r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7153
Expires: Sat, 17 Dec 2022 16:53:06 GMT
Date: Sat, 17 Dec 2022 14:53:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10085
Expires: Sat, 17 Dec 2022 17:41:58 GMT
Date: Sat, 17 Dec 2022 14:53:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 14:45:21 GMT
content-type: application/json
age: 512
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3320
Expires: Sat, 17 Dec 2022 15:49:13 GMT
Date: Sat, 17 Dec 2022 14:53:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nZpLcLyS6bKsnxvQQnQv+RSY1L8jJlMwR8llUZs2xR2dQEcxUNuYKdiKROvxOr9HAST7kS1gpyY=
x-amz-request-id: 5ZX9FZNMS5217XE7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 14:53:42 GMT
age: 11
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
personal-finance.xyz/it-investing-l1/
172.67.203.132200 OK 2.9 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/
IP 172.67.203.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 28f3d357a0e225cac1f5b536b7d67470
cad61e955ac503b23088f72b2b098e2b3437d815
69219676d4f8ceafd5046d9de98992ef4076c68614bda7ff0773c853288068b1
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/ HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moOOkRCJ6OFC5m7Vi67akkUZ5q1XjzCJ7FfLaFhZBOfBteUEI%2BNny18fhLsa8JJHgslqDbIzX3RUeP9Rwt8%2BS79d1Cj%2BBCULHP3h4nxD0WyFUimO3yFK7Go61RyRqqE4C%2FRq9wsT%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07daaad490b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 14:53:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 46d5ddccf708d1e5c5c659a928a881ae
54cf5b01a1f9cd6fdd7e2f87085c8f7bb18aca09
aa7c526867f352860bb0bb8dae4f2663143a082c28701011a6cf08e48298ca8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1110
Cache-Control: max-age=145552
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 14:53:54 GMT
Etag: "639d693c-118"
Expires: Mon, 19 Dec 2022 07:19:46 GMT
Last-Modified: Sat, 17 Dec 2022 07:01:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 46d5ddccf708d1e5c5c659a928a881ae
54cf5b01a1f9cd6fdd7e2f87085c8f7bb18aca09
aa7c526867f352860bb0bb8dae4f2663143a082c28701011a6cf08e48298ca8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1081
Cache-Control: max-age=145523
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 14:53:54 GMT
Etag: "639d693c-118"
Expires: Mon, 19 Dec 2022 07:19:17 GMT
Last-Modified: Sat, 17 Dec 2022 07:01:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 46d5ddccf708d1e5c5c659a928a881ae
54cf5b01a1f9cd6fdd7e2f87085c8f7bb18aca09
aa7c526867f352860bb0bb8dae4f2663143a082c28701011a6cf08e48298ca8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1110
Cache-Control: max-age=145552
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 14:53:54 GMT
Etag: "639d693c-118"
Expires: Mon, 19 Dec 2022 07:19:46 GMT
Last-Modified: Sat, 17 Dec 2022 07:01:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 14:08:00 GMT
age: 2754
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
personal-finance.xyz/it-investing-l1/js/fv.js
172.67.203.132200 OK 1.9 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/fv.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (5053), with no line terminators
Hash d8ee9efbae037c2b6fe2a95eac9812b1
6c93c6d688b37c69bb68f5f8974dca00d6a47200
fd0f3dd1f599ba6cbaf304774ae42b034df48df8244fd482b70fc233691b4834
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/fv.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"13bd-gDoDg4ksadlKETjNTkzm5msSf5k"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ik5urlgTcTsjs8gXWzvkELPafjDuctb%2FiHIytG1KJNiqKRtXS9tT4bndDSxsH1Xh44XEoTqQSWzfVKLl4mfsmT8H6apdgv0Tf%2BlRkiZHE2iIsUMRoe0qPYPn%2BlxcYi64M1F5OZVZ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07dad8db70b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/js/fv_1.js
172.67.203.132200 OK 1.9 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/fv_1.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (5053), with no line terminators
