firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 15:13:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Tp308alYCaPtpBRQB3jgtZarUIWHc9CjNc1Ed2YVbVY4Qkk_X8fp9Q==
Age: 789
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2430
Expires: Wed, 21 Sep 2022 16:07:15 GMT
Date: Wed, 21 Sep 2022 15:26:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZO3IwiH4JpuD2nv7hcBl_RS2JkGFWObiyVnrC_xrwPok7ArOw-CENw==
age: 39092
X-Firefox-Spdy: h2
www.everest-exchange.net/
198.54.115.151301 Moved Permanently 707 B URL HTTP/1.1 www.everest-exchange.net/
IP 198.54.115.151:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 21 Sep 2022 15:26:45 GMT
server: LiteSpeed
location: https://www.everest-exchange.net/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 15:26:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 15:50:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3dLMOU4Qv2QQplFy8reOQ_hRDDErrx4N5Nbfa998nQ05sWqC4qwHFw==
Age: 1404
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5482
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:46 GMT
Last-Modified: Wed, 21 Sep 2022 13:55:24 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f3b050c07c4bb0b232044eeeabbae1b2
3efcea12310e290d581340d96f12fa91f7d98b89
12932e853bacaf33bab3d861a2e16210aa9c5922f8b5ae010501128a5a83d712
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:26:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 11:39:08 GMT
Expires: Mon, 26 Sep 2022 11:39:07 GMT
Etag: "3efcea12310e290d581340d96f12fa91f7d98b89"
Cache-Control: max-age=417740,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e3d2335f360b61-OSL
push.services.mozilla.com/
35.163.147.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.147.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kCwEvB2JhKHmoX9IhnY0Zg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uQ1d58nXgvUgFHUUip1Jk33btHc=
www.everest-exchange.net/
198.54.115.151200 OK 6.9 kB URL HTTP/2 www.everest-exchange.net/
IP 198.54.115.151:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (888), with CRLF, LF line terminators
Hash 0368238e2cb028940865aa39a63b9b4c
9417eb2aced6afa6d19213480701da76704c11ca
0e68ad4073a4ab136377cab43ccd8d42e9d66dc9fa9c626b1028734fd0d8e92a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=1f74561db3452824064564ee60b1fc1e; path=/; secure
lang=English; expires=Sat, 18-Sep-2032 15:26:46 GMT; Max-Age=315360000; secure
content-type: text/html; charset=UTF-8
content-length: 6948
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.25.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:26:46 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2406217
expires: Mon, 11 Sep 2023 15:26:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0HdEU25y%2FgAdkAPkp3LBOUZMMg3lh6d1AOSxVuqowmQfBrLd43LD3NeZmYkXxk3pFOCxcwetQfH81HWc96I4eTsf%2FEjwOrWrOjzRk2y1KCsc2J0S1sM20d9tEU3x5sLQ79hzdgK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3d236afd5b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32014)
Hash b0a538eca8603c37c15e4ccd04500c57
f89f4099777ae63be4e09fee2b1227bc6874fd73
917decede324477626db7f615c8ee595556bafb7a875bdc9d3c3b1b94b345307
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:26:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 27198
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1514f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6817672
expires: Mon, 11 Sep 2023 15:26:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zm3NiJSpOTf2l8GZQoIYFsy1JYqV7a%2F89ByCW8k8d0FS9Hv7ezMjzvDUeBiu0nY5TvxX7X4GeICXb7I0d53HHTlZxYQqNRL3EVkDXvWJxyVCfYj1ajsMRsezni61w6JGC7kLSJzt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3d236afd7b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:26:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1119408
expires: Mon, 11 Sep 2023 15:26:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjghFkSkx7xF6w6%2FssHZaqxB8vJzR1RpnoelujfaMoLI0TNBhrYHIDW7S%2FHvP1Nen0jofEU9FRIKZ8HliJYGsPoPPS%2FjKO0KyNeLHvdWL%2Fmbgu2%2F1ABbrY%2FM%2FNgFOP%2FaEdTRpbAv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3d236c802b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js
151.101.85.229200 OK 6.0 kB URL HTTP/2 cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (23002)
Hash d31164a5c92e682546340b7ec92ab632
51032695d12132a042d35be0a1cff7117cfa20ea
1f5e16ff288220d51a8b74d70b6e7f104866905f3f63cffe1a3118878d06a5c9
GET /particles.js/2.0.0/particles.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 15:26:46 GMT
age: 15188886
x-served-by: cache-fra19128-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5958
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 1753c16688d0d51f0b3dc7ed7d4dbc4d
6a4842b3dc99394c6584c203175570ff8737c777
a61044d56003744699349a1ffbd6f85e0c62d4ac59b50d185363dd85d755b5c9
GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 15:26:46 GMT
age: 2143538
x-served-by: cache-fra19170-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23046
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash f1883dfe3d1a16da0d5ad68f7228f99a
37e13f8f11c6c21ad2ea36a108e9006132586635
601ab8c5f5909131ea6a53a997f04c7c6e733127858045caeaa53701978f7e7a
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 15:26:46 GMT
age: 12513971
x-served-by: cache-fra19150-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22977
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 27a94a0ff6f4c75a1ba21dd1caa47527
658d1917a81d1d0a68151903973992e2b59b3697
d1da53aff49d81c8d0139382b6c338d27eb349c0bde61e41ccb9e0e7ab7234f2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:26:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0D300EB098696BC238787019CF374F8685E820CB"
Expires: Thu, 22 Sep 2022 02:00:00 GMT
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2478
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e3d2371875b51b-OSL
www.googletagmanager.com/gtag/js?id=G-85GE9PC9L0
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-85GE9PC9L0
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash 3db00dfb9b64baa5d7e6d082137de845
0db1cb5e688d18fc531a11087c04a0c431fc83da
f21c1bec35277bc299eaa6983bcd9b16fdf78c5fa5d64115e7c15d42b0482231
GET /gtag/js?id=G-85GE9PC9L0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 15:26:46 GMT
expires: Wed, 21 Sep 2022 15:26:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
everest-exchange.net/app/templates/CryptoExchanger/assets/bootstrap-datepicker/css/bootstrap-datepicker.min.css
198.54.115.151200 OK 1.9 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/bootstrap-datepicker/css/bootstrap-datepicker.min.css
IP 198.54.115.151:0
File type ASCII text, with very long lines (15543)
Hash 05d0134d4ea78d573d5b3ad387f3baec
c17a34aa9aa1cfdc34bb2c23b3a4e1261d0c8d6a
6b1923ad8d6fba7f1fb24cdb31e9ca2139f16477ca61c400650acc385087424d
GET /app/templates/CryptoExchanger/assets/bootstrap-datepicker/css/bootstrap-datepicker.min.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1884
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
198.54.115.151200 OK 40 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
IP 198.54.115.151:0
Hash 74d61da7b316faa43fc73f3053b14925
a407c453d00762a079c8fd6f0d6407a90b4f2a6b
72600690170fbb6306777eb9a12e1d4d20daf02720a23b28367f7bd98d61ff9b
GET /app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1 HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 20:10:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 40483
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/font-awesome/css/font-awesome.min.css
198.54.115.151200 OK 6.7 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/font-awesome/css/font-awesome.min.css
IP 198.54.115.151:0
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
GET /app/templates/CryptoExchanger/assets/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/owl-carousel/owl.carousel.css
198.54.115.151200 OK 1.0 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/owl-carousel/owl.carousel.css
IP 198.54.115.151:0
Hash bb01fb8c3e15b326ff66a510d6724c98
77d03adf9dfff2e732c5bac1d12011b3c477fe89
32a4b48f95a4e4871940c0c8ee809eb4da134907921c3fb9c64718a98fbd5add
GET /app/templates/CryptoExchanger/assets/plugins/owl-carousel/owl.carousel.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1049
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|Roboto+Condensed:400,300,700,700italic|Montserrat:400,700
216.58.211.10200 OK 1.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900|Roboto+Condensed:400,300,700,700italic|Montserrat:400,700
IP 216.58.211.10:0
Hash d8722f5f8ba23ef8a6cb0b666c248e0e
74bf62100d55abb0d81d4caf6e491960aaa9f397
9580ce4a5426c49203cfbc4f517b60e64078743e3de2d46a03318e757a5e4701
GET /css?family=Roboto:400,100,300,500,700,900|Roboto+Condensed:400,300,700,700italic|Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 15:26:47 GMT
date: Wed, 21 Sep 2022 15:26:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/bxslider/jquery.bxslider.css
198.54.115.151200 OK 1.0 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/bxslider/jquery.bxslider.css
IP 198.54.115.151:0
Hash 03b81d02b6d9cc9a5b5dd76b47487c23
b6e1b04de77fc8e0160098d0985fea24f21efd72
7c3a0e7f64554f759bc904a9a530f0fd51e1c334bef2f86b037fd64ddff9cd8e
GET /app/templates/CryptoExchanger/assets/plugins/bxslider/jquery.bxslider.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1010
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/js/pace.min.js
198.54.115.151200 OK 4.5 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/js/pace.min.js
IP 198.54.115.151:0
File type ASCII text, with very long lines (684)
Hash 514910d5b6412dfbbfed18a35557ec0b
