xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
192.185.117.118301 Moved Permanently 288 B URL HTTP/1.1 xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cc9db67629a5aa362235ec65d8ae4dc2
8d427090d6a3ddbee65b4aebe8cc304554823584
8ff498dc8616ea790d9ee6e9388b9628243655d9dfc6113d4272d51f31b72fec
Analyzer Verdict Alert fortinet Phishing
GET /full-download-edius-pro-6-5-cracked-version-key-and-better/ HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 10:13:19 GMT
Server: Apache
Location: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Content-Length: 288
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13119
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 10:13:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:19 GMT
Etag: "63888270-1d7"
Last-Modified: Fri, 02 Dec 2022 09:31:56 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10032
Expires: Fri, 02 Dec 2022 13:00:31 GMT
Date: Fri, 02 Dec 2022 10:13:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 09:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3309
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Sn5X/OBIz3ebCTTGdnbqQ5nvfZ0SApX/X+Wgehz/PCEtS3RAiIFf4Zp2be43AyybWT5Ysw/F5BQ=
x-amz-request-id: VD4SYWCX37Z2YQR8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 09:46:04 GMT
age: 1636
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c209ad2d408426b117aba2680f45588d
fe5a8a33298ac3ac8becb4485535ce0d060a59f0
d1da92978682bb9af5f962ba71c6aad5914c0b1532e6cd465c4facd4f69dd1da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1DA92978682BB9AF5F962BA71C6AAD5914C0B1532E6CD465C4FACD4F69DD1DA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Fri, 02 Dec 2022 16:12:50 GMT
Date: Fri, 02 Dec 2022 10:13:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 10:11:15 GMT
cache-control: public,max-age=3600
age: 125
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2475
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:20 GMT
Last-Modified: Fri, 02 Dec 2022 09:32:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fxkWh0uQR/vPsztQLvVqpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yaVpRHVmezmDdcmrGltBi+nYBJQ=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-6604786-9
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6604786-9
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 1ff0e73d5275e779a5e4f72f23a31ca8
a9605b224f8472b08d192a3cacc5f368cfee886f
3e5601e95a5a0e9ad3c459314d0e940579852ae49cef3e071f6c13a1d3e6e42d
GET /gtag/js?id=UA-6604786-9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 10:13:22 GMT
expires: Fri, 02 Dec 2022 10:13:22 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg?w=451&ssl=1
192.0.77.2200 OK 4.6 kB URL HTTP/2 i0.wp.com/xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg?w=451&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 451x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e495a00f48e5dc429fc96aea3a871781
72c64567427b9e91ed315838136326785335df31
03a743711874690a5fedce6297c025cf70d1de70228536f2bf1ff2829d321851
GET /xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg?w=451&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/webp
content-length: 4598
last-modified: Fri, 21 Oct 2022 11:18:53 GMT
expires: Sun, 20 Oct 2024 23:18:53 GMT
cache-control: public, max-age=63115200
link: <https://xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c731930b24f28ec1"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
192.185.117.118200 OK 3.2 kB URL HTTP/2 xtc-hair.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11256), with no line terminators
Hash 1054d0d53548e8bae51665b11acc6413
2eea6a05fe18db61fff58c431d34a86b3e0b7ade
cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 04:01:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3239
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
192.185.117.118200 OK 1.3 kB URL HTTP/2 xtc-hair.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4186), with no line terminators
Hash 91bab39b98d7e5c1632717b9ebe349e4
e639a447d06fc7827be5b5b35d603ff16b5f7bb1
47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Nov 2019 03:58:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1298
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
i0.wp.com/xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png?w=750
192.0.77.2200 OK 29 kB URL HTTP/2 i0.wp.com/xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png?w=750
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1ddae22ff1c78c4fae0baf9f172b7503
548c7a2bdb93e4a2993b7833acf3054e52d4c683
9a5478ba509c6d1ae2b4416354ca5db2344aae7a62cc38e82cc645b47bc8505e
GET /xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png?w=750 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/webp
content-length: 29174
last-modified: Fri, 21 Oct 2022 11:18:53 GMT
expires: Sun, 20 Oct 2024 23:18:53 GMT
cache-control: public, max-age=63115200
link: <http://xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png>; rel="canonical"
x-content-type-options: nosniff
etag: "90d9a2535e99cb54"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xtc-hair.com/wp-includes/css/classic-themes.min.css?ver=1
192.185.117.118200 OK 189 B URL HTTP/2 xtc-hair.com/wp-includes/css/classic-themes.min.css?ver=1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235
192.185.117.118200 OK 4.5 kB URL HTTP/2 xtc-hair.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14979), with no line terminators
Hash f2e41dbf24163bee8e916e6a9621a34e
