privatecapitalhq.com/
301 Moved Permanently 162 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 21:16:51 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://privatecapitalhq.com/
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
X-HTTPS-Enforce: 1
X-Proxy-Cache-Info: DT:1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6792
Expires: Mon, 28 Nov 2022 23:10:03 GMT
Date: Mon, 28 Nov 2022 21:16:51 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6261
Cache-Control: max-age=140331
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:51 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:15:42 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5618
Expires: Mon, 28 Nov 2022 22:50:29 GMT
Date: Mon, 28 Nov 2022 21:16:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 20:17:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3542
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7FRiqsKDMVHZYj5ujQE57nyVNW1flda4znfuA78j4BK25lGKRVQ+madtfNpqQFPoUcIZDy8ca2wR7jcc0zah7Q==
x-amz-request-id: MKBR7BJVVENXRE5K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 20:45:10 GMT
age: 1901
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 21:11:12 GMT
cache-control: public,max-age=3600
age: 340
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
privatecapitalhq.com/
200 OK 15 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 73816b9faccf2e795ad37e84d0ede4f1
9b0678d92b456f3e28eaa6a27c084fc050a8ed36
57fda3c4330b8056502cc997e774c482e78d44f8af458eb47aa534296f76c7c1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
sg-f-cache: HIT
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1314
Cache-Control: max-age=171008
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 20:47:00 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2264105
expires: Sat, 18 Nov 2023 21:16:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lJNc1KdoOTS2Hn%2BVd%2FxSir6RHLfFLllJ4Rg%2BkP%2Fyz5mcxWSMe4NNe75ylZBg8vWcDELkj6LhSMmgN2uP8GtylOIOwzpCWeKucZmF06jK7DZ163vQR2UWOYLnwWhROr7fqzUsQDA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716208c6885b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 4332638cc29f7de55b59edd73e64ee4e
01887a9487e257e47dc90506accdd3273bac18c6
0acd787d6986a1a2a4194fcc5c5b9b29a5b53725123ff64371870083849b9abc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162826
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Etag: "6384fe4e-118"
Expires: Wed, 30 Nov 2022 18:30:38 GMT
Last-Modified: Mon, 28 Nov 2022 18:30:38 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1314
Cache-Control: max-age=171008
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 20:47:00 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-125653204-5
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-125653204-5
IP
File type ASCII text, with very long lines (1921)
Hash 81269d42e96041503a9e98e143164061
29b0eea5d910042f5fe07c11df4697a1bb8292ee
db3343d07187372ee11404093095c61779d956e8257e6e1aaa652a3a64de89c1
GET /gtag/js?id=UA-125653204-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 21:16:52 GMT
expires: Mon, 28 Nov 2022 21:16:52 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Jg/J6Lu45hpP9qQ3hLasVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a1t5l8IIyzow1fq8q/pnANumjfo=
ocsp.digicert.com/
200 OK 280 B IP
Hash 4332638cc29f7de55b59edd73e64ee4e
01887a9487e257e47dc90506accdd3273bac18c6
0acd787d6986a1a2a4194fcc5c5b9b29a5b53725123ff64371870083849b9abc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162826
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:52 GMT
Etag: "6384fe4e-118"
Expires: Wed, 30 Nov 2022 18:30:38 GMT
Last-Modified: Mon, 28 Nov 2022 18:30:38 GMT
Server: nginx
Content-Length: 280
privatecapitalhq.com/wp-content/uploads/2019/10/Private-Capital-HQ-regular.png
200 OK 22 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/10/Private-Capital-HQ-regular.png
IP
File type PNG image data, 1500 x 800, 8-bit/color RGBA, non-interlaced\012- data
Hash a861fdec443fe1d75673d2effa64707f
1ebf696dcd44cc2e27c07d31fe6f1c02f363eff3
b13c97cfb9029243f0f74d33117c2f3a5f5c23e5383c7711c74e22d41e7d3678
GET /wp-content/uploads/2019/10/Private-Capital-HQ-regular.png HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/png
content-length: 21710
last-modified: Wed, 09 Oct 2019 15:48:29 GMT
etag: "5d9e014d-54ce"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/02/login@2x.png
200 OK 11 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/02/login@2x.png
IP
File type PNG image data, 297 x 227, 8-bit/color RGBA, non-interlaced\012- data
Hash 8558ad5e3323800dbd8005aeb2655aa2
565fac35b740f34032a292ccc270528aa46b1144
5c011eb7a674e419bf0399a7a2866f2ef4ff97b5757c62b0dac633ec2b6f5391
GET /wp-content/uploads/2019/02/login@2x.png HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/png
content-length: 10888
last-modified: Sat, 05 Oct 2019 13:44:22 GMT
etag: "5d989e36-2a88"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/02/Group-208@2x-300x254.png
200 OK 41 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/02/Group-208@2x-300x254.png
IP
File type PNG image data, 300 x 254, 8-bit/color RGBA, non-interlaced\012- data
Hash a11b11fc228fb88aa53d6d18429ad6fb
23f6c72ed54af83a7f95cd25d3df34ad1c7b9499