Hash d8ee9efbae037c2b6fe2a95eac9812b1
6c93c6d688b37c69bb68f5f8974dca00d6a47200
fd0f3dd1f599ba6cbaf304774ae42b034df48df8244fd482b70fc233691b4834
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/fv_1.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"13bd-gDoDg4ksadlKETjNTkzm5msSf5k"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BwbqVZphs1OTTRpSu%2FaAqUJ1DJDm3sYySmHG37DqbpgAzRBzrvij3ZZXHPaKdqdFnAQkYe4yHYhm1WL%2B%2Ba9I3qJii599r8dS9A7GtgFnby4uXlsXr7uYtyU3IxJPGCW0OrJtBBlTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07dad8f910b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/css/css.css
172.67.203.132200 OK 1.6 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/css/css.css
IP 172.67.203.132:0
Hash 1aef5608fcf1ca60001e525be16e998b
c66b98ee89a1cc1e21c0069f1fd77d7d8a78450c
a7405c9e12fe6fe2aa1e8ce540d9fa32fdce89974cc5ee54c51cdafba41ff66e
GET /it-investing-l1/css/css.css HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"18dc-948laihe4Bhktq4jbNONosqrBK4"
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdY9OauWz11nOqWD1vK2q5Tyf02QhEJ7HIJTYz9K9TzBzt6e1RNCa%2BuuRSkbpdfv1qR4cXEpvo0wI7pkwiI7B5rv2dvO%2FmIuAdtTIipMT%2F1AuvZgDGq7iaDWGBXA846I8U%2Bw%2FQtNCA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07dad7f700b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/js/mobile-detect.min.js
172.67.203.132200 OK 16 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/mobile-detect.min.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (32731)
Hash 9dcd2e1239e3c21d45667fd11c852182
8b950dafe74e56ec3a4fd27383ea963715ac7998
0037fcb2829075778be1407183aa0a8c2f90a0c875cb3c43a1fa232cbcf282b9
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/mobile-detect.min.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"9624-5TKQ5jJ6p1niey96Hdig/kbgLbw"
Cache-Control: max-age=2678400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afj5CxymPYK9jJQwjIqEKPtlRcpEe%2BaHJEK6pvTss%2FcwnwnqZ3nmyYBbbPoNALDsPZ%2BsuR5%2B4OA%2BzVHGN1%2BtjNn%2FCcMItQu%2BPJIciGzSg7cXqi6MlqFgxcdZ5sMqUTr26Y1ZY8Q2wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07dad9c7d0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1858
Cache-Control: max-age=153835
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 14:53:54 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 09:37:49 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
personal-finance.xyz/it-investing-l1/js/firebase-app.js
172.67.203.132200 OK 3.9 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/firebase-app.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (11292)
Hash 40c6b848f571338176270525c6112413
2a5c03c82fdcb42aaf2e71095fd7f30113c258ac
aacdcf3c74cf139f1a7749f436c985ed8bc7d542f1d04e3688622169e7874073
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/firebase-app.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2c46-1Ytgp/mknM/sKijr7sig/LY8tLg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJ%2Bb8EmahWpNlEcGxSuIG3Yt%2BUL%2FgntAFf3ydFu4%2Fx6shyn8kt13dv3RuwHeGpZa4QQHL3Q4E2Hx4%2Bc0kFE120mFZ4lMnWrEITQ0v2pijIoJheLNsW31IGP22VnMYtr1vXo2EFaOLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07dafef950b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/js_1
172.67.203.132200 OK 92 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js_1
IP 172.67.203.132:0
File type ASCII text, with very long lines (1815)
Hash 02bcd5b7ffe151937956c004bd13affd
2d1281e406ff009436d12f2cd8e9c1ce7dba100d
56c933c57b82f1bde6c2b130e1969b6befe319c62774ed681effe311ce52c987
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js_1 HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: application/octet-stream
Content-Length: 92333
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"168ad-LRKB5Ab/AJQ20S8s2OnBzn26EA0"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGQLSuuhBwLJ3MyPMRGwGAbp4Ak4Pyl9cCVM9k1ldH88BzVef3cC1yZ7YLgchQjGwh%2BnCtUHHmNJHozqAipafv8%2BUVmGf5RbDUyIypcjHnj8rvp470tI%2BP%2FikBN7Ywu4U34OvfuBVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07dad7b5efab8-OSL