94c3e07ad87543d213524903fac05cf81d81a04a
f5db0feffe9ee74bcd0ff0928a23e91a4bfbf6dfd209d6680e00e272cb973627
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/js/pace.min.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 12:22:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4466
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/modernizr/modernizr-custom.js
198.54.115.151200 OK 3.7 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/modernizr/modernizr-custom.js
IP 198.54.115.151:0
File type ASCII text, with very long lines (8796)
Hash f29c94733705b866601e1591e3cf705d
7e1c8e691a78d1bbe6ac2e5691a323ea2de7e0ff
da6c793657a2a4887aa44a4d5f2f5aaae8e2613e38a6e784284003f630645d4d
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/plugins/modernizr/modernizr-custom.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3652
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/img/site_logo_2.png
198.54.115.151200 OK 12 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/img/site_logo_2.png
IP 198.54.115.151:0
File type PNG image data, 360 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash dd59b235156ef7cd1c0bc53cf2625125
6d6ee42f5da22f762fcd0573b6374846ab34ffea
6382cb7eb9283b06aba496f6c02ee7618d65a5fc49926ea395de40450b213fb5
GET /app/templates/CryptoExchanger/assets/img/site_logo_2.png HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/png
last-modified: Thu, 21 Jul 2022 10:10:05 GMT
accept-ranges: bytes
content-length: 12206
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/icons/faucet_icon.png
198.54.115.151200 OK 25 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/icons/faucet_icon.png
IP 198.54.115.151:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e2220785dc6a6cbcf70285aff545c2f
f2ef584d7db8e340a3bad4f2e26ab50ae3a022c3
32cb131949fa860a220c1d8fb42840cd3d276f9bb54bfb11b816a04ea179edb0
GET /app/templates/CryptoExchanger/assets/icons/faucet_icon.png HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/png
last-modified: Fri, 09 Sep 2022 14:57:39 GMT
accept-ranges: bytes
content-length: 25148
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/uploads/1658220981_icon.jpg
198.54.115.151200 OK 17 kB URL HTTP/2 everest-exchange.net/uploads/1658220981_icon.jpg
IP 198.54.115.151:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 336x336, components 3\012- data
Hash c5f041ba7fcf96f64ff7f9e7292b82e3
5a23b166a515640313a7e9e0fcd2d349eb0218db
a59c92430f824aec8671888fc76baf1dc7354b414f7ec5d688f899fcb3902fa2
GET /uploads/1658220981_icon.jpg HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/jpeg
last-modified: Tue, 19 Jul 2022 08:56:21 GMT
accept-ranges: bytes
content-length: 17298
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/uploads/1658228159_icon.png
198.54.115.151200 OK 10 kB URL HTTP/2 everest-exchange.net/uploads/1658228159_icon.png
IP 198.54.115.151:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f00fa720b92ce68324ce86c837f6038e
300a966521d128569ed6c92ec4961bbd57c49744
df10d3c72750f22d7b2a006b8c107c3bb855572790e5fcc49d3e71241b5828a1
GET /uploads/1658228159_icon.png HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/png
last-modified: Tue, 19 Jul 2022 10:55:59 GMT
accept-ranges: bytes
content-length: 10234
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/icons/Missing.png
198.54.115.151200 OK 3.7 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/icons/Missing.png
IP 198.54.115.151:0
File type PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Hash 33c70c83c2bf0da9f2b58109e346383f
9831296a8add086e2afc7a472e292424418c693e
fb7d44842c5963086be325703178ed223194ed29b105ba5f52298ee42b6ee948
GET /app/templates/CryptoExchanger/assets/icons/Missing.png HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/png
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-length: 3693
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/uploads/1658979775_icon.png
198.54.115.151200 OK 2.9 kB URL HTTP/2 everest-exchange.net/uploads/1658979775_icon.png
IP 198.54.115.151:0
File type PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Hash bf4b6a4120507364c9930b304120f6af
abaf97719f7afefd2e7b1f948759f6592de715b4
4d8853614bc8a9d692c764250b70281ddef0a8d60c9e77f44e7dbedb7f922301
GET /uploads/1658979775_icon.png HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/png
last-modified: Thu, 28 Jul 2022 19:25:11 GMT
accept-ranges: bytes
content-length: 2864
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/js/main.min.js
198.54.115.151200 OK 2.3 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/js/main.min.js
IP 198.54.115.151:0
File type ASCII text, with very long lines (8481), with no line terminators
Hash f95ed463d7de3d0354fe154b7f3f10f2
f1e307088a8e4e03b8b1ef82753d6c72ebd4a3cc
53a791f5c457adf01798fb9463b24e5e0c4eea200aae309b2553c4664d84d7e0