35b9920e6ff45eb4539198f0534073fafd38edece9381fcaf6e5e023638cc28d
GET /wp-content/uploads/2019/02/Group-208@2x-300x254.png HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/png
content-length: 40857
last-modified: Sat, 05 Oct 2019 13:44:21 GMT
etag: "5d989e35-9f99"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/02/negotiation@2x.png
200 OK 14 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/02/negotiation@2x.png
IP
File type PNG image data, 267 x 268, 8-bit/color RGBA, non-interlaced\012- data
Hash d49a889c10360bf85f02bb6c13dd1178
b92805907d2eafcd257d32a2a2ea1ff9e0828f91
7cafc816cbe53838d49d2dcf0bc3ed6c84712fa67caff5a1d9b8390d33bf1d9e
GET /wp-content/uploads/2019/02/negotiation@2x.png HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/png
content-length: 14090
last-modified: Sat, 05 Oct 2019 13:44:18 GMT
etag: "5d989e32-370a"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/multifamily-1-300x200-300x200.jpg
200 OK 19 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/multifamily-1-300x200-300x200.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x200, components 3\012- data
Hash f73ccac05a14fd1ededf1f97837dfc2b
8615a4b89c6730364f4e2da18a17d42f223b12eb
426920111637f88efe24825d74fb6886dfdecf601b69fbc2052729baf21e2c6a
GET /wp-content/uploads/2019/11/multifamily-1-300x200-300x200.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 18780
last-modified: Mon, 11 Nov 2019 16:54:58 GMT
etag: "5dc99262-495c"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/office.jpg
200 OK 21 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/office.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 716d2f4eb354eff9021a0762f831df45
36009b972d7fb12e2e78bc2f008f0f2df0b15811
9cc11fdc0329ed96d748c1a8cd37cb0e6cf6382c357dbfddad446e5a655726b2
GET /wp-content/uploads/2019/11/office.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 21150
last-modified: Mon, 11 Nov 2019 16:54:59 GMT
etag: "5dc99263-529e"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/retail-300x186-300x186.jpg
200 OK 12 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/retail-300x186-300x186.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x186, components 3\012- data
Hash 341f63c22b1eee2e3cb46e9eb7c512a7
b3d65d09e95e457f2f5d56f2795d1e49a85ddb9e
82bc4e2cafd779a95ee73bbcae5e58e9e5ac1b5041e5df73fc26888b6384fb8f
GET /wp-content/uploads/2019/11/retail-300x186-300x186.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 12136
last-modified: Mon, 11 Nov 2019 16:55:03 GMT
etag: "5dc99267-2f68"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/postoffice.jpg
200 OK 15 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/postoffice.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash a2b4a31b28fa3833fe831d4aabd4ee0d
933b2c418b150ffffe43e472d0c45f88d230b7a2
7919e874aa0882f4a368e177ca1cbe6a0ee320deb6de5447c864f8c11f3b316e
GET /wp-content/uploads/2019/11/postoffice.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 14755
last-modified: Mon, 11 Nov 2019 16:55:02 GMT
etag: "5dc99266-39a3"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/retirement-home-300x199-300x199.jpg
200 OK 18 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/retirement-home-300x199-300x199.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x199, components 3\012- data
Hash 4633de17307cbcfbde270a183483d34b
f01b53366494363d0c8f5b72237ad0931c5c9927
da2355b05c982e3e91ea712aeaaec4290041c1efc4d06f8545c55b544d70ae82
GET /wp-content/uploads/2019/11/retirement-home-300x199-300x199.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 18087
last-modified: Mon, 11 Nov 2019 16:55:04 GMT
etag: "5dc99268-46a7"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/agriculture-bright-clouds-440731-300x300.jpg
200 OK 14 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/agriculture-bright-clouds-440731-300x300.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 19f2a73fa0aa99ce35ea057fea181880
8ffb9be8d21e0f43b13f40a0ad15b2beae68c489
647bcc665b57c8f269c48344edb2465d2c45593517b92d330a9374c54fffb70b
GET /wp-content/uploads/2019/11/agriculture-bright-clouds-440731-300x300.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 14076
last-modified: Mon, 11 Nov 2019 16:54:54 GMT
etag: "5dc9925e-36fc"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/Emergency2-300x211-300x211.jpg
200 OK 16 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/Emergency2-300x211-300x211.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x211, components 3\012- data
Hash 0c19d64d71ab85f1a7b5b9a80992a28a
a6c2ef3a0673cf9eb717922eaa423846c873a6cf
26cc254234efd62c81f611f12a7792a0620ad429f1b7230df5c05a5571662228
GET /wp-content/uploads/2019/11/Emergency2-300x211-300x211.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 16374
last-modified: Mon, 11 Nov 2019 16:54:55 GMT
etag: "5dc9925f-3ff6"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/student-housing.jpg
200 OK 20 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/student-housing.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 44730de267148da09d6d45d675cc03e8
7a5ddf6d2d2dc8c7c2c7b4cb344a278b71d22514
49b177379d0aa307fa2ee958316b7602ff5921b65bea67c3c9f5a668dd79a5ba
GET /wp-content/uploads/2019/11/student-housing.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 20402
