Report - xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/

Report Overview

Submitted URL
xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
IP
192.185.117.118
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-12-02 10:13:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	1.2 kB	142.250.74.132
pixel.wp.com	2545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	510 B	239 B	192.0.76.3
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	164 kB	142.250.74.35
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	33 kB	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.1 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	216.58.211.3
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	641 B	86 kB	157.240.240.35
stats.wp.com	2711	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	356 B	192.0.76.3
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	1.8 kB	192.0.77.48
xtc-hair.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	20 kB	208 kB	192.185.117.118
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
i0.wp.com	3021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	851 B	35 kB	192.0.77.2
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	28 kB	157.240.240.1
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	595 B	704 B	108.177.14.156
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.71.202.2
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	44 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	21 kB	216.58.207.206

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/js/comment-reply.min.js?ver=6.1.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/lightweight-social-icons/fonts/fontello.woff	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1	Phishing
2022-12-02	medium	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	Phishing
2022-12-02	medium	xtc-hair.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2022-12-02	medium	xtc-hair.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.240.1 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	2.1 kB	2023-03-08	2023-03-08
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash 34484b59064860c2a76be1d834c7b41e 42d72279d2cf7de10e14a9b127ff808845361a68 ae42886d6fde88d4bfe4023b7e850fd75853f725ee79fd983c7282f140afd252 Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	707 B	2023-03-08	2023-08-06
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:26:02 Last Seen2023-08-06 16:13:17 Times Seen5 Hash 78a82f698c21a51481937ec3591a29c9 5834392c500f3e416049a7f5377de8bd2d5b028c 4990fcb709dffff8bda82d2c3117e69f5736c7cb139216c0e1248ebb9d8f4707 Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	87 B	2023-03-07	2024-04-18
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2024-04-18 15:16:02 Times Seen5988 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	126 B	2023-03-08	2023-08-06
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:26:02 Last Seen2023-08-06 16:13:17 Times Seen5 Hash e71f90f6c0029e6b5d6b39d65a7f91ae fbf58cd5edeb748296c0ace852460f00a855fc55 5075c2da320db215367a3de6b45ef895b3958f953845c5f22af5beecf03ef449 Loading...

	xtc-hair.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1	719 B	2023-03-07	2024-04-18
Pretty URL xtc-hair.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-18 11:27:06 Times Seen259 Hash d40fc8e1e4111778c33910182f0036b4 208cb2f613d588a3e84090585e68559f75637458 c374f5bf94690c32bb2e70d981619d4a34ba460ebc367410ce5b858d25201535 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 07:47:47 Times Seen1515 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	stats.wp.com/e-202248.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202248.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	xtc-hair.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-18
Pretty URL xtc-hair.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-18 13:42:00 Times Seen31778 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	xtc-hair.com/wp-includes/js/comment-reply.min.js?ver=6.1.1	3.0 kB	2023-03-07	2024-04-18
Pretty URL xtc-hair.com/wp-includes/js/comment-reply.min.js?ver=6.1.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 21:17:07 Times Seen29162 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	xtc-hair.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-18
Pretty URL xtc-hair.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:32:29 Times Seen37992 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	362 B	2023-03-08	2023-05-22
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-05-22 03:38:42 Times Seen3 Hash 30d8a95eba2e91887b47c1100c2e29af 37be3073c2125f0eceb6fa1277809e64a50c9430 2e8960a7dcc6d22b79413280cce7b3f9ab11444b5fa0173cc9cbfd049dfe8a3a Loading...

	xtc-hair.com/wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js	571 B	2023-03-08	2023-09-13
Pretty URL xtc-hair.com/wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:26:02 Last Seen2023-09-13 08:36:06 Times Seen9 Hash 255c43c15fc152e0ae4bc0a800ee9a66 9c820efdf6d5f85b69b57fae7600a0dbcf24fad0 ff3d42bc9f143db2bf19503adcf77b5af8f61717e7d78006edd3925c634ced44 Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	167 B	2023-03-08	2023-08-06
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:26:02 Last Seen2023-08-06 16:13:17 Times Seen5 Hash baa6a3ab6b372e6aa5222fe842cb43b1 372ff8c7fef411cbcaac699e332f6664143c64ac b3d29645e58a482db44860fae2b428eaa99fc2340d84d45a82d4f9f17abb52f3 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&co=aHR0cHM6Ly94dGMtaGFpci5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=29g94rggfguj	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&co=aHR0cHM6Ly94dGMtaGFpci5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=29g94rggfguj IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 09:17:30 Times Seen99042 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.googletagmanager.com/gtag/js?id=UA-6604786-9	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-6604786-9 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash a0708197b99d1f0925041d6beb45a912 54d56a44c4db2d4dc20cce6ddee2d113692068e4 c7006bfedb85a02dfe4e6ff1b1222e6db7103ca69d5d50733c80cefda1649414 Loading...