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/js/jquery-1.12.4.min.js
172.67.203.132200 OK 34 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/jquery-1.12.4.min.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (32077)
Hash bcf328167425e857c585773a83f0a9f1
5bf83602f9bb9607edba90a4564c8aa81e09c291
994b0b39c149e2a731357570951341f99d2f50cb1c7e1588e8ff30b665d4136e
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/jquery-1.12.4.min.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlVkcXWsz5C1vOKlOx31QM2WCeMues0u8trKtOcsr2P0%2F2RsDhU4LaAnNNnE4XyOYtmui27FUQkdpxRfdCBK2IwRBmlM1QJD2%2FtZUiYTPBCf35zSje7fmENr9WfPs%2BbGxEN%2BK4DWyA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07dad7b3eb50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/js/notificationscript.js
172.67.203.132200 OK 3.6 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/notificationscript.js
IP 172.67.203.132:0
Hash 1d554e53687ba6b503589d76147524cf
28ce5f3a48dd276e252e5ed347371680fe3bd399
d5497c032d6306ae14f28cd14895cade48c1b7fbc9cb50e10cb59d149bf0db8d
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/notificationscript.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2e95-rh709ZrZl0hvaKMqwCvJV9J2Fo8"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4C9YS4p%2BEeXu%2BaR%2FfxuRxxmKO16I45vbYMx3lsM993ZfHTn0%2BHZT8c8tLmi9IyOW%2BHZTKrDhskBKdqfIWcH8JBu6bcGwS2ta9KBYEnvlxPbk3z%2B0rOqdBL2%2Fbf8MYy8WcLsZFQIYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07db02eb00b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 14:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OwTcg8fWfYBEteo6S5HJuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nld5WyP+kaNwXz2llhIrZKUB7pE=
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3f973d265969f08d5cdd469638b607dd
d6b0ccb133b4386580bd6df420a6be5f343412a0
3897c9ba5147c56e5ad792a0b55bd61993b3ebedafac542af3b601310b9fc05d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 20:20:06 GMT
Expires: Wed, 21 Dec 2022 20:20:05 GMT
Etag: "d6b0ccb133b4386580bd6df420a6be5f343412a0"
Cache-Control: max-age=364569,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77b07db298230b3d-OSL
www.googletagmanager.com/gtm.js?id=GTM-5N66BVG
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5N66BVG
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 31dbfa6be56eca8e80e339de2e6f2d5a
b834703c02b360985895d111a6218d80634419d2
e3dee71ed6ca97a97901ee98c2abda07035d5d83ee2cc275fd19329b1a2bb4ac
GET /gtm.js?id=GTM-5N66BVG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 14:53:55 GMT
expires: Sat, 17 Dec 2022 14:53:55 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
personal-finance.xyz/it-investing-l1/js/firebase-messaging.js
172.67.203.132200 OK 8.7 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/firebase-messaging.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (32755)
Hash 53aecd5059f442225c986b71f8dacbee
1917c9cb6b2272996d3958f348ee12c7ff77f57b
0be2821ff9bc2c65833ee6ad6bb4429a68d68861f68cded5252632766c6cf729
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/firebase-messaging.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"8023-yqHR5NaDJ8IMYBtbm7bcNitNbfg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsBm%2BLjcZjK1mjFoxBRp3rwhmP%2BIyAQUluRxFah3l4ypQ7d0MCVjGvNgWGNhGFQnlxmm129S4lgU6kvCnp%2B9mxVuqR73%2BBHB9Ug69gD%2Fk841mf2S32C1O9N9ktu1FiDGrRz6ToGd%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07daff9530b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
propeller-tracking.com/vctx?t=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vctx?t=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Dec 2022 14:53:55 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 373275a0531c8699a239dfaa67a9bf21