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/js/main.min.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2326
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/bootstrap-datepicker/js/bootstrap-datepicker.min.js
198.54.115.151200 OK 9.8 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/bootstrap-datepicker/js/bootstrap-datepicker.min.js
IP 198.54.115.151:0
File type ASCII text, with very long lines (31941)
Hash 7d5b563abce14e98101c0ba8fbe65190
44490e9f8e28eaa976172307b5b489e52fd916c1
954b73f81362434e79f6c06116b99a759396a26ebce5737017a4567b872a1c3b
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/bootstrap-datepicker/js/bootstrap-datepicker.min.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9803
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/js/ce.js
198.54.115.151200 OK 1.3 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/js/ce.js
IP 198.54.115.151:0
File type ASCII text, with CRLF line terminators
Hash 938861f8d2bc6b7bdcc48e9dae9070d1
b4b406969d432c88f6cc377f27629db1fdb8724a
53294bad8fb9ae5c65b67ef1290089086fb5d1e5364f19e8bf11e48178f3c006
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/js/ce.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 09:46:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1261
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/cleditor/jquery.cleditor.min.js
198.54.115.151200 OK 5.4 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/cleditor/jquery.cleditor.min.js
IP 198.54.115.151:0
File type ASCII text, with very long lines (12545), with CRLF, LF line terminators
Hash c9b155456233ec9ee8438cafe83f20fb
cbaa35c58e5a253b4d3ae95a90086d603828a0f7
9be99dc301f76d1954420d6b16a394b6b538dd5dfe08f4e589035c4bb5e50b21
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/cleditor/jquery.cleditor.min.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5403
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/cleditor/jquery.cleditor.css
198.54.115.151200 OK 471 B URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/cleditor/jquery.cleditor.css
IP 198.54.115.151:0
File type ASCII text, with CRLF line terminators
Hash 582ce0493580c2f057aeac35e16217f7
5e74b052590d2f6a55716f167e1b779fdb4d04f3
3fc73501d9a1a897c788c15fd9861e441f5c4213dea86c38d6f7cdc72db2abe9
GET /app/templates/CryptoExchanger/assets/cleditor/jquery.cleditor.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 471
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11244
Expires: Wed, 21 Sep 2022 18:34:11 GMT
Date: Wed, 21 Sep 2022 15:26:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11244
Expires: Wed, 21 Sep 2022 18:34:11 GMT
Date: Wed, 21 Sep 2022 15:26:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11244
Expires: Wed, 21 Sep 2022 18:34:11 GMT
Date: Wed, 21 Sep 2022 15:26:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9556616ca10eb4383b1e15f360fbf6d4
cb328d0f66f4c2779bc64342ef89735636ae5ded
4f945ab342352aea3f4b2242d084d527bb517cf7c6efd0c10a828f0bee9f5d3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9227
x-amzn-requestid: 26d977d3-f4d2-4218-a8f4-a56c873e6a26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiFzKG2zIAMFoDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323e9ad-0bfac6c453e6ea5a311a28a8;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:12:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: K-lCBW5v2irK9UtfyGeaE7jkaIjQkpEUREIMd2hMXUrlsc6k-p6F1A==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 05:27:48 GMT
age: 35939
etag: "cb328d0f66f4c2779bc64342ef89735636ae5ded"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:08:27 GMT
age: 11900
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 62224
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a504981ee10d8341b64f19001464ae8a
56f228d7358ba9deef000f53214dc7c1dc358109
0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:25:34 GMT
age: 43273
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 63809
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwWSpE0SoAMFaxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 02:18:26 GMT
age: 47301
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
everest-exchange.net/uploads/1658221032_icon.png
198.54.115.151200 OK 18 kB URL HTTP/2 everest-exchange.net/uploads/1658221032_icon.png
IP 198.54.115.151:0
File type PNG image data, 979 x 880, 8-bit colormap, non-interlaced\012- data
Hash 8e4e6e58ecb6e030495d66493d9d07e7
8f631c0e68b54420bba1d509ecaab8d8aab2e4ad
b9be8c3d498844260d67ba25fc74ddcb49c9128618539abaf0f1a1925a48fe64
GET /uploads/1658221032_icon.png HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/png
last-modified: Tue, 19 Jul 2022 08:57:12 GMT
accept-ranges: bytes
content-length: 17560
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/bootstrap/js/bootstrap.bundle.js