	xtc-hair.com/wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1	1.4 kB	2023-03-07	2024-04-10
Pretty URL xtc-hair.com/wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:49 Last Seen2024-04-10 12:19:44 Times Seen161 Hash b544a41566826593bf1145e0c4c90d1e 0b982699cb659ebd524db64a9806b83a185002d0 c96d935585b1468243456db495e80d142bf13aa82c2f47a58948716a51e0be68 Loading...

	connect.facebook.net/signals/config/159612091116662?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/159612091116662?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash 1a1a6dd93b33a85f4c0516b070b49945 2a5c0551f538c3117dcd9716d541c3dfbae36ae5 922d0bc9ea6a19e0a6a5eb947760b106ea1cf4931a810eafaf18ec650feaa4c2 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&co=aHR0cHM6Ly94dGMtaGFpci5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=29g94rggfguj	35 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&co=aHR0cHM6Ly94dGMtaGFpci5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=29g94rggfguj IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash 2716b5b5f2fd2bfc100ab5d452bc6279 951ccea8b7284be12864a7f885395757861825a5 ccb38516d06506c614fa126f6bc58b101c298f39ecd81861a0a64be89a4d55d2 Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	61 B	2023-03-08	2023-12-06
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:26:02 Last Seen2023-12-06 15:53:52 Times Seen11 Hash 6c0cdac25243085f19e0ead246a62938 930f5f3cc28debece6010d78f4e59931bcd9d464 165e15c6c60f5315e0387ce755d7a65a830efe2f24dc594c2f8fa2b851edc31e Loading...

	xtc-hair.com/wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js	224 B	2023-03-08	2023-12-06
Pretty URL xtc-hair.com/wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:26:02 Last Seen2023-12-06 15:53:53 Times Seen12 Hash 9d0a387d2301d5d44ee306ae4f80accd a9e5330e34d529a771d8b2438a48df53ac36b2ef d46a0121e0a0ac2f4192ec8d8e6f340bbb4f481d1f8bda47c95ec893329ca011 Loading...

	www.google.com/recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0	884 B	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash cdbf3ecc3cd63bb68a1ee214d26f0dbf d0f51d0cccd4dfc22ddb5fe8ad9e74dc51ff9928 c897a72dbab64b0675f81c6de87bdb5c7c59052d62829aa695ef24cfa4d8511b Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	5.6 kB	2023-03-08	2023-03-08
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash 3c72b5774ad6a3bc2ad6a3b9d15980b5 2cfcbe613392746394e7c8162e3b3f5edfec3d3a 1b703e916fd43090fb145829206a75267e4807cfc673941faeeaadffe47be3dd Loading...

	xtc-hair.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1	12 kB	2023-03-07	2024-03-08
Pretty URL xtc-hair.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:28 Last Seen2024-03-08 16:02:30 Times Seen1559 Hash 45f98dec2f0965e8e879f2c7a1f4e996 8187dccc170f82df78e9be302e5ab49e024d4d34 23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f Loading...

	xtc-hair.com/wp-content/themes/spacious/js/navigation.js?ver=6.1.1	8.7 kB	2023-03-07	2024-04-06
Pretty URL xtc-hair.com/wp-content/themes/spacious/js/navigation.js?ver=6.1.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:03 Last Seen2024-04-06 21:01:48 Times Seen103 Hash d74c1e23fb50090ca4ffc2aac04a8545 2b6efb672a139770ecccc8523e0b8eda555d9971 745d9d5f646a1c0594096f4951ee5b814dee7b76eaf3c3066062c25199f89381 Loading...