last-modified: Mon, 11 Nov 2019 16:55:06 GMT
etag: "5dc9926a-4fb2"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/oilgas-300x225-300x225.jpg
200 OK 11 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/oilgas-300x225-300x225.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x225, components 3\012- data
Hash e14bd03d3fd708fee4c013dad1df9f3f
234d0f1a411cdcfce39d85733d2e422a552208b5
9428eb42abb445cb6c4f76926f7f7c64a427680a2dc06684d1bd936e6654ed47
GET /wp-content/uploads/2019/11/oilgas-300x225-300x225.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 11327
last-modified: Mon, 11 Nov 2019 16:55:00 GMT
etag: "5dc99264-2c3f"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/hospitality-300x200-300x200.jpg
200 OK 16 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/hospitality-300x200-300x200.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x200, components 3\012- data
Hash d100d82a048b223aad1cdb60bc7b3dd0
ce7f775c82b59cc4c1b259700f66993b16c84c4a
2bcd0fc1525baf126f415dce2ca44aa0d8597f9e48ccc2c6015ffe6b8e245415
GET /wp-content/uploads/2019/11/hospitality-300x200-300x200.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 16084
last-modified: Mon, 11 Nov 2019 16:54:56 GMT
etag: "5dc99260-3ed4"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/self-storage-300x208-300x208.jpg
200 OK 17 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/self-storage-300x208-300x208.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x208, components 3\012- data
Hash 79e4e4c1e962aa74c3f6ebb27d107382
2ff76329829e904215ac52b7a24a6aecfe9ee3b1
81195f245c874aa6a43eb6e0543cd5ffb32695198abfa4382f5d3dda051ce0c4
GET /wp-content/uploads/2019/11/self-storage-300x208-300x208.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/jpeg
content-length: 17192
last-modified: Mon, 11 Nov 2019 16:55:05 GMT
etag: "5dc99269-4328"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2019/11/OZ-650x409-300x189-300x189.png
200 OK 66 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/11/OZ-650x409-300x189-300x189.png
IP
File type PNG image data, 300 x 189, 8-bit/color RGBA, non-interlaced\012- data
Hash 88a82db9dafa2bb5e6cd5daaf8d5c948
b8c8630fa0d03e8541f16d985ebaea7cf5a4d4ab
21a233cd7144b454dbc367416b717172a330796d60612da8b86303bd2c3ba1f7
GET /wp-content/uploads/2019/11/OZ-650x409-300x189-300x189.png HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: image/png
content-length: 66509
last-modified: Mon, 11 Nov 2019 16:55:01 GMT
etag: "5dc99265-103cd"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Hash 312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://privatecapitalhq.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:28:35 GMT
expires: Thu, 23 Nov 2023 18:28:35 GMT
cache-control: public, max-age=31536000
age: 442098
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/themes/llorix-one-lite/images/background-images/background.jpg
200 OK 300 kB URL HTTP/2 privatecapitalhq.com/wp-content/themes/llorix-one-lite/images/background-images/background.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size 300 kB (299939 bytes)
Hash 5d741eb13ef3871f11473dabbdd3c01c
893227514c973415df9d47d43623d30be86f09c0
640a14995bb4ee10a776c36ab7b38639b907a4baa29c52d1baf740f1aab623bc
GET /wp-content/themes/llorix-one-lite/images/background-images/background.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:53 GMT
content-type: image/jpeg
content-length: 299939
last-modified: Sat, 05 Oct 2019 13:45:19 GMT
etag: "5d989e6f-493a3"
expires: Tue, 28 Nov 2023 21:16:53 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 4332638cc29f7de55b59edd73e64ee4e
01887a9487e257e47dc90506accdd3273bac18c6
0acd787d6986a1a2a4194fcc5c5b9b29a5b53725123ff64371870083849b9abc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=162826
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:53 GMT
Etag: "6384fe4e-118"
Expires: Wed, 30 Nov 2022 18:30:39 GMT
Last-Modified: Mon, 28 Nov 2022 18:30:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
privatecapitalhq.com/wp-content/uploads/2019/02/Group-204.jpg
200 OK 928 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2019/02/Group-204.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x894, components 3\012- data
Size 928 kB (927773 bytes)
Hash d337ba215942f315202306fd7243b067
8a6e20f9f327273202b97fef4e375a8a2f32d849
f0a9840e4c9f6fd283295e516ae73dbaf5c283493a3b80a67859148b8f7ae4b3
GET /wp-content/uploads/2019/02/Group-204.jpg HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:53 GMT
content-type: image/jpeg
content-length: 927773
last-modified: Sat, 05 Oct 2019 13:44:21 GMT
etag: "5d989e35-e281d"
expires: Tue, 28 Nov 2023 21:16:53 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/font/fontawesome-webfont.woff?v=4.2.0
200 OK 98 kB URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/font/fontawesome-webfont.woff?v=4.2.0
IP
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
GET /wp-content/plugins/ultimate-member/assets/font/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-d85a724e6658ddd812aed3fb50c790f2.css
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:53 GMT
content-type: font/woff
content-length: 98024
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