198.54.115.151200 OK 46 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/bootstrap/js/bootstrap.bundle.js
IP 198.54.115.151:0
File type ASCII text, with very long lines (337)
Hash 14bcbe819643ffb1f297a2f3e49ccffc
de9432098d3e2c81537b6f4adec5f35a4a2f4545
5a5fc4882f51cf821ce62d210a259c0622289f21f46027aca44e996d94057cb2
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/bootstrap/js/bootstrap.bundle.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45693
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/js/vendors.min.js
198.54.115.151200 OK 58 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/js/vendors.min.js
IP 198.54.115.151:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 02311d3b2b86244119960db12fc8527c
7b531e0e25bb1dcd9f59aa98ae423a4f023f2139
3265fc250765be82a49e8d14a9596886c2761ac2966fdcbb26c3fec03f213a1a
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/js/vendors.min.js HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 58193
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/css/animate.min.css
198.54.115.151200 OK 3.5 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/css/animate.min.css
IP 198.54.115.151:0
Hash ade5d600d3edbfed201c2fa622e37e5e
c46e04e2ca3b9fbdac88b393c7636fad256957b0
33542582b7510516b0a7cd68139ece546d33c746383d0ac20b25cdf9e6f57264
GET /app/templates/CryptoExchanger/assets/css/animate.min.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:47 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3465
date: Wed, 21 Sep 2022 15:26:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/fontawesome-5.2.0/css/all.css
198.54.115.151200 OK 10 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/fontawesome-5.2.0/css/all.css
IP 198.54.115.151:0
File type ASCII text, with very long lines (317)
Hash 72dea6b43311685fcae7160d2045b2d3
ccf188f35bd499dd9494b4f96b2f4a75ad90a799
248c496e0e707161b032009f0cf2b6c58f586a773b15a01e5f24703ff58aadb3
GET /app/templates/CryptoExchanger/assets/plugins/fontawesome-5.2.0/css/all.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:47 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10152
date: Wed, 21 Sep 2022 15:26:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/bootstrap-daterangepicker/daterangepicker.css
198.54.115.151200 OK 1.5 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/bootstrap-daterangepicker/daterangepicker.css
IP 198.54.115.151:0
Hash 5331bdd9d4c00a42c0d99840f12fa5f4
794c6ed6c3ca2643c816af46ebd60e5929894d9b
2e6473d7a304238a5baafa5b1fb9d0a779f6a2021ece22b44063d436d9d5d5b3
GET /app/templates/CryptoExchanger/assets/plugins/bootstrap-daterangepicker/daterangepicker.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:47 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1461
date: Wed, 21 Sep 2022 15:26:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/css/fontello.css
198.54.115.151200 OK 4.4 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/css/fontello.css
IP 198.54.115.151:0
Hash ddcfd943838ea8749add91393df38463
5efbb2066c32eb311628e5811e160dafe798e967
9c87455ab804b3b6bb1c05b1929254a32bcb4bd8838ba20f3de91a1a9c8f46a4
GET /app/templates/CryptoExchanger/assets/css/fontello.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:47 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4416
date: Wed, 21 Sep 2022 15:26:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/jquery-nice-select/css/nice-select.css
198.54.115.151200 OK 931 B URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/jquery-nice-select/css/nice-select.css
IP 198.54.115.151:0
Hash e1dcfc65fd6a906f53e49253ea248a37
1ef10bc502fe60ca653eda3a3786ee2b07ef3af7
3daa75e032f0a82ecfceefba22dbf69f1875f3fe46cf5ae11750442f9c396aa4
GET /app/templates/CryptoExchanger/assets/plugins/jquery-nice-select/css/nice-select.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:47 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 931
date: Wed, 21 Sep 2022 15:26:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/css/fileinput.min.css
198.54.115.151200 OK 856 B URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/css/fileinput.min.css
IP 198.54.115.151:0
File type assembler source, ASCII text
Hash 67fcb1cd8606a2c1403eb5e591a9d216
fb41c44e1d092a3553d1e9d1aa9de2fd891ada49
ca38fca5c369b4f73420979d079c6371b86587c5015e520f1737a515cbb8b903
GET /app/templates/CryptoExchanger/assets/css/fileinput.min.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:47 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 856
date: Wed, 21 Sep 2022 15:26:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/flag-icon-css-master/css/flag-icon.css
198.54.115.151200 OK 1.7 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/plugins/flag-icon-css-master/css/flag-icon.css
IP 198.54.115.151:0
Hash 879dcdbb04ded84a2e560da65b5b7d17