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 14:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-H370YM1TES&l=dataLayer&cx=c
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-H370YM1TES&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (22462)
Hash c23fb4145be225abe5c71378a1162e50
52636218944383c5b52e340c5f6aed9988b3dcc5
62cc81692f6458529578a67fddebf78f643765b2ad36593931278dc4f1713fd0
GET /gtag/js?id=G-H370YM1TES&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 14:53:55 GMT
expires: Sat, 17 Dec 2022 14:53:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76845
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=NaN&bid=undefined&aid=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Dec 2022 14:53:55 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 49cf8e29161a1efcdde11a064a35148b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3f973d265969f08d5cdd469638b607dd
d6b0ccb133b4386580bd6df420a6be5f343412a0
3897c9ba5147c56e5ad792a0b55bd61993b3ebedafac542af3b601310b9fc05d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 20:20:06 GMT
Expires: Wed, 21 Dec 2022 20:20:05 GMT
Etag: "d6b0ccb133b4386580bd6df420a6be5f343412a0"
Cache-Control: max-age=364569,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77b07db299eeb51b-OSL
propeller-tracking.com/vctx?t=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vctx?t=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Dec 2022 14:53:55 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ef7994c033673764e5ced6f439c5dfd7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
personal-finance.xyz/it-investing-l1/js/firebase-database.js
172.67.203.132200 OK 48 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/js/firebase-database.js
IP 172.67.203.132:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c74c5bab6139d847c8e22f764e1335b8
ddc008c0f76f5c7540eb54474dc7e2358e9a74c1
f28b37b8a8e51a22e093da219e41a8ef2003b9296e6c70d1175b96d2d440ed5f
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/js/firebase-database.js HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2c503-/H1IiUmennR7XyvWp/sYzDB8GYg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl%2FUiSCO3MWMKAdRbdYnsQLYbIZqz6XIJrwUDMTATLs4iws8Wsp79r975%2BQkb%2BxBJoY6it8LML1SdpuOZ00Z%2FMnUyWmRGFBTrq5nnDm6t4oXFUHUTSHkm7aQQq8M6d%2BYXdcGHnXtcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07daff9c30b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbl?t=NaN&bid=undefined&aid=undefined
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=NaN&bid=undefined&aid=undefined HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Dec 2022 14:53:55 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 9087ab5ace56324c631b36d1088e6467
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
accentbiz.com/click.php?event9=0
3.93.65.61200 OK 20 B URL HTTP/1.1 accentbiz.com/click.php?event9=0
IP 3.93.65.61:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /click.php?event9=0 HTTP/1.1
Host: accentbiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
personal-finance.xyz/it-investing-l1/fonts/Panton-Regular.woff
172.67.203.132200 OK 49 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/fonts/Panton-Regular.woff
IP 172.67.203.132:0
File type Web Open Font Format, CFF, length 49432, version 1.0\012- data
Hash dca91eca87ab115fb72f55dc4b125c6e
524f1d59b702b31025b99d207fa0ea7b2525b353
f2e8b0103b5144c7290d582230ffda538b7fd3ab49285ad8671c477f14eed32c
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/fonts/Panton-Regular.woff HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/css/css.css
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: font/woff
Content-Length: 49432
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"c118-Uk8dWbcCsxAluZ0gf6DqeyUls1M"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtHAqq36tjPe9ZZhmx4jVi5IIdBhXvt9pmeUcV3ixreCCfpe%2F3tuzzlACZGzd7IAihK8WTh5vPsLm67W%2F8BEdO9ayMvId24TkJfsKfcbXyl9Kz2qcctcn3tPFd2dNiuEEYEpXsuI%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07db25803b50b-OSL