c6ca67eb47140395068e7622385beaf9b061752f
a56fc9642f0c88d6268cf9fc731fb1ce6f9ce56134e28d3268eca9b19e445f83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 29 Jan 2022 23:45:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4548
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
192.185.117.118200 OK 2.5 kB URL HTTP/2 xtc-hair.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5092), with no line terminators
Hash 793aed4abaceb0925e60458c8c42d980
6371ef087dee13724484a6cca1feda59c061644e
b43746949f5740fbf14e40489cb2bdee809c5a9d0954a0cf0982a3b4e90467af
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Aug 2021 17:41:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2462
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0
142.250.74.132200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 894b5f35a84cce5a2ce0d33766c82e03
b195b5824ea3e2f1e0eaf599995415afdf3ed047
d27a6f25bd04565d2b8527ef74bc293e68b29c01f8a17b85781e86903731dd0d
GET /recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 02 Dec 2022 10:13:22 GMT
date: Fri, 02 Dec 2022 10:13:22 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 42012
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 45515
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 42796
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 33508
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:30:28 GMT
age: 74574
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 44726
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0
192.185.117.118200 OK 7.1 kB URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash 132393cbbd112512206aa3c468a210ee
7c0a904b30a100e744fa0dce8a5e47079810a4c3
fe7806c8283bc20c74e50713d63b477299130d05d9b0e2391ad5d307f5eb2292
GET /wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7119
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1
192.185.117.118200 OK 1.0 kB URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash dadc838792cbce3cf9aa041753aed2ef
53d30467a3bffe9d0aad046a72cb33a663304b9a
ce677d1e8b1ddee194459c599dbc87aa43d198ec802f37ed90f0c82d46503f64
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1047
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
192.185.117.118409 Conflict 83 B URL HTTP/2 xtc-hair.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
192.185.117.118200 OK 1.8 kB URL HTTP/2 xtc-hair.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7989), with no line terminators
Hash 651b107c868611eaf140b8d2efedcf0d
afd2e4f4017cdba568ae9879280fb023cb286188
6d9d93708ba83fc0c491ace3c24846e2148c3feadb47884953094a21a5314b5b
GET /wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Apr 2020 14:24:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1753
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
192.185.117.118200 OK 5.3 kB URL HTTP/2 xtc-hair.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 May 2022 15:03:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1
192.185.117.118200 OK 3.8 kB URL HTTP/2 xtc-hair.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1571)
Hash f2694bc14d8b63a7d406f4400b74cca4
eb87c041943667f69b6dc73b1ca12370fff38fb0
28baa20440db143848726898dac1510692b768c9086b97f637cde74db6e96a2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3848
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xtc-hair.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
192.185.117.118200 OK 369 B URL HTTP/2 xtc-hair.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (685), with no line terminators
Hash accd80b294f42169b1e447e68bacfffe
40847092d82d78897a8219b270b22838fcc0bb95
35e8294d38f054cd6fbcdef72076443685888546d93b41a596e981a5e9a61552
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 369
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
192.185.117.118409 Conflict 83 B URL HTTP/2 xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.117.118200 OK 4.6 kB URL HTTP/2 xtc-hair.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 04:01:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1
192.185.117.118200 OK 425 B URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 62c10ae379acf345832166577cf721a4
a9d99c17fbe36ee8ed057b181b8a885d2bb88556
8cd627febaae9f8dbdfaca4cb5ed2c298e3d0d6513b3f45478af7bd91fde691b
GET /wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 425
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1
192.185.117.118200 OK 536 B URL HTTP/2 xtc-hair.com/wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6f60958d7fc961a2f5e744a081f8a8ac
bb558da62a47b135476a5eb4ee66745d8cd12d7a
4be5234257b239c5e32fd6b5ccebde0b7c6b3af12d732778b090ab0f07bb079d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Aug 2017 14:19:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 536
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
192.185.117.118409 Conflict 83 B URL HTTP/2 xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js
192.185.117.118200 OK 363 B URL HTTP/2 xtc-hair.com/wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with very long lines (521)
Hash 500545bf22f6760751dcd932bc1ba078
95ff2a360643bb23024055cbb3fac63512dfab45
d1ed998bdee807eacffc3f3313369cbf9033c79ff80e61181caa1c5818c4cfcc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 04 Sep 2019 13:31:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 363
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js
192.185.117.118200 OK 214 B URL HTTP/2 xtc-hair.com/wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text