	xtc-hair.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-18
Pretty URL xtc-hair.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:42:00 Times Seen15473 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	xtc-hair.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981	11 kB	2023-03-08	2024-04-09
Pretty URL xtc-hair.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:26:33 Last Seen2024-04-09 17:29:02 Times Seen124 Hash 670400ecee852ba2a3ff7fea4845a326 5e26b3646e270d6fdeec8261a8ead2edd0dec398 070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3 Loading...

	xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/	197 B	2023-03-08	2023-03-08
Pretty URL xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/ IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash e6d42de5737b07d6004978ae60b3263b 6110b415f5aaae3c3618a3b3eccf68dbb8156065 ad02340d2c5bf827db661b416a3497295612427c07ac3ca9c9ba0ab1dd17d0bc Loading...

	xtc-hair.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL xtc-hair.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 07:32:31 Times Seen68489 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	xtc-hair.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1	2.6 kB	2023-03-07	2024-04-06
Pretty URL xtc-hair.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:03 Last Seen2024-04-06 21:01:48 Times Seen104 Hash 1cd6ef8dee6f97b6ccf535518029f640 8b4f55bcad05f0471fd07c030c938822b7f8af99 8e43ca5f5b5d4dfd0781f359639a75c86dda008d1990d4da1c11e241909b0d63 Loading...

	xtc-hair.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001	685 B	2023-03-07	2024-04-15
Pretty URL xtc-hair.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 IP 192.185.117.118 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-15 22:34:30 Times Seen3122 Hash 24626ac4453bf45fe07e6c5d4e859fbd 9adbe5e7a5e1b5fb19aee82a9d765631b62ecb2f 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 09:17:31 Times Seen36955522 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#2 Eval - c9257e927ccf8069f3dcfb01c9234d09	22 B	2023-03-08	2023-11-04
Pretty Observations First Seen2023-03-08 14:33:54 Last Seen2023-11-04 16:55:45 Times Seen3 Hash c9257e927ccf8069f3dcfb01c9234d09 921955c8df691f30a12542510f33856a4cb972cb 9bb0c662c12831d4a6a9d504b2534e28f08b91591da1303a05ad2b3e12a6e49e Loading...

	#3 Eval - 5bd210fff45cf96ffcf0bb9123070d51	16 kB	2023-03-08	2023-11-04
Pretty Observations First Seen2023-03-08 14:33:54 Last Seen2023-11-04 16:55:45 Times Seen3 Hash 5bd210fff45cf96ffcf0bb9123070d51 09f3615c3096b1c7b413dbe39439be8f82d1eeef 0d4559ba47020dfb3d3229a79fae241152a0337f86a9c8a01bd5add41c1753b7 Loading...

	#4 Eval - 988d1b53866718e49299521f1cd3d8cc	20 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 14:36:00 Last Seen2023-03-08 14:36:00 Times Seen1 Hash 988d1b53866718e49299521f1cd3d8cc ad3d5809b35fa89d141983ba17c5294b06bd3ae9 8fe6c847e8ead12c52adc5599f66f2d33d1b2ec09aaaaf6ed30074a0f3996ab8 Loading...

	#5 Eval - a67bad065c725f1d42d6eb83f626f676	64 B	2023-03-08	2023-11-04
Pretty Observations First Seen2023-03-08 14:33:54 Last Seen2023-11-04 16:55:45 Times Seen3 Hash a67bad065c725f1d42d6eb83f626f676 ecd1fed4bbaacbf771ba634b4616d2bebcba57cb cc158dc49db31ac40a09769c14f1e96ce12d8ee44ddb54a5321c32cd0536ef78 Loading...

	#6 Eval - 0d2fca76a746941a17fa7dcf80dfc0c2	22 B	2023-03-08	2023-11-04
Pretty Observations First Seen2023-03-08 14:33:54 Last Seen2023-11-04 16:55:45 Times Seen3 Hash 0d2fca76a746941a17fa7dcf80dfc0c2 a4d2a22237d8b10b7b611764266911ef1933bbd7 2ed176c7f9d5b3c8ca6ccdb0e994b6ddc34944c41fc4db7451fd7a3d27fed6f1 Loading...