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/fonts/Panton-Bold.woff
172.67.203.132200 OK 50 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/fonts/Panton-Bold.woff
IP 172.67.203.132:0
File type Web Open Font Format, CFF, length 49800, version 1.0\012- data
Hash a8e2b55df192c0387e0e446c23e40bc4
a58689eef5c065214bdb0bed379f11cce335d928
59405b65139625cb3f9635418b25cd763472bbecf99b4908f11a824dfdabecab
Analyzer Verdict Alert fortinet Phishing
GET /it-investing-l1/fonts/Panton-Bold.woff HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/css/css.css
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: font/woff
Content-Length: 49800
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"c288-pYaJ7vXAZSFL2wvtN58RzOM12Sg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOzTdcEkSKVVFhzT75m7TlCPbM9ahAVtZDNUzJhdZR%2FdZFZ8D8Ca4zRZ8YNAM%2Bgz5Dps9vj8nxZuV2eQOGJHipWccHjVj2xtQs7mVx6MojQMslhJ%2BV9a%2Fs2UJY0GsaTXq%2BlAncnfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07db2690c0b4d-OSL
alt-svc: h2=":443"; ma=60
personal-finance.xyz/it-investing-l1/images/back-pool.jpg
172.67.203.132200 OK 344 kB URL HTTP/1.1 personal-finance.xyz/it-investing-l1/images/back-pool.jpg
IP 172.67.203.132:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x900, components 3\012- data
Size 344 kB (343683 bytes)
Hash 056ddcbcc1f74ef3de16a09037637703
beb930961c5cb9947bc27a418f5dbbd2150d89ef
e0360bb82092eeb528726681cd696b0b676e367970d1560c68c8c624703da7b0
GET /it-investing-l1/images/back-pool.jpg HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:53:55 GMT
Content-Type: image/jpeg
Content-Length: 343683
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"53e83-vrkwlhxcuZR7wnpBj1270hUNie8"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7d8h5JKJmVYSFHXD67PZvrAffE2Jr8Fak5xaNZmGYYPXz1bQd%2F7eVuTO3ZiFcLrB%2F%2BJiFvLzSRwEKW2XURNqyPnUZAzdL1DIy5sWMXUUwelPfeAF6be7rjoGGBiVzFapWHjs1zlWpg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07db25e96fab8-OSL
alt-svc: h2=":443"; ma=60
region1.google-analytics.com/g/collect?v=2&tid=G-H370YM1TES>m=2oebu0&_p=776733733&cid=1327724018.1671288832&ul=en-us&sr=1280x1024&_s=1&sid=1671288831&sct=1&seg=0&dl=http%3A%2F%2Fpersonal-finance.xyz%2Fit-investing-l1%2F&dt=Opportunit%C3%A0%20di%20investimento&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-H370YM1TES>m=2oebu0&_p=776733733&cid=1327724018.1671288832&ul=en-us&sr=1280x1024&_s=1&sid=1671288831&sct=1&seg=0&dl=http%3A%2F%2Fpersonal-finance.xyz%2Fit-investing-l1%2F&dt=Opportunit%C3%A0%20di%20investimento&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-H370YM1TES>m=2oebu0&_p=776733733&cid=1327724018.1671288832&ul=en-us&sr=1280x1024&_s=1&sid=1671288831&sct=1&seg=0&dl=http%3A%2F%2Fpersonal-finance.xyz%2Fit-investing-l1%2F&dt=Opportunit%C3%A0%20di%20investimento&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://personal-finance.xyz
date: Sat, 17 Dec 2022 14:53:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
personal-finance.xyz/favicon.ico
172.67.203.132404 Not Found 9 B URL HTTP/1.1 personal-finance.xyz/favicon.ico
IP 172.67.203.132:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /favicon.ico HTTP/1.1
Host: personal-finance.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://personal-finance.xyz/it-investing-l1/
Cookie: _ga_H370YM1TES=GS1.1.1671288831.1.0.1671288831.0.0.0; _ga=GA1.1.1327724018.1671288832
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 14:53:56 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 9
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u7aWi6qics8%2B1GN5eN9aFXOK4%2FCekjM243lQLaEoltice3sM2lUAH8fkKNBLsmNp7RHPKtFVj4LUXDiPFgbguBuuktcqMM%2Fj8iB69IFJssWPbBV3wQTVcnpLoX4zCqyq7cafMdNgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b07db76ccf0b4d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4432