Hash d472cbacb37c016041b58772d54ad559
63e1c1aa09aef1189ac568497f4d8b762b3f22b7
ae454e133e079135e984107978953414c24f4a4cee42639af40d60535582b116
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 04 Sep 2019 13:31:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 214
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
192.185.117.118409 Conflict 83 B URL HTTP/2 xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
192.185.117.118200 OK 1.5 kB URL HTTP/2 xtc-hair.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2946)
Hash 92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 May 2022 15:03:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1477
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/js/navigation.js?ver=6.1.1
192.185.117.118200 OK 3.2 kB URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/js/navigation.js?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6e2649475b40aaa23c7933cd4864d49c
b58b3cdfdc538d9199cda602c2cd0ff922ebd3a3
9875d2e52f93962fe242e2f5984210a87304988d3a78b8b10118843d28c6ab7d
GET /wp-content/themes/spacious/js/navigation.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3152
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
192.185.117.118200 OK 2.7 kB URL HTTP/2 xtc-hair.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 May 2022 15:03:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981
192.185.117.118200 OK 3.8 kB URL HTTP/2 xtc-hair.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 66b85ee07e712680856a30dbbffd6851
1b7f567df71b51b648eac224f3782aed0f2eb740
ff6d4e7e045697210f93d5d8f201ac69ddf676e0d4e1fd60e6e778cb4931f9f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 14:33:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3830
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.185.117.118200 OK 7.6 kB URL HTTP/2 xtc-hair.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7621
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff
192.185.117.118200 OK 37 kB URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 36784, version 1.104\012- data
Hash a9d8f02506c0ea8b1b0ea76ccc485651
94372d3d5222e5601b8a801ba81df80e5c66a7fe
9f8224817f8e13b4047734e58a7a3310b35146bd436752546d04389e4a46d766
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/spacious/assets/fonts/Lato-Bold.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
content-length: 36784
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff
192.185.117.118200 OK 38 kB URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 37580, version 1.104\012- data
Hash 8ed525743dbb32ae4bdb7531d637f7fa
c5f13bf20b52ddbe34ccde18c1d92df8bffefdf3
dff99fb17b5e8fa6ea55c50a6200c824ef0ab3e88b4e06b2284c37d19ac4bf9a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/spacious/assets/fonts/Lato-Regular.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
content-length: 37580
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/lightweight-social-icons/fonts/fontello.woff
192.185.117.118200 OK 23 kB URL HTTP/2 xtc-hair.com/wp-content/plugins/lightweight-social-icons/fonts/fontello.woff
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 23328, version 0.0\012- data
Hash 242e0c93f0f72bde894698405d7a04ab
368cef17895968a3d6a683c43e4cf4175665a757
1b6e0cc5ce7dad5ae275d7ac33c17034f27f801270805bf8d320bab919045a2c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/lightweight-social-icons/fonts/fontello.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Apr 2020 14:24:19 GMT
accept-ranges: bytes
content-length: 23328
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff
192.185.117.118200 OK 39 kB URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 39144, version 1.104\012- data
Hash 5518023c841f1844a49e352831fe011c
ed4952a517498fa4fe5da6e46ee75c73b376cf3a
7ddc8f319db77a7867a106e97b74bfd0f9c94c9612feac09567fee256164688e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/spacious/assets/fonts/Lato-Italic.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
content-length: 39144
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
192.185.117.118409 Conflict 83 B URL HTTP/2 xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
192.185.117.118409 Conflict 83 B URL HTTP/2 xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
192.185.117.118409 Conflict 83 B URL HTTP/2 xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=194744380&post=122608&tz=-5&srv=xtc-hair.com&j=1%3A11.5.1&host=xtc-hair.com&ref=&fcp=2871&rand=0.3089024926209114
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=194744380&post=122608&tz=-5&srv=xtc-hair.com&j=1%3A11.5.1&host=xtc-hair.com&ref=&fcp=2871&rand=0.3089024926209114
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=194744380&post=122608&tz=-5&srv=xtc-hair.com&j=1%3A11.5.1&host=xtc-hair.com&ref=&fcp=2871&rand=0.3089024926209114 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f539.svg
192.0.77.48200 OK 271 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f539.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 85e5fb9f60873c46d98c8ab4efdf4066
660eb8d3178ebb6de98de7d0b6540688b6c5b913
752fdd9a839060506caa9f1ccffc7cab99f5387e2d05165c49cc5c2bec82831d
GET /images/core/emoji/14.0.0/svg/1f539.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/svg+xml
content-length: 271
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/231b.svg
192.0.77.48200 OK 688 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/231b.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (688), with no line terminators