ecfc4063cab46c55c40d910f366100c8514ba4be
bbe95d2ce23d1ab6f6c372b521c74798c97a10305c9ebfd1d36d81108c3bda47
GET /app/templates/CryptoExchanger/assets/plugins/flag-icon-css-master/css/flag-icon.css HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:47 GMT
content-type: text/css
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1732
date: Wed, 21 Sep 2022 15:26:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
everest-exchange.net/app/templates/CryptoExchanger/assets/img/fire.gif
198.54.115.151200 OK 455 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/img/fire.gif
IP 198.54.115.151:0
File type GIF image data, version 89a, 468 x 498\012- data
Size 455 kB (454711 bytes)
Hash e8ec6e018f9f2a7e2f0fbffd8bdd330b
38a59c805f2140a573ad8d58992b5aa7a693feb0
1658be2dc59b3800068ed444205c0405f7239ce5dd7006afd5361d5af96c9cd6
GET /app/templates/CryptoExchanger/assets/img/fire.gif HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:46 GMT
content-type: image/gif
last-modified: Thu, 21 Jul 2022 16:58:53 GMT
accept-ranges: bytes
content-length: 454711
date: Wed, 21 Sep 2022 15:26:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 589960
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:52:00 GMT
expires: Thu, 21 Sep 2023 14:52:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 2088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 589960
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:17:40 GMT
expires: Wed, 20 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 61748
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 513990
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14d31c538ef2caf4422a82eae13752fb
64a60fba95891f5dcc3d098c78ca3705d679c073
9bf27ebead2d15f04d2874793cb043a7d650b50902092fe6ae3a5a9891c5cabe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4103
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:48 GMT
Last-Modified: Wed, 21 Sep 2022 14:18:25 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
everest-exchange.net/app/templates/CryptoExchanger/assets/img/bg.jpg
198.54.115.151200 OK 102 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/img/bg.jpg
IP 198.54.115.151:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=4001, bps=0, PhotometricIntepretation=RGB, description=global network connection world map digital background, orientation=upper-left, width=7801], progressive, precision 8, 1920x985, components 3\012- data
Size 102 kB (101561 bytes)
Hash 1ac72abc7368a4ab60fffefcfd68dbe9
ed1daca26ef738f74059a222d16ef8a3de2e6571
49baf125a5047c0c114142b605cb15f56c505968fb5b02c74263a6972ddd67ef
GET /app/templates/CryptoExchanger/assets/img/bg.jpg HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/app/templates/CryptoExchanger/assets/css/style.css?v=2.7.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:48 GMT
content-type: image/jpeg
last-modified: Thu, 21 Jul 2022 09:32:37 GMT
accept-ranges: bytes
content-length: 101561
date: Wed, 21 Sep 2022 15:26:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk/xfbml.customerchat.js
157.240.200.14200 OK 93 kB URL HTTP/2 connect.facebook.net/en_US/sdk/xfbml.customerchat.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (20897)
Hash d6fe38b1b6608cf486ff2d02f5ec3e73
f05d0b86ff1668db96682224f7cc09ca05d8fa92
d572e29fe7726ad97123cc445095ad5787689ec148f97630121c64a4a828fab7
GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 0f7018e81f616c4a5dc37541a355f28c
etag: "ca81f4c45f42c16bbd387db4bd49bf9f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 21 Sep 2022 15:43:40 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 1v44sbZgjPSG/y0C9ew+cw==
x-fb-debug: dyJlaQJVBPEOzu2f8xUDeg1scogzHoCVL79m/IZSYpyGc709bt3Bq8SGDXvDHXyH2BLQ84UNncjW3x0MClQKOA==
content-length: 92850
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 15:26:49 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
198.54.115.151200 OK 77 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 198.54.115.151:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /app/templates/CryptoExchanger/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://everest-exchange.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:48 GMT
content-type: font/woff2
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-length: 77160
date: Wed, 21 Sep 2022 15:26:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327854456644269
142.250.74.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327854456644269
IP 142.250.74.2:0
File type ASCII text, with very long lines (2903)
Hash 7c2740ec9abe4dfcdfb5558ab0fa2d5a
c44a680bdbd8aea33c7d274c0b931fa9c5172a8a
655dc7b72534e467ee0ebd62b11f75a6908f62a3053c343f1b34471c7c67bc9b
GET /pagead/js/adsbygoogle.js?client=ca-pub-3327854456644269 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 21 Sep 2022 15:26:49 GMT