etag: "6363bc4e-17ee8"
expires: Tue, 28 Nov 2023 21:16:53 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 32519b35be12017c7578fe9594e16fc2
055b05875e3e556f179fba9e2fbb1503243ce305
9a81de8959af831ae550e9743ce04e39691f75c39517e6d770a22bd4bc85bd4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6388
Cache-Control: max-age=126420
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:53 GMT
Etag: "63845725-118"
Expires: Wed, 30 Nov 2022 08:23:53 GMT
Last-Modified: Mon, 28 Nov 2022 06:37:25 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 279 B IP
Hash 55f160b71d652b237d69bd91d47128b7
23bc29a4771ad185e6f8c6731d35fb9ba8d3f56d
8419d723ac0b61872a8694039b95452bfc71d178b9d4e6c0c9d63d1fc3feb211
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2404
Cache-Control: max-age=108745
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:53 GMT
Etag: "638421aa-117"
Expires: Wed, 30 Nov 2022 03:29:18 GMT
Last-Modified: Mon, 28 Nov 2022 02:49:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.1
200 OK 49 kB URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.1
IP
File type ASCII text, with very long lines (14585), with no line terminators
Hash 1c105083e50e391fd0968ae3e5bbbe45
bdd6467743cee7295d5458999023931bb067719c
b6f69225b179c9d27390265f3511ad10effb2404a883744b7309812575d5c880
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-38f9"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3149ca3cc0472f9e70a50f64df37aed0
7cbe65b3a2ad57d103cd74d47a7a698ba86e98ed
c4abbc73b061828479e8404855c8c7419d0946d8d06c3236e11963f735468e60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 104
Cache-Control: max-age=88767
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:53 GMT
Etag: "6383dc9c-117"
Expires: Tue, 29 Nov 2022 21:56:20 GMT
Last-Modified: Sun, 27 Nov 2022 21:54:36 GMT
Server: ECS (amb/6BB2)
X-Cache: HIT
Content-Length: 279
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_datetime.min.js?ver=2.5.1
200 OK 3.8 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_datetime.min.js?ver=2.5.1
IP
File type ASCII text, with very long lines (8449), with CRLF line terminators
Hash 77b8db8ff7ff76f488a07445abc8caf5
2f0867167f057e913830a4b8d53a4277ad340662
77de9cf82b8d881106b5914efdb9c40288f2679f4b8d4997ed5f68eda5f82447
GET /wp-content/uploads/siteground-optimizer-assets/um_datetime.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-2191"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_fileupload.min.js?ver=2.5.1
200 OK 3.6 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_fileupload.min.js?ver=2.5.1
IP
File type ASCII text, with very long lines (9149), with CRLF line terminators
Hash fe4ab90578680e663623f15b115dbb1f
d2965cfb101d72fa191e54c4d6cabde86833cf8f
b60a933754984180e49fb3cf9b04d3148ad43302818040638ab66bf2f3532a54
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/siteground-optimizer-assets/um_fileupload.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-2467"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3674
Expires: Mon, 28 Nov 2022 22:18:07 GMT
Date: Mon, 28 Nov 2022 21:16:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3674
Expires: Mon, 28 Nov 2022 22:18:07 GMT
Date: Mon, 28 Nov 2022 21:16:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3674
Expires: Mon, 28 Nov 2022 22:18:07 GMT
Date: Mon, 28 Nov 2022 21:16:53 GMT
Connection: keep-alive
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.1
200 OK 14 kB URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.1
IP
File type ASCII text, with very long lines (17031), with no line terminators
Hash e8bb550fbce25b3184cd60f661a8c433
7e7454425ba6c832768c1eff0ea093f5a88f202d
0ab633ba49e73945b6ac05b77d3a575c81bcf08a0df7b30a2be09e5c743bee5e
GET /wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-4287"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.1
200 OK 11 kB URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.1
IP
File type ASCII text, with very long lines (5277), with no line terminators
Hash 66fd2c69a19fd317a8e9d9aa984e5636
b055ae2f1c2b28096c19222c50759d44b3a53ef3
50ac248903026d780e99d0ae244fe1c2f9a349e83cbc8b514a70ec0636d4b4c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-149d"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13
200 OK 27 kB URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13
IP
File type Unicode text, UTF-8 text, with very long lines (64130), with CRLF line terminators
Hash 1e58520527aebc48084d26c8b8fa76cd
20c2e2472c9e61bc4b3d396352acf95839331bca
58484572576c5aacc63ebe41b33a53bc0ecffdf8809c7ddae1b9c31beffa3af8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-1356d"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/wp-util.min.js?ver=6.1.1
200 OK 10 kB URL HTTP/2 privatecapitalhq.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (1391)
Hash 80432450ad5311c3512f0a9f364ea5bd
23a2f52592d518fe320e2c35880c62d20e407449
d7865f40bbf7a7aafb46be528f3babfeb5b3a96671d7cb634ef0b04e19a29a17
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:00:39 GMT
vary: Accept-Encoding
etag: W/"6363bb77-592"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_datetime_date.min.js?ver=2.5.1
200 OK 14 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_datetime_date.min.js?ver=2.5.1