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:53:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4432
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:53:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4432
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:53:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4432
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:53:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2j4CWBbvNniyBK3vdt4Hg7ROB-xjuzsvdGBmh2U1BGYGWwkT6JJ_g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:42:32 GMT
age: 61884
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b78709f-467b-4047-896c-309ff91c15a3.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b78709f-467b-4047-896c-309ff91c15a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09028c98b40519661edef458438205f9
0e05448c127660266cdcda59aa4ffeb0232b9451
f5587c8519f78b95108fb5246b14b8c5920f039f2789a73526a3543bad6de8e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b78709f-467b-4047-896c-309ff91c15a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6002
x-amzn-requestid: fb816096-b12a-4024-a7ab-0bc162022ba5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEHqYFCfoAMFR-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6397eca8-7b855af154aaf1464bf71418;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 03:08:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cpsW3BhW1a2_mUFtDlsNSKP7eTBxCT3-4bffoRl3FPVQINyO3Wkjdg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 07:03:16 GMT
age: 28240
etag: "0e05448c127660266cdcda59aa4ffeb0232b9451"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2361f592471c52524830ea99ab9f217
884fd2a1cfcef20f2e5e549a0853ec3b27be9968
8732e50c7734c8a787c1305a1edf977f5d6db02f0030a79908d18d39dcf70987
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8421
x-amzn-requestid: e5a0378b-4497-4c27-a99b-98f389364c12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-ERFG5tIAMFVLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639580d3-05d06f8f35895f7b54a2db48;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:03:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tTnwJbPn8AeXatEB8QQKmVWxx4Gmeieu8YGyIolsGJExiuQTLR47zg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 06:21:39 GMT
age: 30737
etag: "884fd2a1cfcef20f2e5e549a0853ec3b27be9968"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c3454ef9b4c0d31eecf53e44471cecb
f1182e860380b637388fa7f90c36e0a8c9edd657
c474493452d48121f0050efdd197231909d3c9de0fccbe07bf5706162b848624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7048
x-amzn-requestid: d2665a61-0c5f-429e-bd9c-f4c6aec4fe14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEvH6VIAMFd2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce551-65d1775b5f07d8bf10beae48;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zWO_LMG3fez0GBfCwXtYm9IPAN1LKsomAPVR8ApRb44i2UAf5tOHAw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:30 GMT
age: 62006
etag: "f1182e860380b637388fa7f90c36e0a8c9edd657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86be9c16e4a62785e7f3a0cc8a956143
6cac191c918ff47d3e66e327e8c8a9c0fec9a88b
81dfec15eb1dc19acae5071663b9deaa9fa11f00378e36871c5b31a548a0626b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8002
x-amzn-requestid: bcaeff23-947f-441a-8aea-1e0d54f2cc3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjD7GjdoAMFVIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54c-5fb0d9d76945c4f63d210806;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iWxLKwjIxP-hiy4A3yvosYlQAzRu0STuwy4K9LuqK77WphLXQH9m6A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 62017
etag: "6cac191c918ff47d3e66e327e8c8a9c0fec9a88b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a3a7ef8028514bc1687afffd5ab8748
c1258c5dc821250f9d2b80915d1fb3145e4f9f25
4fa357165b12c8bf9dcb1787c656e116ddfb741ca49738f124b949d120c39b65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: eef7bc24-2e2d-420f-8d5e-3cd86add3639