expires: Wed, 21 Sep 2022 15:26:49 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13908077515273806207
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
everest-exchange.net/app/templates/CryptoExchanger/assets/img/favicon.png
198.54.115.151200 OK 15 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/img/favicon.png
IP 198.54.115.151:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 05549c62fab641729cefda6a9728e42e
f21c1d941d31c7d243315abc06936c0ad716c2a9
0251615d7086ca068be7277976531f0ea9511b21c35ca1807e23acb3acc9b153
GET /app/templates/CryptoExchanger/assets/img/favicon.png HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Cookie: _ga_85GE9PC9L0=GS1.1.1663774008.1.0.1663774008.0.0.0; _ga=GA1.1.655253227.1663774009
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:49 GMT
content-type: image/png
last-modified: Thu, 21 Jul 2022 10:05:52 GMT
accept-ranges: bytes
content-length: 14689
date: Wed, 21 Sep 2022 15:26:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
everest-exchange.net/app/templates/CryptoExchanger/assets/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0
198.54.115.151200 OK 83 kB URL HTTP/2 everest-exchange.net/app/templates/CryptoExchanger/assets/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0
IP 198.54.115.151:0
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash de1d07657c18dd9baf241bb9386a7684
51d95ab88e97ca907ddab31266cffb92ce76868d
67ae064a2bf9b1dd8d82b194bd38a9412ed37af13527000c97c103d5e0ea77e9
GET /app/templates/CryptoExchanger/assets/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: everest-exchange.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://everest-exchange.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 15:26:49 GMT
content-type: font/woff
last-modified: Sun, 23 Aug 2020 16:49:24 GMT
accept-ranges: bytes
content-length: 98024
date: Wed, 21 Sep 2022 15:26:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.everest-exchange.net
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.everest-exchange.net
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.everest-exchange.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 15:26:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.everest-exchange.net
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.everest-exchange.net
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.everest-exchange.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 15:26:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 682477608532cf0f939b82148a7d996c
53f5564723f8ca88bf990fb2e4de8ffd8000c96f
4f89314a758da9c42d7ab1c97f8794e3c10ed59112f6bad7f02f8b63fc24a3a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-85GE9PC9L0>m=2oe9j0&_p=209531316&cid=655253227.1663774009&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663774008&sct=1&seg=0&dl=https%3A%2F%2Fwww.everest-exchange.net%2F&dt=Everest_Exchange&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-85GE9PC9L0>m=2oe9j0&_p=209531316&cid=655253227.1663774009&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663774008&sct=1&seg=0&dl=https%3A%2F%2Fwww.everest-exchange.net%2F&dt=Everest_Exchange&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-85GE9PC9L0>m=2oe9j0&_p=209531316&cid=655253227.1663774009&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663774008&sct=1&seg=0&dl=https%3A%2F%2Fwww.everest-exchange.net%2F&dt=Everest_Exchange&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.everest-exchange.net
date: Wed, 21 Sep 2022 15:26:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www.everest-exchange.net&callback=_gfp_s_&client=ca-pub-3327854456644269
172.217.21.162200 OK 200 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.everest-exchange.net&callback=_gfp_s_&client=ca-pub-3327854456644269
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash c191ce7bbcc55f4e01fc7e9362c1c13a
9d8cdda65c49f015efab8858191cd831d62d5ce5
1f0f7f8dd236d64b4c2782415334539fdeb8259446f599e43be29af99e69f4e3
GET /gampad/cookie.js?domain=www.everest-exchange.net&callback=_gfp_s_&client=ca-pub-3327854456644269 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 15:26:49 GMT
server: cafe
cache-control: private
content-length: 200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 682477608532cf0f939b82148a7d996c
53f5564723f8ca88bf990fb2e4de8ffd8000c96f
4f89314a758da9c42d7ab1c97f8794e3c10ed59112f6bad7f02f8b63fc24a3a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 10ae49480aecaf4bbe48fe413fb884f5
eaf76e35924e7e2465d8d51f81e1a39da508a496
dee36f9aa3d11c1b3d6802fa611adea95ed277212e47f16392cd49f3161e205b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 21 Sep 2022 15:26:49 GMT
expires: Wed, 21 Sep 2022 15:26:49 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 16:23:47 GMT