IP
File type ASCII text, with very long lines (12750), with CRLF line terminators
Hash bb2a0de8ad0ec6626592bfbf8a30f540
b18c449225712bf694d83c0ccf59bfd435ed33fc
f0e305729a5a7bb067780774d73cf0a11d177ec7b363be731a0c41bf6ca3ae28
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/siteground-optimizer-assets/um_datetime_date.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-322c"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
200 OK 10 kB URL HTTP/2 privatecapitalhq.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (2946)
Hash 5501383a0b0a12829cca2d37292e161b
f3e31330f670142697e1471822c41c64ed38530c
46114ee716ba55a0790ebdc1b589689f1a79651d81a5d6d6b61cf2faf5047c95
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:05 GMT
vary: Accept-Encoding
etag: W/"62ab97b9-ba5"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 7baa9e2e95ee37decc2e14c4fd6e1b31
c3972e12274854b0a788922f74abefdb2abf5968
3acf6d8c68f8093faac9dae26c2ef1f10f2be0af6202c695764e07106c77a453
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6245
Cache-Control: max-age=166601
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:54 GMT
Etag: "6384f4aa-116"
Expires: Wed, 30 Nov 2022 19:33:35 GMT
Last-Modified: Mon, 28 Nov 2022 17:49:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 279 B IP
Hash f9416fe997b2f47698dd2ca790df738e
ba03fd218f9f3e202b7f8d507e6d81996c13cc27
5125b4f691b7771d658347cf0ed0f37d477d1544ca164405fb62ee5946039256
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3166
Cache-Control: max-age=160941
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:54 GMT
Etag: "6384ea95-117"
Expires: Wed, 30 Nov 2022 17:59:15 GMT
Last-Modified: Mon, 28 Nov 2022 17:06:29 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
region1.google-analytics.com/g/collect?v=2&tid=G-MXWHK3SEJS>m=2oeb90&_p=1858711733&gdid=dZGIzZG.dZTNiMT&cid=1046355100.1669670213&ul=en-us&sr=1280x1024&_s=1&sid=1669670212&sct=1&seg=0&dl=https%3A%2F%2Fprivatecapitalhq.com%2F&dt=Home%20%7C%20Private%20Capital%20HQ&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-MXWHK3SEJS>m=2oeb90&_p=1858711733&gdid=dZGIzZG.dZTNiMT&cid=1046355100.1669670213&ul=en-us&sr=1280x1024&_s=1&sid=1669670212&sct=1&seg=0&dl=https%3A%2F%2Fprivatecapitalhq.com%2F&dt=Home%20%7C%20Private%20Capital%20HQ&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MXWHK3SEJS>m=2oeb90&_p=1858711733&gdid=dZGIzZG.dZTNiMT&cid=1046355100.1669670213&ul=en-us&sr=1280x1024&_s=1&sid=1669670212&sct=1&seg=0&dl=https%3A%2F%2Fprivatecapitalhq.com%2F&dt=Home%20%7C%20Private%20Capital%20HQ&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://privatecapitalhq.com
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://privatecapitalhq.com
date: Mon, 28 Nov 2022 21:16:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.hscollectedforms.net/collectedforms.js
200 OK 25 kB URL HTTP/2 js.hscollectedforms.net/collectedforms.js
IP
File type Unicode text, UTF-8 text, with very long lines (65392), with no line terminators
Hash 235c0d2342ed422f78c3e1b991b7b4f0
59d6ea36b5c30c3f6fa166764a50cecc2add4f33
3b9d09e23b0bae1fff9b20659e71a9fcbb4442964a4e8eaf071b16c45305872c
GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://privatecapitalhq.com
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:16:53 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Nov 2022 03:41:33 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: _5EZs_H26Fc6JgVRh7ahoi0orqifRkcW
etag: W/"59a69a76233d8365d7266548d5703c09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: QaPzIfkVBgjIJa30VTW2KHjIr07lohirwYxpteZTWHVpIp6dAHJKWg==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.311/bundles/project.js&cfRay=771620938e6cb4ff-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.311/bundles/project.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: MISS
server: cloudflare
cf-ray: 771620938e6cb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f9416fe997b2f47698dd2ca790df738e
ba03fd218f9f3e202b7f8d507e6d81996c13cc27
5125b4f691b7771d658347cf0ed0f37d477d1544ca164405fb62ee5946039256
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3166
Cache-Control: max-age=160941
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:54 GMT
Etag: "6384ea95-117"
Expires: Wed, 30 Nov 2022 17:59:15 GMT
Last-Modified: Mon, 28 Nov 2022 17:06:29 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 278 B IP
Hash f8987bbd0f2fcaa64444aaa0d3a009cb
3c87ecf1d938056dae854c1fb48955a0e6620adb
bcf59722c9a704a083fadd2c6b3a6b418404e1f67855b73be6e49b478d70f18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4541
Cache-Control: max-age=96475
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 21:16:54 GMT
Etag: "6383e964-116"
Expires: Wed, 30 Nov 2022 00:04:49 GMT
Last-Modified: Sun, 27 Nov 2022 22:49:08 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 20:41:08 GMT
expires: Mon, 28 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 2146
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2022/06/cropped-fav-2-192x192.png
200 OK 3.6 kB URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2022/06/cropped-fav-2-192x192.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash ac5c0a9c16c1576fe47854f298f475a1
6876743ea212f3f1d631b84ed80f7007cd94eeb4