HTTP Transactions (87)

URL IP Response Size

xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/

192.185.117.118

301 Moved Permanently

288 B

URL HTTP/1.1
xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
288 B (288 bytes)
Hash
cc9db67629a5aa362235ec65d8ae4dc2
8d427090d6a3ddbee65b4aebe8cc304554823584
8ff498dc8616ea790d9ee6e9388b9628243655d9dfc6113d4272d51f31b72fec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /full-download-edius-pro-6-5-cracked-version-key-and-better/ HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 10:13:19 GMT
Server: Apache
Location: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Content-Length: 288
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13119
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 10:13:19 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:19 GMT
Etag: "63888270-1d7"
Last-Modified: Fri, 02 Dec 2022 09:31:56 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10032
Expires: Fri, 02 Dec 2022 13:00:31 GMT
Date: Fri, 02 Dec 2022 10:13:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 09:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3309
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Sn5X/OBIz3ebCTTGdnbqQ5nvfZ0SApX/X+Wgehz/PCEtS3RAiIFf4Zp2be43AyybWT5Ysw/F5BQ=
x-amz-request-id: VD4SYWCX37Z2YQR8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 09:46:04 GMT
age: 1636
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c209ad2d408426b117aba2680f45588d
fe5a8a33298ac3ac8becb4485535ce0d060a59f0
d1da92978682bb9af5f962ba71c6aad5914c0b1532e6cd465c4facd4f69dd1da

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1DA92978682BB9AF5F962BA71C6AAD5914C0B1532E6CD465C4FACD4F69DD1DA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Fri, 02 Dec 2022 16:12:50 GMT
Date: Fri, 02 Dec 2022 10:13:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 10:11:15 GMT
cache-control: public,max-age=3600
age: 125
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2475
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:20 GMT
Last-Modified: Fri, 02 Dec 2022 09:32:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.71.202.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.71.202.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fxkWh0uQR/vPsztQLvVqpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yaVpRHVmezmDdcmrGltBi+nYBJQ=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-6604786-9

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-6604786-9
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43613 bytes)
Hash
1ff0e73d5275e779a5e4f72f23a31ca8
a9605b224f8472b08d192a3cacc5f368cfee886f
3e5601e95a5a0e9ad3c459314d0e940579852ae49cef3e071f6c13a1d3e6e42d

HTTP Headers

GET /gtag/js?id=UA-6604786-9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 10:13:22 GMT
expires: Fri, 02 Dec 2022 10:13:22 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i0.wp.com/xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg?w=451&ssl=1

192.0.77.2

200 OK

4.6 kB

URL HTTP/2
i0.wp.com/xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg?w=451&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 451x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.6 kB (4598 bytes)
Hash
e495a00f48e5dc429fc96aea3a871781
72c64567427b9e91ed315838136326785335df31
03a743711874690a5fedce6297c025cf70d1de70228536f2bf1ff2829d321851

HTTP Headers

GET /xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg?w=451&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/webp
content-length: 4598
last-modified: Fri, 21 Oct 2022 11:18:53 GMT
expires: Sun, 20 Oct 2024 23:18:53 GMT
cache-control: public, max-age=63115200
link: <https://xtc-hair.com/wp-content/uploads/2017/11/xtc-200.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c731930b24f28ec1"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

192.185.117.118

200 OK

3.2 kB

URL HTTP/2
xtc-hair.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11256), with no line terminators
Size
3.2 kB (3239 bytes)
Hash
1054d0d53548e8bae51665b11acc6413
2eea6a05fe18db61fff58c431d34a86b3e0b7ade
cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 04:01:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3239
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1

192.185.117.118

200 OK

1.3 kB

URL HTTP/2
xtc-hair.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4186), with no line terminators
Size
1.3 kB (1298 bytes)
Hash
91bab39b98d7e5c1632717b9ebe349e4
e639a447d06fc7827be5b5b35d603ff16b5f7bb1
47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Nov 2019 03:58:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1298
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

i0.wp.com/xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png?w=750

192.0.77.2

200 OK

29 kB

URL HTTP/2
i0.wp.com/xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png?w=750
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
29 kB (29174 bytes)
Hash
1ddae22ff1c78c4fae0baf9f172b7503
548c7a2bdb93e4a2993b7833acf3054e52d4c683
9a5478ba509c6d1ae2b4416354ca5db2344aae7a62cc38e82cc645b47bc8505e