expires: Mon, 18 Sep 2023 16:23:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 255782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=104437935688061&suppress_http_code=1
157.240.200.16200 OK 553 B URL HTTP/2 socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=104437935688061&suppress_http_code=1
IP 157.240.200.16:0
File type ASCII text, with no line terminators
Hash 25305895c9ba3756debf3f4e051594e7
5e61dfe4d3f2f2f5f49fd1164b60b54723cee50c
79a04dc2a9f95b718a593f605ef2edff30410e52ca1ae7a48860e7f4b08944cc
GET /new_domain_gating/?endpoint=customerchat&page_id=104437935688061&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://www.everest-exchange.net
x-fb-debug: rA1n0JcO0fGwyKPe0AZcYtobPaqbYRppJb9UeD0nj6IfGv97/DsZpMniXy5QUlPF6p7+7WpEGzOgUWO7fEb/Xg==
date: Wed, 21 Sep 2022 15:26:49 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eff7103898a5102e685ce6741cdf19f8
3371965b4417ee0b74a3a5094adfc1632d4849b1
c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 63950
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c93b72a08c92%26domain%3Dwww.everest-exchange.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.everest-exchange.net%252Ff37235dee030186%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.everest-exchange.net%2F&is_loaded_by_facade=true&locale=en_US&log_id=5cf6db30-968d-45a9-a607-11402a1395f4&page_id=104437935688061&request_time=1663774009584&sdk=joey&should_use_new_domain=false&suppress_http_code=1
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c93b72a08c92%26domain%3Dwww.everest-exchange.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.everest-exchange.net%252Ff37235dee030186%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.everest-exchange.net%2F&is_loaded_by_facade=true&locale=en_US&log_id=5cf6db30-968d-45a9-a607-11402a1395f4&page_id=104437935688061&request_time=1663774009584&sdk=joey&should_use_new_domain=false&suppress_http_code=1
IP 157.240.200.35:0
GET /plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c93b72a08c92%26domain%3Dwww.everest-exchange.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.everest-exchange.net%252Ff37235dee030186%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.everest-exchange.net%2F&is_loaded_by_facade=true&locale=en_US&log_id=5cf6db30-968d-45a9-a607-11402a1395f4&page_id=104437935688061&request_time=1663774009584&sdk=joey&should_use_new_domain=false&suppress_http_code=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Hp29+xFgXFNjcubD3tDT5nw4u2zhN2qwCDGKSrrps+dxa9gZI8Jz4ZD90GhlfU+C/ViUgbCsOrz6Wff/F317Ug==
date: Wed, 21 Sep 2022 15:26:49 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c93b72a08c92%26domain%3Dwww.everest-exchange.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.everest-exchange.net%252Ff37235dee030186%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.everest-exchange.net%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=5cf6db30-968d-45a9-a607-11402a1395f4&page_id=104437935688061&request_time=1663774009584&sdk=joey&should_use_new_domain=false&suppress_http_code=1
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c93b72a08c92%26domain%3Dwww.everest-exchange.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.everest-exchange.net%252Ff37235dee030186%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.everest-exchange.net%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=5cf6db30-968d-45a9-a607-11402a1395f4&page_id=104437935688061&request_time=1663774009584&sdk=joey&should_use_new_domain=false&suppress_http_code=1
IP 157.240.200.35:0
GET /plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c93b72a08c92%26domain%3Dwww.everest-exchange.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.everest-exchange.net%252Ff37235dee030186%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fwww.everest-exchange.net%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=5cf6db30-968d-45a9-a607-11402a1395f4&page_id=104437935688061&request_time=1663774009584&sdk=joey&should_use_new_domain=false&suppress_http_code=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://www.everest-exchange.net
Connection: keep-alive
Referer: https://www.everest-exchange.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: FoqWIqYu2fCgm+zEE7PJziwUk/VbTmoRQ9lydUL+Huomdqv8XMilpHsWVxZyI2WzWX50d/BLIQIet3SyLeg45A==
date: Wed, 21 Sep 2022 15:26:49 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700,400italic,700italic
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700,400italic,700italic
IP 216.58.211.10:0
GET /css?family=Roboto+Condensed:400,300,700,400italic,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://everest-exchange.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 15:26:47 GMT
date: Wed, 21 Sep 2022 15:26:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2