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKT24GhNIAMFjVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a6692-01d090e602c3e6575ce2988d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 00:13:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3qa81WYkbh9LsK_ESDpc_M4XRGYJBdDlYLT0KJzLCjF-hEIxd0LjJQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 03:45:47 GMT
age: 40089
etag: "c1258c5dc821250f9d2b80915d1fb3145e4f9f25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=3536
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=3536
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbri?t=NaN&bid=undefined&aid=undefined&tp=3536 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Dec 2022 14:53:57 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8d4cc43fb6b017468c6329b38e52168c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=3686
139.45.197.240204 No Content 0 B URL HTTP/2 propeller-tracking.com/vbri?t=NaN&bid=undefined&aid=undefined&tp=3686
IP 139.45.197.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbri?t=NaN&bid=undefined&aid=undefined&tp=3686 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Dec 2022 14:53:57 GMT
access-control-allow-origin: http://personal-finance.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4084de5d34e939e46dc7d0253b096169
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 406a837a79921b55b79cbefe97f28baa
852e6b2fbc7cf50ed1824491293036092ca928e5
310c2d8f56b08dbcc4a6373ec8b7d4c33e531540eb8b5c446609398ee9f3448a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9027
x-amzn-requestid: 810f640d-b3dd-42fd-8317-f701a2bdb551
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEjHRfoAMFRfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce550-666de65c79de87b06a985a83;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y34VDlEkPoUgYchKTvPk-88ObNqiDdQWc-9Z3tmuI0TUbSmhliD0iw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:29 GMT
age: 62013
etag: "852e6b2fbc7cf50ed1824491293036092ca928e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 14:53:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 14332581
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77b07daddd6eb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP 104.18.11.207:0
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 14:53:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-03-10 20:26:24
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 0d20bcca68eb2077d7d189b1643148ba
cdn-cache: HIT
cf-cache-status: HIT
age: 20599613
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77b07daded75b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ilmpush.club/getnotificationid?_=1671288831567
207.148.26.9200 OK 0 B URL HTTP/2 ilmpush.club/getnotificationid?_=1671288831567
IP 207.148.26.9:0
GET /getnotificationid?_=1671288831567 HTTP/1.1
Host: ilmpush.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://personal-finance.xyz
Connection: keep-alive
Referer: http://personal-finance.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx-rc
date: Sat, 17 Dec 2022 14:53:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: Content-Type, Authorization
set-cookie: XSRF-TOKEN=eyJpdiI6IlBSXC9UTGtvb28wQUh4bndUSHhXZXVBPT0iLCJ2YWx1ZSI6IlwvUmJcL1BkcFhGODREOUhnaUZ2VlZcLzJtUlwvZzlEMkFNVHVpcTNTUmtnVktDTWYrZnRiZzJSRUtzbHFyWlpIdElvWExKaTdsQzlKb1lXQkZRelhkZm9iQT09IiwibWFjIjoiODcxZWExODIzOGNkYTUzZTNhYTQ3YWUzOTVjZjY4OWNlZWE1ODNmODlhYWEzYTYzMWI1NDExMGMwMDFjYTNiOCJ9; expires=Sat, 17-Dec-2022 16:53:55 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6IksrWlNmTmNPUGc0RHkzc3NJYWNWRkE9PSIsInZhbHVlIjoiUStZeWdIZzFDT2gwNFdidnpPdmFPQ2JkdUc5YTdNbENid2c5TTlFTit3OXlsUUQ5N2szN0Q2ajd5RmpPWU1qQW5NMGNudE5yaEhnczNsek02WVg3WWc9PSIsIm1hYyI6IjMxNWFhZTYxNWY4NWYzY2EzYTI1ZjY3NWYzMDRmYzgwNDI0ODNlMWRiMWViZDg2M2Q1ZjMyNmY5MjUxZDIwOGUifQ%3D%3D; expires=Sat, 17-Dec-2022 16:53:55 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2