HTTP Headers

GET /xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png?w=750 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/webp
content-length: 29174
last-modified: Fri, 21 Oct 2022 11:18:53 GMT
expires: Sun, 20 Oct 2024 23:18:53 GMT
cache-control: public, max-age=63115200
link: <http://xtc-hair.com/wp-content/uploads/2016/05/Locations-sm.png>; rel="canonical"
x-content-type-options: nosniff
etag: "90d9a2535e99cb54"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xtc-hair.com/wp-includes/css/classic-themes.min.css?ver=1

192.185.117.118

200 OK

189 B

URL HTTP/2
xtc-hair.com/wp-includes/css/classic-themes.min.css?ver=1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235

192.185.117.118

200 OK

4.5 kB

URL HTTP/2
xtc-hair.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (14979), with no line terminators
Size
4.5 kB (4548 bytes)
Hash
f2e41dbf24163bee8e916e6a9621a34e
c6ca67eb47140395068e7622385beaf9b061752f
a56fc9642f0c88d6268cf9fc731fb1ce6f9ce56134e28d3268eca9b19e445f83

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 29 Jan 2022 23:45:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4548
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14

192.185.117.118

200 OK

2.5 kB

URL HTTP/2
xtc-hair.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (5092), with no line terminators
Size
2.5 kB (2462 bytes)
Hash
793aed4abaceb0925e60458c8c42d980
6371ef087dee13724484a6cca1feda59c061644e
b43746949f5740fbf14e40489cb2bdee809c5a9d0954a0cf0982a3b4e90467af

HTTP Headers

GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 05 Aug 2021 17:41:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2462
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11621
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 10:13:22 GMT
Connection: keep-alive

www.google.com/recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0

142.250.74.132

200 OK

583 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
583 B (583 bytes)
Hash
894b5f35a84cce5a2ce0d33766c82e03
b195b5824ea3e2f1e0eaf599995415afdf3ed047
d27a6f25bd04565d2b8527ef74bc293e68b29c01f8a17b85781e86903731dd0d

HTTP Headers

GET /recaptcha/api.js?render=6LeQrmEbAAAAAFBa2Ufo_PLvcDe102G8l2XsKiSp&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 02 Dec 2022 10:13:22 GMT
date: Fri, 02 Dec 2022 10:13:22 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7334 bytes)
Hash
498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 42012
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 45515
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15495 bytes)
Hash
82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 42796
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 33508
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:30:28 GMT
age: 74574
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6882 bytes)
Hash
25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 44726
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0

192.185.117.118

200 OK

7.1 kB

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
7.1 kB (7119 bytes)
Hash
132393cbbd112512206aa3c468a210ee
7c0a904b30a100e744fa0dce8a5e47079810a4c3
fe7806c8283bc20c74e50713d63b477299130d05d9b0e2391ad5d307f5eb2292

HTTP Headers

GET /wp-content/themes/spacious/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7119
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1

192.185.117.118

200 OK

1.0 kB

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.0 kB (1047 bytes)
Hash
dadc838792cbce3cf9aa041753aed2ef
53d30467a3bffe9d0aad046a72cb33a663304b9a
ce677d1e8b1ddee194459c599dbc87aa43d198ec802f37ed90f0c82d46503f64

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/spacious/js/spacious-custom.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1047
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

192.185.117.118

409 Conflict

83 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1

192.185.117.118

200 OK

1.8 kB

URL HTTP/2
xtc-hair.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (7989), with no line terminators
Size
1.8 kB (1753 bytes)
Hash
651b107c868611eaf140b8d2efedcf0d
afd2e4f4017cdba568ae9879280fb023cb286188
6d9d93708ba83fc0c491ace3c24846e2148c3feadb47884953094a21a5314b5b

HTTP Headers

GET /wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 09 Apr 2020 14:24:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1753
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

192.185.117.118

200 OK

5.3 kB

URL HTTP/2
xtc-hair.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 May 2022 15:03:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1