Hash fcff6ac673eb2d32ef5a49818d9572da
ac8067d1221ae5a34ab656df64836ea0e1cbd06b
044160ca4463e342fa8979dc8ebd9c84c03fb0403d12e606412595637b5723b8
GET /images/core/emoji/14.0.0/svg/231b.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:23 GMT
content-type: image/svg+xml
content-length: 688
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 08:41:08 GMT
expires: Fri, 02 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 5535
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4656
Cache-Control: max-age=139647
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:00:50 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xtc-hair.com
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 313406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.240.1200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.240.1:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: G5OUxXCa3QsHWRNX8NjEfJBqO5V2ldTlfgm1y2luFF0EgBWZLQqXbesWaUNan4WrPRYxh3H2LDNevb75nibSXw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 10:13:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4656
Cache-Control: max-age=139647
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:00:50 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6604786-9&cid=383251903.1669976001&jid=130567892&gjid=143888924&_gid=730747989.1669976001&_u=YEBAAUAAAAAAACAAI~&z=640258286
108.177.14.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6604786-9&cid=383251903.1669976001&jid=130567892&gjid=143888924&_gid=730747989.1669976001&_u=YEBAAUAAAAAAACAAI~&z=640258286
IP 108.177.14.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6604786-9&cid=383251903.1669976001&jid=130567892&gjid=143888924&_gid=730747989.1669976001&_u=YEBAAUAAAAAAACAAI~&z=640258286 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xtc-hair.com
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xtc-hair.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 10:13:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 44720
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 63160
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=159612091116662&ev=PageView&dl=https%3A%2F%2Fxtc-hair.com%2Ffull-download-edius-pro-6-5-cracked-version-key-and-better%2F&rl=&if=false&ts=1669976001715&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669976001714.1765892094&it=1669976001459&coo=false&rqm=GET
157.240.240.35200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=159612091116662&ev=PageView&dl=https%3A%2F%2Fxtc-hair.com%2Ffull-download-edius-pro-6-5-cracked-version-key-and-better%2F&rl=&if=false&ts=1669976001715&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669976001714.1765892094&it=1669976001459&coo=false&rqm=GET
IP 157.240.240.35:0
File type gzip compressed data, from Unix\012- data
Hash a1783f550b1c8ecfeec9fee9cdd7acaf
3c4c35c319b9c2d4cbf8117c13c8df5af6ac8802
7d60b493f2f1ae727d78c013921901f84b4b76bf8c04bcc96ee043076dac4515
GET /tr/?id=159612091116662&ev=PageView&dl=https%3A%2F%2Fxtc-hair.com%2Ffull-download-edius-pro-6-5-cracked-version-key-and-better%2F&rl=&if=false&ts=1669976001715&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669976001714.1765892094&it=1669976001459&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 10:13:23 GMT
X-Firefox-Spdy: h2
xtc-hair.com/favicon.ico
192.185.117.118302 Found 0 B IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
link: <https://xtc-hair.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://xtc-hair.com/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 10:13:23 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/images/w-logo-blue-white-bg.png
192.185.117.118200 OK 4.1 kB URL HTTP/2 xtc-hair.com/wp-includes/images/w-logo-blue-white-bg.png
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Connection: keep-alive
Cookie: _ga=GA1.2.383251903.1669976001; _gid=GA1.2.730747989.1669976001; _gat_gtag_UA_6604786_9=1; _fbp=fb.1.1669976001714.1765892094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 03:59:22 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Fri, 02 Dec 2022 10:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.185.117.118200 OK 0 B URL HTTP/2 xtc-hair.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1
192.185.117.118200 OK 0 B URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
192.185.117.118200 OK 0 B URL HTTP/2 xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/spacious/style.css?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
192.185.117.118200 OK 0 B URL HTTP/2 xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /full-download-edius-pro-6-5-cracked-version-key-and-better/ HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-pingback: https://xtc-hair.com/xmlrpc.php
link: <https://xtc-hair.com/wp-json/>; rel="https://api.w.org/", <https://xtc-hair.com/wp-json/wp/v2/posts/122608>; rel="alternate"; type="application/json", <https://xtc-hair.com/?p=122608>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 10:13:20 GMT
server: Apache
X-Firefox-Spdy: h2
stats.wp.com/e-202248.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
xtc-hair.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.117.118200 OK 0 B URL HTTP/2 xtc-hair.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2
xtc-hair.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
192.185.117.118200 OK 0 B URL HTTP/2 xtc-hair.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP 192.185.117.118:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2