5e083e006c40f8873d180b64210ea1176d3dfb11df2874ff60c32745e87ceab5
GET /wp-content/uploads/2022/06/cropped-fav-2-192x192.png HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Cookie: pys_session_limit=true; pys_start_session=true; _ga_MXWHK3SEJS=GS1.1.1669670212.1.0.1669670212.0.0.0; _ga=GA1.1.1046355100.1669670213; pys_first_visit=true; pysTrafficSource=direct; pys_landing_page=https://privatecapitalhq.com/; last_pysTrafficSource=direct; last_pys_landing_page=https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:54 GMT
content-type: image/png
content-length: 3563
last-modified: Tue, 21 Jun 2022 12:45:50 GMT
etag: "62b1bd7e-deb"
expires: Tue, 28 Nov 2023 21:16:54 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/2022/06/cropped-fav-2-32x32.png
200 OK 483 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/2022/06/cropped-fav-2-32x32.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c3fbb2482e7b646a6175f5b0367f218
2bb34d093c7481c6da837d9ba8ad155efa6f5d0e
8480aa5ad1d0455667de6c9e6a79a54ce5dca3df9b7fd1f7204ffb04850061cc
GET /wp-content/uploads/2022/06/cropped-fav-2-32x32.png HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Cookie: pys_session_limit=true; pys_start_session=true; _ga_MXWHK3SEJS=GS1.1.1669670212.1.0.1669670212.0.0.0; _ga=GA1.1.1046355100.1669670213; pys_first_visit=true; pysTrafficSource=direct; pys_landing_page=https://privatecapitalhq.com/; last_pysTrafficSource=direct; last_pys_landing_page=https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:54 GMT
content-type: image/png
content-length: 483
last-modified: Tue, 21 Jun 2022 12:45:50 GMT
etag: "62b1bd7e-1e3"
expires: Tue, 28 Nov 2023 21:16:54 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
200 OK 2.0 kB URL HTTP/2 privatecapitalhq.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
File type ASCII text, with very long lines (4875)
Hash 9fba17f7b78edacd5489770a2370f3a9
13072fc2745b563c2992087a1ecf4dcb2261c606
77d0d49709b69970b820e041f1a8c2daab6d6b4acd266701a0ba935197619328
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:04 GMT
vary: Accept-Encoding
etag: W/"62ab97b8-132e"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: K069fCBe9eCiMOub/FmIPqJjW4nB7BaWH+zPJRmIEhwBW4XRtvUtIIFPiYrSxQO8c7z7LvPcSDhY1dtT2ecDBg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 21:16:54 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
200 OK 1.1 kB URL HTTP/2 privatecapitalhq.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP
File type ASCII text, with very long lines (1626)
Hash c7234b433ce324b6a6d59cb4996c92af
06f55277f2d58ad3a59d7915117584eede1b0398
56805469a9678855fb78ed89a84bfd1e949a14217972e0c025156544b36385d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:05 GMT
vary: Accept-Encoding
etag: W/"62ab97b9-71b"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5829355
200 OK 20 kB URL HTTP/2 api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5829355
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a83b0f9e20f9dd0a6521a21e73ea89bc
c35ea2c024f075a130ba02414eea4a105f6c90f7
f0c0aaadb08134c098274a7aa85c2c3a2e981e802b006b90a8ab6ec5c34e2ddb
GET /hs-script-loader-public/v1/config/pixel/json?portalId=5829355 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://privatecapitalhq.com
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:16:54 GMT
content-type: application/json;charset=utf-8
cf-ray: 771620967a54b505-OSL
access-control-allow-origin: https://privatecapitalhq.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: 0c1a0559-c467-4481-97f4-e7aa4df1962f
x-trace: 2BE1A8710FB66CBF3D2FA9446DEB873FEA58E2F550000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkvIZw3dWluLds7eiW8VhOZMTLLwOf8IcxAlk85iJfZGYemxf9wducGdxr3QAorgAJovacSduCgvyqieaWnpJMTx8qFppheThI%2BzqGNru1TW7vrN%2Fydw0EiscI%2BRqDn0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
200 OK 24 kB URL HTTP/2 privatecapitalhq.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
Hash c360a0cb4f45c01040058c8f06b55972
78a69b5a84f3e7229b0bb71da928bbf0dd059c52
c29caedb51d1200117d9ed15f755d88842e2a62227517acf8a2aa9cc398987ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:00:39 GMT
vary: Accept-Encoding
etag: W/"6363bb77-27f6"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2702601343121572&ev=PageView&dl=https%3A%2F%2Fprivatecapitalhq.com%2F&rl=&if=false&ts=1669670214337&sw=1280&sh=1024&ud[external_id]=e9be7bafdec0c46dbd80635bbccb57c1&v=2.9.89&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1669670214334.567125441&it=1669670214160&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2702601343121572&ev=PageView&dl=https%3A%2F%2Fprivatecapitalhq.com%2F&rl=&if=false&ts=1669670214337&sw=1280&sh=1024&ud[external_id]=e9be7bafdec0c46dbd80635bbccb57c1&v=2.9.89&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1669670214334.567125441&it=1669670214160&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2702601343121572&ev=PageView&dl=https%3A%2F%2Fprivatecapitalhq.com%2F&rl=&if=false&ts=1669670214337&sw=1280&sh=1024&ud[external_id]=e9be7bafdec0c46dbd80635bbccb57c1&v=2.9.89&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1669670214334.567125441&it=1669670214160&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Nov 2022 21:16:55 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 84351