192.185.117.118

200 OK

3.8 kB

URL HTTP/2
xtc-hair.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1571)
Size
3.8 kB (3848 bytes)
Hash
f2694bc14d8b63a7d406f4400b74cca4
eb87c041943667f69b6dc73b1ca12370fff38fb0
28baa20440db143848726898dac1510692b768c9086b97f637cde74db6e96a2a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3848
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xtc-hair.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001

192.185.117.118

200 OK

369 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (685), with no line terminators
Size
369 B (369 bytes)
Hash
accd80b294f42169b1e447e68bacfffe
40847092d82d78897a8219b270b22838fcc0bb95
35e8294d38f054cd6fbcdef72076443685888546d93b41a596e981a5e9a61552

HTTP Headers

GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 369
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4

192.185.117.118

409 Conflict

83 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

192.185.117.118

200 OK

4.6 kB

URL HTTP/2
xtc-hair.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 04:01:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1

192.185.117.118

200 OK

425 B

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
425 B (425 bytes)
Hash
62c10ae379acf345832166577cf721a4
a9d99c17fbe36ee8ed057b181b8a885d2bb88556
8cd627febaae9f8dbdfaca4cb5ed2c298e3d0d6513b3f45478af7bd91fde691b

HTTP Headers

GET /wp-content/themes/spacious/js/skip-link-focus-fix.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 425
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1

192.185.117.118

200 OK

536 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
536 B (536 bytes)
Hash
6f60958d7fc961a2f5e744a081f8a8ac
bb558da62a47b135476a5eb4ee66745d8cd12d7a
4be5234257b239c5e32fd6b5ccebde0b7c6b3af12d732778b090ab0f07bb079d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-gallery-custom-links/wp-gallery-custom-links.js?ver=1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 29 Aug 2017 14:19:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 536
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

192.185.117.118

409 Conflict

83 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js

192.185.117.118

200 OK

363 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (521)
Size
363 B (363 bytes)
Hash
500545bf22f6760751dcd932bc1ba078
95ff2a360643bb23024055cbb3fac63512dfab45
d1ed998bdee807eacffc3f3313369cbf9033c79ff80e61181caa1c5818c4cfcc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-facebook-pixel/assets/NSAFacebookPixel.min.js HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 04 Sep 2019 13:31:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 363
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js

192.185.117.118

200 OK

214 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 (with BOM) text
Size
214 B (214 bytes)
Hash
d472cbacb37c016041b58772d54ad559
63e1c1aa09aef1189ac568497f4d8b762b3f22b7
ae454e133e079135e984107978953414c24f4a4cee42639af40d60535582b116

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-facebook-pixel/inc/scripts/nsautilities.min.js HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 04 Sep 2019 13:31:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 214
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

192.185.117.118

409 Conflict

83 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/comment-reply.min.js?ver=6.1.1

192.185.117.118

200 OK

1.5 kB

URL HTTP/2
xtc-hair.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2946)
Size
1.5 kB (1477 bytes)
Hash
92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 May 2022 15:03:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1477
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/js/navigation.js?ver=6.1.1

192.185.117.118

200 OK

3.2 kB

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/js/navigation.js?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
3.2 kB (3152 bytes)
Hash
6e2649475b40aaa23c7933cd4864d49c
b58b3cdfdc538d9199cda602c2cd0ff922ebd3a3
9875d2e52f93962fe242e2f5984210a87304988d3a78b8b10118843d28c6ab7d

HTTP Headers

GET /wp-content/themes/spacious/js/navigation.js?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3152
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

192.185.117.118

200 OK

2.7 kB

URL HTTP/2
xtc-hair.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.7 kB (2675 bytes)
Hash
45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 May 2022 15:03:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981

192.185.117.118

200 OK

3.8 kB

URL HTTP/2
xtc-hair.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
3.8 kB (3830 bytes)
Hash
66b85ee07e712680856a30dbbffd6851
1b7f567df71b51b648eac224f3782aed0f2eb740
ff6d4e7e045697210f93d5d8f201ac69ddf676e0d4e1fd60e6e778cb4931f9f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664461981 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 14:33:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3830
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

192.185.117.118

200 OK

7.6 kB

URL HTTP/2
xtc-hair.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
7.6 kB (7621 bytes)
Hash
66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7621
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff

192.185.117.118

200 OK

37 kB

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Bold.woff
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 36784, version 1.104\012- data
Size
37 kB (36784 bytes)
Hash
a9d8f02506c0ea8b1b0ea76ccc485651
94372d3d5222e5601b8a801ba81df80e5c66a7fe
9f8224817f8e13b4047734e58a7a3310b35146bd436752546d04389e4a46d766

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/spacious/assets/fonts/Lato-Bold.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
content-length: 36784
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff

192.185.117.118

200 OK

38 kB

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Regular.woff
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 37580, version 1.104\012- data
Size
38 kB (37580 bytes)
Hash
8ed525743dbb32ae4bdb7531d637f7fa
c5f13bf20b52ddbe34ccde18c1d92df8bffefdf3
dff99fb17b5e8fa6ea55c50a6200c824ef0ab3e88b4e06b2284c37d19ac4bf9a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/spacious/assets/fonts/Lato-Regular.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
content-length: 37580
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/lightweight-social-icons/fonts/fontello.woff

192.185.117.118

200 OK

23 kB

URL HTTP/2
xtc-hair.com/wp-content/plugins/lightweight-social-icons/fonts/fontello.woff
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 23328, version 0.0\012- data
Size
23 kB (23328 bytes)
Hash
242e0c93f0f72bde894698405d7a04ab
368cef17895968a3d6a683c43e4cf4175665a757
1b6e0cc5ce7dad5ae275d7ac33c17034f27f801270805bf8d320bab919045a2c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/lightweight-social-icons/fonts/fontello.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 09 Apr 2020 14:24:19 GMT
accept-ranges: bytes
content-length: 23328
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff

192.185.117.118

200 OK

39 kB

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/assets/fonts/Lato-Italic.woff
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 39144, version 1.104\012- data
Size
39 kB (39144 bytes)
Hash
5518023c841f1844a49e352831fe011c
ed4952a517498fa4fe5da6e46ee75c73b376cf3a
7ddc8f319db77a7867a106e97b74bfd0f9c94c9612feac09567fee256164688e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/spacious/assets/fonts/Lato-Italic.woff HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
content-length: 39144
content-type: font/woff
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

192.185.117.118

409 Conflict

83 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

192.185.117.118

409 Conflict

83 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4

192.185.117.118

409 Conflict

83 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?v=ext&blog=194744380&post=122608&tz=-5&srv=xtc-hair.com&j=1%3A11.5.1&host=xtc-hair.com&ref=&fcp=2871&rand=0.3089024926209114

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=194744380&post=122608&tz=-5&srv=xtc-hair.com&j=1%3A11.5.1&host=xtc-hair.com&ref=&fcp=2871&rand=0.3089024926209114
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=194744380&post=122608&tz=-5&srv=xtc-hair.com&j=1%3A11.5.1&host=xtc-hair.com&ref=&fcp=2871&rand=0.3089024926209114 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f539.svg

192.0.77.48

200 OK

271 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f539.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
271 B (271 bytes)
Hash
85e5fb9f60873c46d98c8ab4efdf4066
660eb8d3178ebb6de98de7d0b6540688b6c5b913
752fdd9a839060506caa9f1ccffc7cab99f5387e2d05165c49cc5c2bec82831d

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f539.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: image/svg+xml
content-length: 271
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/231b.svg

192.0.77.48

200 OK

688 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/231b.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (688), with no line terminators
Size
688 B (688 bytes)
Hash
fcff6ac673eb2d32ef5a49818d9572da
ac8067d1221ae5a34ab656df64836ea0e1cbd06b
044160ca4463e342fa8979dc8ebd9c84c03fb0403d12e606412595637b5723b8

HTTP Headers

GET /images/core/emoji/14.0.0/svg/231b.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:23 GMT
content-type: image/svg+xml
content-length: 688
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

216.58.207.206

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 08:41:08 GMT
expires: Fri, 02 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 5535
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4656
Cache-Control: max-age=139647
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:00:50 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.35

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xtc-hair.com
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 313406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

157.240.240.1

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.240.1:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: G5OUxXCa3QsHWRNX8NjEfJBqO5V2ldTlfgm1y2luFF0EgBWZLQqXbesWaUNan4WrPRYxh3H2LDNevb75nibSXw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 10:13:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4656
Cache-Control: max-age=139647
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:00:50 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6604786-9&cid=383251903.1669976001&jid=130567892&gjid=143888924&_gid=730747989.1669976001&_u=YEBAAUAAAAAAACAAI~&z=640258286

