28ef61e8
bc834862602571e82a420d77c4ff3a9c69427fc8
3d1366b70d3760a7fd820c23b250e552ab417a6c15d3c78e6b890a8bb0c234be
GET /ar-cards-l3/images/45454.png HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: image/png
Content-Length: 2934
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"b76-vINIYmAlcegqQg13xP86nGlCf8g"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zftNO38IREIJpPhVkJxsXQKivIwV5kU8ZyGHrt6osbrJ078Ssq9in8%2F2GxS4d3aCj8oxUrefOQ2nhcP9KG3rz0x7a2QFbuJOmVuve7etMJK0boiR44yc9i23OARgcurhL6GAB%2BSq4A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7971902cbc46fac0-OSL
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/images/Screenshot_3.png
172.67.203.132200 OK 46 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/images/Screenshot_3.png
IP 172.67.203.132:0
File type PNG image data, 256 x 282, 8-bit/color RGBA, non-interlaced\012- data
Hash ca29bf2307879e64c63717eb719584cd
a0504cd42f7647c5bb936c723125d54745053b6c
bac58cdef10900875f0d340004476038f6994ea110b93d42b9af1107c34f2a58
GET /ar-cards-l3/images/Screenshot_3.png HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: image/png
Content-Length: 46266
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"b4ba-oFBM1C92R8W7k2xyMSXVR0UFO2w"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHyGV%2BIGXBINI%2BidFyWqMsWy4aN%2BXLynvNNuutPKWjP4JaNXX2urlMtg3dbc8jG98F4d55hPHkdSnffe0PS9raiLXaJT9eDjSlfJErUaplvAZpeRCPekbcu4anSSqw7byCksIuDO7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7971902c381eb51d-OSL
alt-svc: h2=":443"; ma=60
personal-finance.xyz/ar-cards-l3/images/3.png
172.67.203.132200 OK 277 kB URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/images/3.png
IP 172.67.203.132:0
File type PNG image data, 752 x 1200, 8-bit/color RGB, non-interlaced\012- data
Size 277 kB (277075 bytes)
Hash 91845563b4b456697d677ae053b8bb2e
e6c4afa0c7723da7fa5d0071aba90271024b4512
45ba33843b7b354046190ebfdddf40a73f75da43ac4e87cce5d1bdd6580b58b1
GET /ar-cards-l3/images/3.png HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:58 GMT
Content-Type: image/png
Content-Length: 277075
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"43a53-5sSvoMdyPaf6XQBxq6kCcQJLRRI"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUM0ajAnGXPZzTvXkfATBKIWsfYM%2BVF63MCY3CLMUwURb%2B8nvgw9A9%2Fcy7D%2FXzmErqz4BtkcsTcm2HEiLaDJ7Xytuz5yJ7553p7zbD8VCjZns9YhxHRBFv%2B2TVzKWf4Zw1fLKBy4MA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7971902bdddab50b-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c401431df81ddb15caa41c0dd46d1e89
1425acaf4f62be49ed25a6ed3ee9ea9f4b64cc27
728bea4c87ad7bdc5e5755af61323951bdd7604698a67360e38837131b20c426
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 Feb 2023 02:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 10 Feb 2023 01:44:09 GMT
expires: Fri, 10 Feb 2023 03:44:09 GMT
cache-control: public, max-age=7200
age: 4249
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c401431df81ddb15caa41c0dd46d1e89
1425acaf4f62be49ed25a6ed3ee9ea9f4b64cc27
728bea4c87ad7bdc5e5755af61323951bdd7604698a67360e38837131b20c426
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 Feb 2023 02:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14031
Expires: Fri, 10 Feb 2023 06:48:49 GMT
Date: Fri, 10 Feb 2023 02:54:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14031
Expires: Fri, 10 Feb 2023 06:48:49 GMT
Date: Fri, 10 Feb 2023 02:54:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14031
Expires: Fri, 10 Feb 2023 06:48:49 GMT
Date: Fri, 10 Feb 2023 02:54:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14031
Expires: Fri, 10 Feb 2023 06:48:49 GMT
Date: Fri, 10 Feb 2023 02:54:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff18889c9-0ffe-4e16-8b23-a567260f8e70.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff18889c9-0ffe-4e16-8b23-a567260f8e70.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbb0439b722696021369b436571c7abe
3ecd03ad4535d9d92f31cba294a6df79fa37e7da
62f7e02deb38a666d1a2349703d54b409ca8f38b689c3b5b3706571ced9d0c4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff18889c9-0ffe-4e16-8b23-a567260f8e70.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: 4b28d4d8-5358-404b-bae4-39ffe606ea6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AF0VoHjMoAMFa-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e56756-4839a573183aae4c6eda6546;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: E6IupdWk4g-FUH0fLC6m02cootSrA_u47GaTIYKw7eeJT7h7IRvbOg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:43:53 GMT
age: 18665
etag: "3ecd03ad4535d9d92f31cba294a6df79fa37e7da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1bc9fe0-a4b1-4c37-bdba-10eb4e183d86.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1bc9fe0-a4b1-4c37-bdba-10eb4e183d86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca09497a8bf8f8e971d079eebc745eaa
704449656f17b9cf2773b424f360ba25d2c855af
0a74d62fafa5dab601a1c3e42d134a5fde5a46562c7f4f7e8a1ea86ffff66ebf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1bc9fe0-a4b1-4c37-bdba-10eb4e183d86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5387
x-amzn-requestid: 2d3f9276-d812-4ad8-8072-1faa4a824a77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AD1uoGNgoAMFxpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e49cc3-0b66a80c5ee969e65c4b05f8;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 07:12:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: og6amuuwPBH3zjWgrjD_uPOXA2aC7pSsonvfRh1R3yYq81cEI02xjQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 07:17:33 GMT
age: 70645
etag: "704449656f17b9cf2773b424f360ba25d2c855af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53156254-151d-41b8-abfc-0826901d7cd0.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53156254-151d-41b8-abfc-0826901d7cd0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6933964b5b158cf2da804a6ff8369e91
95ae13ac5c5a3ea2e78fdbf07137d0b786ea2f0c
fe18606f9f5b52382ac1a48275732cd186a8b7e88480b4515026e6d5b9c8cdd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53156254-151d-41b8-abfc-0826901d7cd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7745
x-amzn-requestid: 5e7e8f1b-fdb4-4a70-82f1-c14b8eb0ff82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AF0VoF1moAMFYMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e56756-7f4ef3071fa2054913670435;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LAPZxRENqag5HkQ-wgHyTRCGYpcXD_u3XMyHysHwBQPMr2DsW8Jwxw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:43:53 GMT
age: 18665
etag: "95ae13ac5c5a3ea2e78fdbf07137d0b786ea2f0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9c46333-931f-4627-b47e-fe0c43cde8fc.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9c46333-931f-4627-b47e-fe0c43cde8fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f3336ac4423b02c36ede62d379f50e2
e38590afab0ca061844ab6a4db4e781b78a858ac
12fefbc2ecbb0a590c82fed3bda96949fca0546dfbaf6811098217f27a78b4de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9c46333-931f-4627-b47e-fe0c43cde8fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9958
x-amzn-requestid: 99cb33dc-77ef-4028-b6dd-4bc37af526e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AF0VoFjWoAMFv-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e56756-1438b9724a8b940e20e45bd1;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1NMQpC3EBhshyyg-8DOui20PF8_GmE33pPEXbqidir9QUwTPtOfvWQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:43:53 GMT
etag: "e38590afab0ca061844ab6a4db4e781b78a858ac"
content-type: image/jpeg
age: 18665
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed309fef-1cc1-4a7f-be4e-089f353cb9a5.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed309fef-1cc1-4a7f-be4e-089f353cb9a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 891ecdf4a508323ea67e69d256a3108e
d2444bbb76308cca606e8ee570cd55407a40f5c5
77c32baf2d67dbd5f37b9058f4a5cb3bb2437d01ada1d372816914b1ed2f1579
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed309fef-1cc1-4a7f-be4e-089f353cb9a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7519
x-amzn-requestid: 6b4d578a-8a7d-4e14-acc7-0a69fda61f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AF0ppGcdoAMFSdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e567d7-2dd6a7da423dfb3865466920;Sampled=0
x-amzn-remapped-date: Thu, 09 Feb 2023 21:38:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: q-uBw8rdjXC1XPYUXRu1vjzJ3BYRFGLmbJoYIEPsiM1qJAOfKPIGtA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:43:53 GMT
age: 18665
etag: "d2444bbb76308cca606e8ee570cd55407a40f5c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: a615a5fa-a2d8-4cde-b315-a211c7f49bef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACn9WEA4IAMFsFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e42055-7a6fbfa40614816b1c2e9fed;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 22:21:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KITnAMHAS6sESZ2OenwNX5RYRsBMkaBRfcKyvvyB-Dq15o3zJEYPvg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 12:41:30 GMT
age: 51208
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
personal-finance.xyz/ar-cards-l3/favicon.ico
172.67.203.132200 OK 788 B URL HTTP/1.1 personal-finance.xyz/ar-cards-l3/favicon.ico
IP 172.67.203.132:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash a39ce1f72c59f25e2fd224ee0ed94904
26b184c7b532afd203d05c9d7cae6ec28641a5f9
4b6b913e60ce92398915d91b830a2efcb5df502eb68e0effabe76f05dd69eb34
GET /ar-cards-l3/favicon.ico HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/ar-cards-l3/
HTTP/1.1 200 OK
Date: Fri, 10 Feb 2023 02:54:59 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"57e-pUpwjmw9me235+hzXK5PUZYDy58"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG%2BArq6Fy1O27XP%2F%2BN1nDZjnROZhzpRfzQX1MNWujO47I9M5%2Fhy8Y6gAsYPLihsiwIj7gEJss%2B8yP61rKlKuxiIfbJ037Q7fooRFpmdFkW%2BeT1BYPiQHL5WsJH5ajRuV%2BGS%2F0ggDrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79719030f9dcb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=3912
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=3912
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbri?t=NaN&bid=undefined&aid=undefined&tp=3912 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 Feb 2023 02:55:00 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 3b7408c9770eb40b521afb0794cd3f5d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=4013
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=4013
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbri?t=NaN&bid=undefined&aid=undefined&tp=4013 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 Feb 2023 02:55:00 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d3806de9a5358e712c21feee07fa7447
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,400i,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,400i,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,400i,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 Feb 2023 02:54:57 GMT
date: Fri, 10 Feb 2023 02:54:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ilmpush.club/getnotificationid?_=1675997759503
207.148.26.9200 OK 0 B URL HTTP/2 ilmpush.club/getnotificationid?_=1675997759503
IP 207.148.26.9:0
GET /getnotificationid?_=1675997759503 HTTP/1.1
Host: ilmpush.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx-rc
date: Fri, 10 Feb 2023 02:54:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Content-Type, Authorization
set-cookie: XSRF-TOKEN=eyJpdiI6InhhdFUzM1NRcitcL1Izck52NlZ5U3pBPT0iLCJ2YWx1ZSI6IjZ0dkFxMk1kT0t6MXBZczVPR0FiR1MxZFV0c1o5VjFxYzlRTUo5Y1lMN1wvQ1FJWVdCc056cmRRbmE4NzhDVFUrYUd1bFwvbEladk02SUF6RUs5dzk3UUE9PSIsIm1hYyI6IjdjZDI4NzMyYTZmMjQzMTI2ZGM2OTY4MmQyZDQwNTlhMThlYWJiODczNWMyODcyZDUwM2Y0OTYxOWE0NWRjMzgifQ%3D%3D; expires=Fri, 10-Feb-2023 04:54:58 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6Im03WHJMSlwvcFU1anNUWW9mUXA4TW1RPT0iLCJ2YWx1ZSI6IjhCYW5Id1Q5TXlJMFg5a2RWU1NVSmZGYVhTcmNtaVZuQWprZVdrMXlwb3dGaThqeFhWQTM4dzg0cXY1VHlKUk41SEZMQVNmK1h4eTRoK093ZWhuQmxBPT0iLCJtYWMiOiIyZDMzMmI4OWM3MDI4NTM0Mjc4YTY5MWY0NDY4NTU1ZTYzZjVjMjI4MTMwNjYxNGJkMjQwNGFjM2U4MTI1ZGE3In0%3D; expires=Fri, 10-Feb-2023 04:54:58 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2