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:05 GMT
vary: Accept-Encoding
etag: W/"62ab97b9-2bd8"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:53 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:04 GMT
vary: Accept-Encoding
etag: W/"62ab97b8-48b9"
expires: Tue, 28 Nov 2023 21:16:53 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
sciactive.com/pnotify/dist/iife/PNotify.js
404 Not Found 0 B URL HTTP/2 sciactive.com/pnotify/dist/iife/PNotify.js
IP
GET /pnotify/dist/iife/PNotify.js HTTP/1.1
Host: sciactive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 28 Nov 2022 21:16:53 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=86400, must-revalidate
link: <https://sciactive.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1SRjMXcHxbiz8cuQ61iD4OsPDCIovuf2lVnkPEM4y6zhud73HdWSZPN%2FgWPO%2BR6DFyRGju1OSMKvIZUcliyly67RldDt18bkw1tigQespjNOcvwzSwLy7kytDCI7Ii3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716208ccf62b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/swv.min.js?ver=5.6.4
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/swv.min.js?ver=5.6.4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/siteground-optimizer-assets/swv.min.js?ver=5.6.4 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:03:39 GMT
vary: Accept-Encoding
etag: W/"6363bc2b-26a4"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-2604"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
sciactive.com/pnotify/dist/PNotifyBrightTheme.css
404 Not Found 0 B URL HTTP/2 sciactive.com/pnotify/dist/PNotifyBrightTheme.css
IP
GET /pnotify/dist/PNotifyBrightTheme.css HTTP/1.1
Host: sciactive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 28 Nov 2022 21:16:53 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000; includeSubDomains
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=86400, must-revalidate
link: <https://sciactive.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdInx7sE6lXaLXZnqBe99BfWcuVGxWKel6bi0BAxu82M%2B51MZmfHPcQnAxYn5V2AT312onHMVgwM1Eh6x7UbfGmSl0idm%2BkVq9uc2yR4N7QTzWYX04skXB3awJZ7by5a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716208e395db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:00:39 GMT
vary: Accept-Encoding
etag: W/"6363bb77-15e54"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
IP
GET /wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:07 GMT
vary: Accept-Encoding
etag: W/"6363bc47-6ad"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_datetime_time.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/um_datetime_time.min.js?ver=2.5.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/siteground-optimizer-assets/um_datetime_time.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-2394"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.1
IP
GET /wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-adb"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/underscore.min.js?ver=1.13.4
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:00:39 GMT
vary: Accept-Encoding
etag: W/"6363bb77-4991"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.1
IP
GET /wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-afc"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:05 GMT
vary: Accept-Encoding
etag: W/"62ab97b9-15fd"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=6.1.1
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=6.1.1
IP
GET /css?family=Cabin%3A400%2C600%7COpen+Sans%3A400%2C300%2C600&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 21:16:52 GMT
date: Mon, 28 Nov 2022 21:16:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-skip-link-focus-fix.min.js?ver=1.0.0
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-skip-link-focus-fix.min.js?ver=1.0.0
IP
GET /wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-skip-link-focus-fix.min.js?ver=1.0.0 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 10:45:06 GMT
vary: Accept-Encoding
etag: W/"61ed31b2-1e8"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-ad47"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-3908"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.1.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.1.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.1.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:07 GMT
vary: Accept-Encoding
etag: W/"6363bc47-525"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.1
IP
GET /wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-1a0"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:00:39 GMT
vary: Accept-Encoding
etag: W/"6363bb77-459f"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
IP
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 00:15:55 GMT
vary: Accept-Encoding
etag: W/"63742bbb-2e7a"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-110e"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/themes/llorix-one-lite/js/vendor/bootstrap.min.js?ver=3.3.7
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/themes/llorix-one-lite/js/vendor/bootstrap.min.js?ver=3.3.7
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/llorix-one-lite/js/vendor/bootstrap.min.js?ver=3.3.7 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 10:40:43 GMT
vary: Accept-Encoding
etag: W/"61ed30ab-90b5"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-custom-home.min.js?ver=1.0.0
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-custom-home.min.js?ver=1.0.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-custom-home.min.js?ver=1.0.0 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 10:45:02 GMT
vary: Accept-Encoding
etag: W/"61ed31ae-c55"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.1
IP
GET /wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-23ae"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.1
IP
GET /wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-3073"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js?ver=5.6.4
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js?ver=5.6.4
IP
GET /wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js?ver=5.6.4 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:03:39 GMT
vary: Accept-Encoding
etag: W/"6363bc2b-2f97"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/masonry.min.js?ver=4.2.2
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:05 GMT
vary: Accept-Encoding
etag: W/"62ab97b9-5e4a"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
js.hs-banner.com/5829355.js
200 OK 0 B URL HTTP/2 js.hs-banner.com/5829355.js
IP
GET /5829355.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:16:54 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: bhLeF33OUMOEKrYtXlnmrrrIhCQcTfwuqX1WoqxAkWKRsOqsiXRpn6xw7l+zPmrt0Edp9IlJcA0=
x-amz-request-id: FX7DR9EXPSZ3JA9E
last-modified: Tue, 25 Oct 2022 20:43:05 GMT
etag: W/"7b8de4a7c70ad3d18d5a6c6141de7c51"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: cNlj4qQ9GWczQzgMCy7c8suDUr7GbJnt
access-control-allow-origin: https://privatecapitalhq.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Mon, 28 Nov 2022 21:21:53 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 771620934ea20b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.1
IP
GET /wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:14 GMT
vary: Accept-Encoding
etag: W/"6363bc4e-dd"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
js.hs-scripts.com/5829355.js?integration=WordPress&ver=9.0.397
200 OK 0 B URL HTTP/2 js.hs-scripts.com/5829355.js?integration=WordPress&ver=9.0.397
IP
GET /5829355.js?integration=WordPress&ver=9.0.397 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B75B7A92A9E9CD9F29D61A86ABF659AB0C1DC565B000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 5bae7dbf-4050-409f-8ddd-51be50cab3c1
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://privatecapitalhq.com
last-modified: Mon, 28 Nov 2022 21:16:52 GMT
cf-cache-status: MISS
expires: Mon, 28 Nov 2022 21:17:52 GMT
server: cloudflare
cf-ray: 7716208c5b54b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-d85a724e6658ddd812aed3fb50c790f2.css
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-d85a724e6658ddd812aed3fb50c790f2.css
IP
GET /wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-d85a724e6658ddd812aed3fb50c790f2.css HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 00:15:35 GMT
vary: Accept-Encoding
etag: W/"63742ba7-f4e17"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-custom-all.min.js?ver=2.0.2
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-custom-all.min.js?ver=2.0.2
IP
GET /wp-content/uploads/siteground-optimizer-assets/llorix-one-lite-custom-all.min.js?ver=2.0.2 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 10:45:01 GMT
vary: Accept-Encoding
etag: W/"61ed31ad-3242"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=9.2.1
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=9.2.1
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=9.2.1 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 13:04:07 GMT
vary: Accept-Encoding
etag: W/"6363bc47-8a0a"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-content/themes/llorix-one-lite-child/images/loader-red.gif
404 Not Found 0 B URL HTTP/2 privatecapitalhq.com/wp-content/themes/llorix-one-lite-child/images/loader-red.gif
IP
GET /wp-content/themes/llorix-one-lite-child/images/loader-red.gif HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-d85a724e6658ddd812aed3fb50c790f2.css
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 28 Nov 2022 21:16:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
sg-f-cache: BYPASS
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-cache-enabled: True
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
link: <https://privatecapitalhq.com/wp-json/>; rel="https://api.w.org/"
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-encoding: br
X-Firefox-Spdy: h2
privatecapitalhq.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 0 B URL HTTP/2 privatecapitalhq.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: privatecapitalhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://privatecapitalhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 21:16:52 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 20:51:04 GMT
vary: Accept-Encoding
etag: W/"62ab97b8-194b"
expires: Tue, 28 Nov 2023 21:16:52 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
35.208.189.149
104.17.201.204
23.36.77.32
93.184.220.29
31.13.72.12