108.177.14.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6604786-9&cid=383251903.1669976001&jid=130567892&gjid=143888924&_gid=730747989.1669976001&_u=YEBAAUAAAAAAACAAI~&z=640258286
IP
108.177.14.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6604786-9&cid=383251903.1669976001&jid=130567892&gjid=143888924&_gid=730747989.1669976001&_u=YEBAAUAAAAAAACAAI~&z=640258286 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xtc-hair.com
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://xtc-hair.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 10:13:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 10:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 44720
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 63160
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=159612091116662&ev=PageView&dl=https%3A%2F%2Fxtc-hair.com%2Ffull-download-edius-pro-6-5-cracked-version-key-and-better%2F&rl=&if=false&ts=1669976001715&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669976001714.1765892094&it=1669976001459&coo=false&rqm=GET

157.240.240.35

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=159612091116662&ev=PageView&dl=https%3A%2F%2Fxtc-hair.com%2Ffull-download-edius-pro-6-5-cracked-version-key-and-better%2F&rl=&if=false&ts=1669976001715&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669976001714.1765892094&it=1669976001459&coo=false&rqm=GET
IP
157.240.240.35:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (85975 bytes)
Hash
a1783f550b1c8ecfeec9fee9cdd7acaf
3c4c35c319b9c2d4cbf8117c13c8df5af6ac8802
7d60b493f2f1ae727d78c013921901f84b4b76bf8c04bcc96ee043076dac4515

HTTP Headers

GET /tr/?id=159612091116662&ev=PageView&dl=https%3A%2F%2Fxtc-hair.com%2Ffull-download-edius-pro-6-5-cracked-version-key-and-better%2F&rl=&if=false&ts=1669976001715&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669976001714.1765892094&it=1669976001459&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 10:13:23 GMT
X-Firefox-Spdy: h2

xtc-hair.com/favicon.ico

192.185.117.118

302 Found

0 B

URL HTTP/2
xtc-hair.com/favicon.ico
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
link: <https://xtc-hair.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://xtc-hair.com/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 10:13:23 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/images/w-logo-blue-white-bg.png

192.185.117.118

200 OK

4.1 kB

URL HTTP/2
xtc-hair.com/wp-includes/images/w-logo-blue-white-bg.png
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Connection: keep-alive
Cookie: _ga=GA1.2.383251903.1669976001; _gid=GA1.2.730747989.1669976001; _gat_gtag_UA_6604786_9=1; _fbp=fb.1.1669976001714.1765892094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 03:59:22 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Fri, 02 Dec 2022 10:13:24 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

192.185.117.118

200 OK

0 B

URL HTTP/2
xtc-hair.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1

192.185.117.118

200 OK

0 B

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/spacious/genericons/genericons.css?ver=3.3.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1

192.185.117.118

200 OK

0 B

URL HTTP/2
xtc-hair.com/wp-content/themes/spacious/style.css?ver=6.1.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/spacious/style.css?ver=6.1.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 27 Jul 2022 18:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/

192.185.117.118

200 OK

0 B

URL HTTP/2
xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /full-download-edius-pro-6-5-cracked-version-key-and-better/ HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-pingback: https://xtc-hair.com/xmlrpc.php
link: <https://xtc-hair.com/wp-json/>; rel="https://api.w.org/", <https://xtc-hair.com/wp-json/wp/v2/posts/122608>; rel="alternate"; type="application/json", <https://xtc-hair.com/?p=122608>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 10:13:20 GMT
server: Apache
X-Firefox-Spdy: h2

stats.wp.com/e-202248.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/e-202248.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 10:13:22 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

xtc-hair.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

192.185.117.118

200 OK

0 B

URL HTTP/2
xtc-hair.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

xtc-hair.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1

192.185.117.118

200 OK

0 B

URL HTTP/2
xtc-hair.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP
192.185.117.118:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: xtc-hair.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xtc-hair.com/full-download-edius-pro-6-5-cracked-version-key-and-better/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 17:52:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 10:13:22 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations