r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9444
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 10:35:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2623
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:23 GMT
Last-Modified: Wed, 30 Nov 2022 09:51:40 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7324
Expires: Wed, 30 Nov 2022 12:37:27 GMT
Date: Wed, 30 Nov 2022 10:35:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 10:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 942
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /bymtoG10OjeroF4kNyZyrnWFQx82ejEmMJqMldKIZsLmOGbX1aMT8Ni27go9AVZz4uIR+BxYRo=
x-amz-request-id: T99XMM6QM9Q4G1A5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 09:45:11 GMT
age: 3012
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 10:35:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 10:11:14 GMT
cache-control: public,max-age=3600
age: 1450
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2629
Cache-Control: max-age=170116
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:24 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:50:40 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.hypnoseclothing.com/
72.10.173.218301 Moved Permanently 0 B IP 72.10.173.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 10:35:23 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://hypnoseclothing.com/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 30 Nov 2022 10:35:23 GMT
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /aZyatR5wmq6HOKKmHg+dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7eBKQOWssQr4QftZq6wMJkmmce0=
hypnoseclothing.com/
72.10.173.218200 OK 14 kB IP 72.10.173.218:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3381), with CRLF, LF line terminators
Hash ec4fcf163c8f28aa159e635c58228792
7667c75045048f2612e55e6cfd52b3c7105c9b11
380ba79699b79ad823131ab5f33591e648ce084f70fe124beb6f75006f68f777
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Wed, 30 Nov 2022 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 14030
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-789492340
142.250.74.40200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-789492340
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash dac144b258c9d47248e79fa3689c6e55
6196da8e50e2c013abf930b20bdcd85ccf9d6c70
1452636ee07cb90f0de50924ed817ecd87394804980bf8f47e8c88a3d89b3000
GET /gtag/js?id=AW-789492340 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 10:35:25 GMT
expires: Wed, 30 Nov 2022 10:35:25 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=1669738947
72.10.173.218200 OK 2.0 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash 38b1f483d4bf6b1548990385c8673746
1668edb02c5170be308368292a4c12033d0a42f4
98138d83d7cb12e99802ba034b400a67e0d7b6e378d8bcd1b4d9f4fe44ce1111
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1962
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hypnoseclothing.com/wp-includes/css/classic-themes.min.css?ver=1
72.10.173.218200 OK 189 B URL HTTP/2 hypnoseclothing.com/wp-includes/css/classic-themes.min.css?ver=1
IP 72.10.173.218:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 01:33:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/agile-store-locator/public/css/init.css?ver=1669738947
72.10.173.218200 OK 36 B URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/agile-store-locator/public/css/init.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with no line terminators
Hash 9712acf67f14a262354aca9302740478
428a5db99d5dbd5cb40976abff17d76f4c797ec9
86e29027c1458a398378046dd89819322665cb2c882e3eb8ac6ec0271d424ba4
GET /wp-content/cache/min/1/wp-content/plugins/agile-store-locator/public/css/init.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: br
content-length: 36
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/css/cartbounty-pro-public.css?ver=1669738947
72.10.173.218200 OK 2.1 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/css/cartbounty-pro-public.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (13628), with no line terminators
Hash b1d2b18e65f46fdffa3f6228c4dda81b
4d8c53b1fe537fa3083d0bb6590c56f75a8813be
f3b72f39ebb1c79ffa90f64b301b51a14fa136b8864f504639dcf3d71e358228
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/css/cartbounty-pro-public.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2097
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=1669738947
72.10.173.218200 OK 2.6 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash d45c9e0b4109fd68bc2eaae40d01f61a
f0fd80fcb3e8b7a9d95782d0f0c79ddc19b2fa96
072aa95bd2ad493914030593b84c611b2dfcc39444f726ddab52751f4b4bf926
GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2554
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-variation-gallery/assets/css/slick.min.css?ver=1669738947
72.10.173.218200 OK 1.1 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-variation-gallery/assets/css/slick.min.css?ver=1669738947
IP 72.10.173.218:0
File type Unicode text, UTF-8 text, with very long lines (3958), with no line terminators
Hash bae419f574edeae82da8937247c39010
fd9eb665fff15e00c23fffcf64e54945ce14a9c7
625467e6376d4348dbf30d31ddf70537023a831b78f8ef35ef83114656aa61b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/woo-variation-gallery/assets/css/slick.min.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1140
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=1669738947
72.10.173.218200 OK 24 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=1669738947
IP 72.10.173.218:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 8eeba8ba71bd7412ed43bb3143f2594e
0c2b4e60543d5f9b8981a9f8b452e2e280522b67
9ec4cd55eda476bc3dc093eeab4b5f517bedbf6876a65db2d4672ccbe8612727
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 24471
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=1669738947
72.10.173.218200 OK 9.0 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=1669738947
IP 72.10.173.218:0
File type Unicode text, UTF-8 text, with very long lines (63777), with no line terminators
Hash cb74c782ffd84fa0794e1945982c4f0f
4e6a1e3cb943dc3f2a7cdedb70c8d66b15234049
2f70c90ef9a6de526926fff7b74f82a7d9053d791964603743cea0997f8b696b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 8956
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1669738947
72.10.173.218200 OK 36 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (59074)
Hash 613d40f295d66afc23b9bfb41ed1d2e0
3ca3e32a931259c1ae39878fa3d798d43ef18090
c77c3ae3b119b21e3a41695bb3d0b0bd5089209d3630a28ec1dff6555b9f9dd3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 35769
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/wp-user-switch/assets/css/main.css?ver=1669738947
72.10.173.218200 OK 517 B URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/wp-user-switch/assets/css/main.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (1173), with no line terminators
Hash 9b9655f1675c69c4d8d84630cf46466d
068b76b17d4d24f63b3630d6c79bf8d0922d5050
5bce81c942dab7c3425cff4c9a235d403fc7840f0c6c7850ef45bd44607e780f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/wp-user-switch/assets/css/main.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 517
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/themes/lithiummarketing/style.css
72.10.173.218200 OK 37 B URL HTTP/2 hypnoseclothing.com/wp-content/themes/lithiummarketing/style.css
IP 72.10.173.218:0
Hash 38cd4cd9c734a31831fc107b479c8961
2759a6511e78685b7b603c24e6d5b4718be94212
b15b1eefdc321c10a20e6df69654d29697d21909802ac8331fbfe6c5735a2b27
GET /wp-content/themes/lithiummarketing/style.css HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:54:25 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: br
content-length: 37
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/cartbounty-pro-public-exit-intent.js?ver=1669738947
72.10.173.218200 OK 1.7 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/cartbounty-pro-public-exit-intent.js?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (1508)
Hash 074bae68ad9fcafd42ab2ba5f2520afc
5011c4183e6cca57e86a6e989fa27bdff84b45f3
6b6a5efc48371a1a1b5578eaae24c56bf98a1b87885aab12e7528a77a73a00ec
GET /wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/cartbounty-pro-public-exit-intent.js?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1745
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/xforwoocommerce/x-pack/prdctfltr/includes/css/styles.css?ver=1669738947
72.10.173.218200 OK 12 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/xforwoocommerce/x-pack/prdctfltr/includes/css/styles.css?ver=1669738947
IP 72.10.173.218:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65529), with no line terminators
Hash e2fee9a7baec18090bb7f787e0fbd512
d930fc30e517f8660dc0adb3f5570b30b2bc29f7
fde1c07983f20c1dccdca862b3e93135a08e6508e3a411037e49da18fa690dc4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/xforwoocommerce/x-pack/prdctfltr/includes/css/styles.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 11466
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woo-variation-gallery/assets/css/frontend.min.css?ver=1664808964
72.10.173.218200 OK 5.6 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woo-variation-gallery/assets/css/frontend.min.css?ver=1664808964
IP 72.10.173.218:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 99bbce4daaaa656f6998b0f4d361f3c4
9cfdbbf9bf9f711b3ea50337e56901393dbd66e7
fd85ed0609d2a1a909ec3cf263123bc1aa212435ed6c2799284d9dfbcbbf5e4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-variation-gallery/assets/css/frontend.min.css?ver=1664808964 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:56:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5627
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/asl-custom-css.css?ver=1669738947
72.10.173.218200 OK 2.2 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/asl-custom-css.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (18122), with no line terminators
Hash 931399aa7e54b26d389a786659c3d1e0
f836f506704b23ef63ff1e47dc84699a72f7ddef
3693a6e603d6b002d1e070ed9ec2c4753f04f2188d83a4fd6944393b6176fe4f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/asl-custom-css.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2164
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
72.10.173.218200 OK 1.1 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP 72.10.173.218:0
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 3fffd1b8f00bf4175aaf1831974a4e4c
7f16ab9253c92a528f1f8cb20bee07128ce67048
3eeb166e786db324c70ef63628846f825951748a76d0de97c719189a0ab555c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 13:25:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1088
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
72.10.173.218200 OK 982 B URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 72.10.173.218:0
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 13:25:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 982
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
72.10.173.218200 OK 794 B URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP 72.10.173.218:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 13:25:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 794
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
72.10.173.218200 OK 1.0 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 72.10.173.218:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 13:25:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1039
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1669738947
72.10.173.218200 OK 130 B URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with no line terminators
Hash d1c59c15471864ca1471e721454c8fea
42303ff1ea4149652ac04e6b135a3239b386bfc6
07a600a4515a2c44e802eb2c602a257b715ae91876ef802019ccb3871ee33680
GET /wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 130
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/cartbounty-pro-public-early-capture.js?ver=1669738947
72.10.173.218200 OK 2.1 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/cartbounty-pro-public-early-capture.js?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (589)
Hash 0eeaeb557f224eddd73247a91f6c16e7
1b2bfb87872e0e4f59507049762745195d7d7ba2
39f7e8755b59c4415882a5f30b7ad30f700b6df0a3b0f47f8a9572b34a6cfe9e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/cartbounty-pro-public-early-capture.js?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2118
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
72.10.173.218200 OK 3.5 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 72.10.173.218:0
File type ASCII text, with very long lines (9111)
Hash f6004c12128ba678a6ab8fafb9cb1d61
a023d537a3273176524815baca3f2c42cc601a3c
e516f66f227db9eb26f5bec7605f4647680979c10c9bb61ac1654ccbf7e348af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 13:25:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3496
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
72.10.173.218200 OK 4.2 kB URL HTTP/2 hypnoseclothing.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 72.10.173.218:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 15:00:12 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4169
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/tooltipster.bundle.min.js?ver=9.6.1
72.10.173.218200 OK 10 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woo-save-abandoned-carts-pro/public/js/tooltipster.bundle.min.js?ver=9.6.1
IP 72.10.173.218:0
File type ASCII text, with very long lines (32056)
Hash 47cc461eeee432d3e801b00bcec27812
1e9eefd7f55caa23357c42197e5edc9135e0bd29
06be5e7cf5cca157c453723890708215472c9a30f6e1f18b7e6333f51b78c465
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-save-abandoned-carts-pro/public/js/tooltipster.bundle.min.js?ver=9.6.1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:56:12 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 10164
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
72.10.173.218200 OK 1.8 kB URL HTTP/2 hypnoseclothing.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 72.10.173.218:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 15:00:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1834
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
72.10.173.218200 OK 31 kB URL HTTP/2 hypnoseclothing.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 72.10.173.218:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 01:33:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 30995
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.1.0
72.10.173.218200 OK 3.6 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.1.0
IP 72.10.173.218:0
File type ASCII text, with very long lines (13880), with no line terminators
Hash 7bd9ac0901226327e38d4ba6f9184327
d570c9be7f18ef2819614243c21151c19a0c6ceb
7418b1b9031fc621c84efcccc3606814b2c4f0070a736dbb8d3cb6096aae37db
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.1.0 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 13:25:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3648
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-includes/js/wp-util.min.js?ver=6.1.1
72.10.173.218200 OK 756 B URL HTTP/2 hypnoseclothing.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 72.10.173.218:0
File type ASCII text, with very long lines (1391)
Hash 838aa5f64f258023c2f4ced3125cc12e
0f9ba4eee7038506d01a6e741b16324ffb347fda
8212000a2ae7888dec134e6a079a16c19d71f6bcd0924384abb16027325ed218
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 01:33:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 756
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woo-variation-gallery/assets/js/slick.min.js?ver=1.8.1
72.10.173.218200 OK 11 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woo-variation-gallery/assets/js/slick.min.js?ver=1.8.1
IP 72.10.173.218:0
File type ASCII text, with very long lines (43538), with no line terminators
Hash c3ff32593a08bf21e813a0429765f23f
970e0521279231862ba6697af2e84501894d1194
0d7b80f4ab9a67af91eb1ecc4070a2c4113654e93d3e61559199f78fa956b47f
GET /wp-content/plugins/woo-variation-gallery/assets/js/slick.min.js?ver=1.8.1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:56:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 10678
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woo-variation-gallery/assets/js/frontend.min.js?ver=1664808964
72.10.173.218200 OK 4.6 kB URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woo-variation-gallery/assets/js/frontend.min.js?ver=1664808964
IP 72.10.173.218:0
File type ASCII text, with very long lines (16654), with no line terminators
Hash 8bfd473e9e2695f93dce6c688f5bf751
c804a8fa4ec02cca0c95d32a69fd8f349b337cff
60cd00dbdb996394c6059bb9c34c1c421eebdb26aa8c51e4dafaa4441872ba05
GET /wp-content/plugins/woo-variation-gallery/assets/js/frontend.min.js?ver=1664808964 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:56:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4596
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-includes/js/underscore.min.js?ver=1.13.4
72.10.173.218200 OK 7.3 kB URL HTTP/2 hypnoseclothing.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 72.10.173.218:0
File type ASCII text, with very long lines (18798)
Hash 3f92fc0fb188799b432341421df6cfde
09041f63af89e1164a53dec66eb7b2ac1dc58ba6
6b09e750d7ecaac14315f7c7e09b6de17f8d1f790b4acdc094b74832402aee31
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 01:33:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7311
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
72.10.173.218200 OK 25 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 38b51ece852f6a7790f5ba8235810072
366a2d62cc57a530bcefda85a681187c200973bf
4d0b3af43bc7ca097a30874007c26cebbfc12f4c6f0a5012c6f6eb434e3f1433
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 24614
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.0.2
72.10.173.218200 OK 223 B URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.0.2
IP 72.10.173.218:0
File type ASCII text, with very long lines (364), with no line terminators
Hash 5a715f2477c79bedf3cf57608cd4376b
6696515b1b5474b27e6dd7ee81521f1ff9c4f229
2b0c64a4b6747ad89cac3617026579fd18bfeeae7752122d8746e12c1ca30aab
GET /wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.0.2 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:57:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 223
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/hypnose-bulk-add/scripts.js?ver=1669738947
72.10.173.218200 OK 825 B URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/hypnose-bulk-add/scripts.js?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (444)
Hash 5dc22176572b42e1a3318ea1f7c90e81
6bb99ec6eb79a785c6c7eaa1202f005d3c92590b
786087e1f60816fa0085fe4e6f41fdc8c9827a7b224aebb035890965b2b581a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/themes/lithiummarketing/hypnose-bulk-add/scripts.js?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 825
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=5.0.2
72.10.173.218200 OK 226 B URL HTTP/2 hypnoseclothing.com/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=5.0.2
IP 72.10.173.218:0
File type ASCII text, with very long lines (344), with no line terminators
Hash 44d2e514bfb72b34fd80f91df5bacf10
370f47d8ac04270c364cd9a09c53dc581298bf01
e8641bfe1a7b8a8e847ee4bd1bdf6d8a4030ada5cfaa57fe29307759e4a580a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=5.0.2 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:57:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 226
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/js/script.js?ver=1669738947
72.10.173.218200 OK 813 B URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/js/script.js?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (1056)
Hash 3f8039591e234b3b4b82af35ec006438
7c5f3270a7c5e8f7a593650b842ff8be3be77b6c
0ebe3a37ac24457ec4a87c724f2a967bd56adb6f48890e7560266355ac079b09
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/themes/lithiummarketing/js/script.js?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 813
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/themes/lithiummarketing/js/lightbox.min.js?ver=1
72.10.173.218200 OK 2.9 kB URL HTTP/2 hypnoseclothing.com/wp-content/themes/lithiummarketing/js/lightbox.min.js?ver=1
IP 72.10.173.218:0
File type ASCII text, with very long lines (9089)
Hash d327fefef7276d6a0f27bf354e39bc84
f063fbaf1287f6ecd27d465760d7f9181886c117
ffc92c8c98159b93b68521ca0fb6a039a93dcdc243eb72f1eeb464280e4d4cac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/lithiummarketing/js/lightbox.min.js?ver=1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:54:59 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2896
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/wp-user-switch/assets/js/main.js?ver=1669738947
72.10.173.218200 OK 393 B URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/wp-user-switch/assets/js/main.js?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (477)
Hash 121eec00d3423f3da81227ce3e833850
8bb65b93fc7cf2ecad7a153634bd4778c1b1d0b7
861bfd9dafcf28c7ab1d0286a1fb8c3fa1d37c65f31095ec88ffcced27242be7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/wp-user-switch/assets/js/main.js?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 393
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/themes/lithiummarketing/js/woco.accordion.min.js?ver=1
72.10.173.218200 OK 512 B URL HTTP/2 hypnoseclothing.com/wp-content/themes/lithiummarketing/js/woco.accordion.min.js?ver=1
IP 72.10.173.218:0
File type ASCII text, with very long lines (1821)
Hash 8ee1de5a5181031a5133485d2fe32f4d
6d21c68eb2dd1ff10db020d06754e24915ab221e
967678162f62851631a846139757bf78066900d659600064ee9d5f8f4df4c28a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/lithiummarketing/js/woco.accordion.min.js?ver=1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:54:59 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 512
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/themes/lithiummarketing/js/jquery.slicknav.min.js?ver=1
72.10.173.218200 OK 2.2 kB URL HTTP/2 hypnoseclothing.com/wp-content/themes/lithiummarketing/js/jquery.slicknav.min.js?ver=1
IP 72.10.173.218:0
File type ASCII text, with very long lines (6571)
Hash 7a253218ff7ce96442f2e0305b069833
162c547007999bc5db2b71b65d2cbdaed94218d4
88456683a207efed8e324f05a932e64897ad2fd9064e0fad1c0b93691934453e
GET /wp-content/themes/lithiummarketing/js/jquery.slicknav.min.js?ver=1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 14:54:59 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2180
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
72.10.173.218200 OK 5.0 kB URL HTTP/2 hypnoseclothing.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 72.10.173.218:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 15:00:10 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5009
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 10:35:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 10:35:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 10:35:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 10:35:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 10:35:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 44799
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 45540
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 45954
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=1669738947
72.10.173.218200 OK 1.2 kB URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=1669738947
IP 72.10.173.218:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 7a01d757cd8aced5af866e83a6d0ce76
f352b0e25c2a3ca7af84f93c9bc1fd700db3586f
da5327f259e09fafac875160fbcd3fe934f48359e751e42b802f5577310b014c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1177
content-type: text/css; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5BnByLndiK0korBr44MDgK6sgRBPooy2LE_2NjVIQhiTfmAdLupnZw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:34 GMT
age: 45951
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 45754
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 43216
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.35200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hypnoseclothing.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:17:08 GMT
expires: Tue, 28 Nov 2023 21:17:08 GMT
cache-control: public, max-age=31536000
age: 134297
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hypnoseclothing.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 06:30:11 GMT
expires: Sat, 25 Nov 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 446714
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/icon2.png
72.10.173.218200 OK 398 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/icon2.png
IP 72.10.173.218:0
File type PNG image data, 25 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash eb5e68afb0f9fd53907d2bdfd5d5230c
165ffb684025abd7466a4da089deb5e542513fdb
97ecb136de074ec089eff1b524c01434b29bab39beff0d3694604371de44a835
GET /wp-content/uploads/2022/10/icon2.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 13:07:28 GMT
accept-ranges: bytes
content-length: 398
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:25 GMT
vary: Accept-Encoding
content-type: image/png
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/left-border.jpg
72.10.173.218200 OK 389 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/left-border.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 654x1, components 3\012- data
Hash 40de358a46396e9b168c989ef0592b8a
3175597c54f44e97bd0da1cce3974c3883b7dc43
b8549f21792c575d76d707c5b00d9bb9487ae4687ef315a0b61343c517729edb
GET /wp-content/uploads/2022/10/left-border.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 13:07:50 GMT
accept-ranges: bytes
content-length: 389
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:25 GMT
vary: Accept-Encoding
content-type: image/jpeg
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/right-border.jpg
72.10.173.218200 OK 379 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/right-border.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 626x1, components 3\012- data
Hash 6a1d8e0cb3d17ac7b14938deb24bc906
9757c3af05699432d47df3d1a5f7b444e4235f22
89ad893068b31074c70a1b8232e4f86231c69ac40f079225c139d3e976bc937e
GET /wp-content/uploads/2022/10/right-border.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 13:09:05 GMT
accept-ranges: bytes
content-length: 379
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:25 GMT
vary: Accept-Encoding
content-type: image/jpeg
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hypnoseclothing.com/wp-content/uploads/2022/10/rafale_banner.jpg
72.10.173.218200 OK 105 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/rafale_banner.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x566, components 3\012- data
Size 105 kB (105268 bytes)
Hash 2f6a8f510485a75c304b191b4a86af77
fc327392709f5d704bef44fea752c31f2d28a6c5
45416bb13e67c43d9c8b28054a354e77da17f2a57fc9ebd9f85edadaf3a14b30
GET /wp-content/uploads/2022/10/rafale_banner.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:57:32 GMT
accept-ranges: bytes
content-length: 105268
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:25 GMT
vary: Accept-Encoding
content-type: image/jpeg
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:300,400,500,600,800
142.250.74.138200 OK 128 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:300,400,500,600,800
IP 142.250.74.138:0
Size 128 kB (128134 bytes)
Hash f4c695f9b512c7f21665e3f4bb448ba9
01bf6b6f7b4740b0118e77fa9e85499b3cba1fb3
b6fff0365682b0db607956c621136ab101ae7ac7af9ca7adce012e6d00248d10
GET /css?family=Montserrat:300,400,500,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 10:35:25 GMT
date: Wed, 30 Nov 2022 10:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/banner-accueil.jpg
72.10.173.218200 OK 171 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/banner-accueil.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x541, components 3\012- data
Size 171 kB (170761 bytes)
Hash 5cd224a416c702fe11e4c44ca1015513
e7288f454ca10fc8bc7a11d0cdac7db3dd781c75
19a10c1ce3b6c8503da025a169cc1688ec69e4ec3c5fafd6e007aab4a461c84e
GET /wp-content/uploads/2022/10/banner-accueil.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:57:15 GMT
accept-ranges: bytes
content-length: 170761
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:25 GMT
vary: Accept-Encoding
content-type: image/jpeg
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/quick-dry-bg.png
72.10.173.218200 OK 28 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/quick-dry-bg.png
IP 72.10.173.218:0
File type PNG image data, 784 x 413, 8-bit colormap, non-interlaced\012- data
Hash 817074b14f8b5a5bdab5cd65aa09e7d8
4bed0b9ebf564e2edebae15675ac34bcad1318ed
b4cc149cc85ab80f9146769eccd32b053586af764a3601ff07dd2feafcfa253d
GET /wp-content/uploads/2022/10/quick-dry-bg.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 14:23:54 GMT
accept-ranges: bytes
content-length: 27899
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:25 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway
142.250.74.138200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway
IP 142.250.74.138:0
Hash 3ebbc317a7a96b3f2b0e7008e67c2f64
60b481453c87019373d1704eba3223d8da1fca49
210195086b57b0e58388cfd2d954ae3da64a3bfc8d7b88f41a8df42273d4934b
GET /css?family=Raleway HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 10:35:25 GMT
date: Wed, 30 Nov 2022 10:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/hypdry-banner.jpg
72.10.173.218200 OK 86 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/hypdry-banner.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1100x415, components 3\012- data
Hash 01a78c04bb5f15792249deb8a7904f12
5da8d4ab63340cfe6441608c72de9301b5b64a9a
09a3c178f117e21e6dcfd3f4cc63965e5b594e0e93ef88ec3c87755775a0ed3a
GET /wp-content/uploads/2022/10/hypdry-banner.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 14:20:53 GMT
accept-ranges: bytes
content-length: 85608
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:25 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/hypdry-bg.png
72.10.173.218200 OK 22 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/hypdry-bg.png
IP 72.10.173.218:0
File type PNG image data, 780 x 414, 8-bit colormap, non-interlaced\012- data
Hash ae3384a2d7d97184f50420fa61e5e716
0effea1fc80a6b52527e2351c82a605d92074e32
449baf49a3a1b80a539f30efab0501416e6e4ba15831057a8ea4369cefeecd75
GET /wp-content/uploads/2022/10/hypdry-bg.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 14:21:46 GMT
accept-ranges: bytes
content-length: 22066
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:25 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/bandit-bg.png
72.10.173.218200 OK 32 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/bandit-bg.png
IP 72.10.173.218:0
File type PNG image data, 779 x 413, 8-bit colormap, non-interlaced\012- data
Hash a7db23ebc383bab016dd30446ba75055
8c06bc55d3d35c00d5e9ed071c3914bf09170cba
717e1160fbf078a993a8fd95bb904903ad1dcaf817423111fe65a6dec7e7fa20
GET /wp-content/uploads/2022/10/bandit-bg.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:57:13 GMT
accept-ranges: bytes
content-length: 32025
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/png
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/rafale-leger-banner.jpg
72.10.173.218200 OK 70 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/rafale-leger-banner.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x566, components 3\012- data
Hash 248f2ddb243485700ca0065c567661d3
149e5e28fc133a395936f1ba8a0a12944e41cc1e
dea657b942a62d13bae1724fb74495b92fc8453c1b0014ea1d29dbfb5e61c660
GET /wp-content/uploads/2022/10/rafale-leger-banner.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:57:37 GMT
accept-ranges: bytes
content-length: 69666
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/jpeg
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/bandit-banner.jpg
72.10.173.218200 OK 156 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/bandit-banner.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x566, components 3\012- data
Size 156 kB (156391 bytes)
Hash 303ecfb719b2affa1ccc8d4de06608d9
c93e7206dc562abf16ce8a796db4164767adae67
b6001b069fdae9d2e8439d703630451c02325b3d3e243f9a2d3d1188dc0e258e
GET /wp-content/uploads/2022/10/bandit-banner.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:57:11 GMT
accept-ranges: bytes
content-length: 156391
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/jpeg
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/marketing-bg.png
72.10.173.218200 OK 281 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/marketing-bg.png
IP 72.10.173.218:0
File type PNG image data, 1598 x 622, 8-bit colormap, non-interlaced\012- data
Size 281 kB (280742 bytes)
Hash af60f7e51ec25d280cbe18f9930abd5e
9dee8220833e0af92ac8b131953104ee6afb7f97
441cb4cabd4d5e353bbb06a4e85cb984a9398f618de83fc67caaf227afa2b422
GET /wp-content/uploads/2022/10/marketing-bg.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 13:08:17 GMT
accept-ranges: bytes
content-length: 280742
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/png
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/rafale-leger-bg.png
72.10.173.218200 OK 12 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/rafale-leger-bg.png
IP 72.10.173.218:0
File type PNG image data, 779 x 413, 8-bit colormap, non-interlaced\012- data
Hash 9fe83357db05da127f036b3378fafcfd
a9daca0ac3ec7f8240bb24ae9d0d9881327f3b46
fc6fc7c6fbf1f1eec213a154ae9580cca60e45309303dcf67d8c09856dbb6199
GET /wp-content/uploads/2022/10/rafale-leger-bg.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 14:26:06 GMT
accept-ranges: bytes
content-length: 12246
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:26 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/galerie-img1.jpg
72.10.173.218200 OK 31 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/galerie-img1.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x746, components 3\012- data
Hash d20d9f32920fc526346821c0f3b9b5b2
457ad5233d687756ceeebca771d65f2dddde1a43
fcf89764c455cd3c517bfd735d2159680b772cd5fb6d87e76679699184082ca6
GET /wp-content/uploads/2022/10/galerie-img1.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 16:02:31 GMT
accept-ranges: bytes
content-length: 30687
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:26 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/message-1.png
72.10.173.218200 OK 203 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/message-1.png
IP 72.10.173.218:0
File type PNG image data, 22 x 17, 8-bit gray+alpha, non-interlaced\012- data
Hash 64444ae6c0b15eb9866af18457e8e3e7
0931301f9a64231082a2bcd468960c9e20c5663c
68971618b6ce2312a76535582ef32b282854d88eb5893a3288d4e3870a7196a1
GET /wp-content/uploads/2022/10/message-1.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 13:13:47 GMT
accept-ranges: bytes
content-length: 203
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/png
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/galerie-img2.jpg
72.10.173.218200 OK 36 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/galerie-img2.jpg
IP 72.10.173.218:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x373, components 3\012- data
Hash 00d1a029d82181b1db234bbab6dec608
042405a6002092d0df191eb86adf4546d2985ca9
bef2aa7ac4104d8f5ba278c52ed2a8c47d06971be8d385463d725be7f78c6d53
GET /wp-content/uploads/2022/10/galerie-img2.jpg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 16:03:18 GMT
accept-ranges: bytes
content-length: 35662
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:26 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/chart-icon-1.png
72.10.173.218200 OK 253 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/chart-icon-1.png
IP 72.10.173.218:0
File type PNG image data, 24 x 23, 8-bit gray+alpha, non-interlaced\012- data
Hash 5d44a71f50e2de5b4abd47ee9d032813
846fec1697a08f166fc7ec58143dc3753e3fe75e
c21c46f93c25af53dffa800e7adb42d01ee0d64c2d4a025f31f161cdf3ad0200
GET /wp-content/uploads/2022/10/chart-icon-1.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 13:11:43 GMT
accept-ranges: bytes
content-length: 253
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/png
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/icones-accueil.svg
72.10.173.218200 OK 23 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/icones-accueil.svg
IP 72.10.173.218:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f6046b2972ae366bc20a42e74ef8bb4e
caf5930ea5c7beaeed7a95b0ddc403af61392380
48d2aae90cd04be5a2da62697bb690d129807f1fb7550abcde9ab4671aef4f59
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/icones-accueil.svg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:57:23 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 22697
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/lb-close.png
72.10.173.218200 OK 228 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/lb-close.png
IP 72.10.173.218:0
File type PNG image data, 27 x 27, 8-bit gray+alpha, non-interlaced\012- data
Hash 7296900c42127e3ab937c62ba49d63ba
97979dd6fdc6e566962f70a56ef9d4c41690cc6b
6a77348f187fd00d90945376e6bacbf56975c28f3842bec9fa5dfbfd016e3080
GET /wp-content/uploads/2022/10/lb-close.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 12:58:19 GMT
accept-ranges: bytes
content-length: 228
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/png
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/lb-loading.gif
72.10.173.218200 OK 7.1 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/lb-loading.gif
IP 72.10.173.218:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 23ea9bf0d5807606b4026b539f4fcae6
ee376e48e7a38a7ce108cafed41fd74e2b50540a
66425360e1bf9bafbb1c6ecdaa4e1d84b9390f7104296878f68b2c2d6c39ecd9
GET /wp-content/uploads/2022/10/lb-loading.gif HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 14:27:58 GMT
accept-ranges: bytes
content-length: 7093
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-type: image/gif
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/lb-next.png
72.10.173.218200 OK 509 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/lb-next.png
IP 72.10.173.218:0
File type PNG image data, 50 x 45, 8-bit colormap, non-interlaced\012- data
Hash b29c18552c2ad57a7774d04279ba00df
e54de57fe2922d95ce20859a080a674cfb605b79
4d8fed32494bb20e1faaa1ecd6915b841c5a09f6077fe60728f39516d2b6d757
GET /wp-content/uploads/2022/10/lb-next.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 14:28:01 GMT
accept-ranges: bytes
content-length: 509
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:26 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/lb-prev.png
72.10.173.218200 OK 512 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/lb-prev.png
IP 72.10.173.218:0
File type PNG image data, 50 x 45, 8-bit colormap, non-interlaced\012- data
Hash 477293133ab9440be773ef6cff204d02
6c34c2e6156d965793045c0c02269303bd9ca9cd
e1c824764f37b84600be9e23250f4f78c7341731869e54258963077611e7e703
GET /wp-content/uploads/2022/10/lb-prev.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/wp-content/cache/min/1/wp-content/themes/lithiummarketing/css/style.css?ver=1669738947
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 14:28:06 GMT
accept-ranges: bytes
content-length: 512
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:26 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1908e90138fc34a534b90f254e28cb3b
76ee78d4e850e58a30245ac4aa5526318de8de48
16decebf47c75ab4df0a9683a6edffcf7b8ed7f799d255989b52df3f983299c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2663
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:26 GMT
Last-Modified: Wed, 30 Nov 2022 09:51:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: xnRvwISRPweNWGDEAaTagKyEbKWUu4f90I3IQWK6q/0V+MlCCWC93SNNGreHokne7oKGHy/NvEJYe8WEVxkcYg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 10:35:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789492340/?random=1669804524314&cv=11&fst=1669804524314&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&auid=116427589.1669804524&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.66200 OK 905 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789492340/?random=1669804524314&cv=11&fst=1669804524314&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&auid=116427589.1669804524&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (1925), with no line terminators
Hash 7d0c62a4d5b4652eebedc66af4d74c15
0b2e31deb950832c6dcf11766842a93401c423ec
5013218f6c12e263f42123e6d6e9435451a5d796d0973e9c8ad42cea49e79262
GET /pagead/viewthroughconversion/789492340/?random=1669804524314&cv=11&fst=1669804524314&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&auid=116427589.1669804524&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 10:35:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 905
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 10:50:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1908e90138fc34a534b90f254e28cb3b
76ee78d4e850e58a30245ac4aa5526318de8de48
16decebf47c75ab4df0a9683a6edffcf7b8ed7f799d255989b52df3f983299c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2663
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:26 GMT
Last-Modified: Wed, 30 Nov 2022 09:51:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hypnoseclothing.com/wp-content/uploads/2021/08/cropped-ms-icon-310x310-1-300x300.png
72.10.173.218200 OK 4.1 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2021/08/cropped-ms-icon-310x310-1-300x300.png
IP 72.10.173.218:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 6dc8b862b67074e301af1e40ebe4151c
3a25878c3ff192776437d42eb86f08557b9a032f
5b0f56f4348b3a865583d1548042953078d3434c58335e79002f3b15ed899326
GET /wp-content/uploads/2021/08/cropped-ms-icon-310x310-1-300x300.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 13:35:32 GMT
accept-ranges: bytes
content-length: 4113
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:26 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2021/08/cropped-ms-icon-310x310-1-100x100.png
72.10.173.218200 OK 1.1 kB URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2021/08/cropped-ms-icon-310x310-1-100x100.png
IP 72.10.173.218:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 1f3d94157553f66f2e581620dc3b2012
649917e5d034c1f5d92c832de447e612defe63a9
4692ef893e32154db429d35b0ae92bef10418c5d7cfd9a6820d0a523538037e7
GET /wp-content/uploads/2021/08/cropped-ms-icon-310x310-1-100x100.png HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept,Accept-Encoding
last-modified: Thu, 27 Oct 2022 13:35:34 GMT
accept-ranges: bytes
content-length: 1148
cache-control: max-age=10368000
expires: Thu, 30 Mar 2023 10:35:26 GMT
content-type: image/webp
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/789492340/?random=1669804524314&cv=11&fst=1669802400000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302379229&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/789492340/?random=1669804524314&cv=11&fst=1669802400000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302379229&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/789492340/?random=1669804524314&cv=11&fst=1669802400000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302379229&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 10:35:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/789492340/?random=1669804524314&cv=11&fst=1669802400000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302379229&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/789492340/?random=1669804524314&cv=11&fst=1669802400000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302379229&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/789492340/?random=1669804524314&cv=11&fst=1669802400000&bg=ffffff&guid=ON&async=1>m=2oabs0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhypnoseclothing.com%2F&tiba=V%C3%AAtements%20de%20plein%20air%20%7C%20Hypnose%20Clothing&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302379229&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 10:35:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hypnoseclothing.com/?wc-ajax=get_refreshed_fragments
72.10.173.218200 OK 192 B URL HTTP/2 hypnoseclothing.com/?wc-ajax=get_refreshed_fragments
IP 72.10.173.218:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ff8ffa8fbba68eb5ef7643e9c4399b3a
61d98a423dd488766656231be3aec886507c69c4
2f94cc4d10fdeeb826f29417cc96794ac83602e7a08e00e46968b3810840ee79
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://hypnoseclothing.com
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://hypnoseclothing.com
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
cache-control: no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
content-length: 192
content-type: application/json; charset=UTF-8
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-admin/admin-ajax.php
72.10.173.218200 OK 649 B URL HTTP/2 hypnoseclothing.com/wp-admin/admin-ajax.php
IP 72.10.173.218:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (797)
Hash 77032375d72a3fc31c1704344d8ba43d
430e15e96342456bb982960940a1eb3d277ae1f8
6231cfc7b7c40ba8995cc3fc2feaae06dbd041be0a09228868a5e19f2b41bb02
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 66
Origin: https://hypnoseclothing.com
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://hypnoseclothing.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
cache-control: no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
content-length: 649
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=797547134513377&ev=PageView&dl=https%3A%2F%2Fhypnoseclothing.com%2F&rl=&if=false&ts=1669804526126&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%224461545200526902%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22453872335841880%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%223802802513170991%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221559369584454036%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1669804526124.1264085766&it=1669804525627&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=797547134513377&ev=PageView&dl=https%3A%2F%2Fhypnoseclothing.com%2F&rl=&if=false&ts=1669804526126&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%224461545200526902%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22453872335841880%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%223802802513170991%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221559369584454036%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1669804526124.1264085766&it=1669804525627&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=797547134513377&ev=PageView&dl=https%3A%2F%2Fhypnoseclothing.com%2F&rl=&if=false&ts=1669804526126&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%224461545200526902%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22453872335841880%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%223802802513170991%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221559369584454036%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1669804526124.1264085766&it=1669804525627&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Nov 2022 10:35:27 GMT
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-admin/admin-ajax.php
72.10.173.218200 OK 1 B URL HTTP/2 hypnoseclothing.com/wp-admin/admin-ajax.php
IP 72.10.173.218:0
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 28
Origin: https://hypnoseclothing.com
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524; wp-wpml_current_language=fr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://hypnoseclothing.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
vary: Accept-Encoding
content-encoding: br
cache-control: no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
content-length: 1
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:300,400,500,600,700
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,500,600,700
IP 142.250.74.138:0
GET /css?family=Oswald:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 10:35:25 GMT
date: Wed, 30 Nov 2022 10:35:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/uploads/2022/10/logo-1.svg
72.10.173.218200 OK 0 B URL HTTP/2 hypnoseclothing.com/wp-content/uploads/2022/10/logo-1.svg
IP 72.10.173.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/logo-1.svg HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Cookie: _gcl_au=1.1.116427589.1669804524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 13:13:20 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Thu, 30 Mar 2023 10:35:26 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: image/svg+xml
date: Wed, 30 Nov 2022 10:35:26 GMT
server: Apache
X-Firefox-Spdy: h2
hypnoseclothing.com/wp-content/cache/min/1/ajax/libs/moment.js/2.29.1/moment-with-locales.min.js?ver=1669738947
72.10.173.218200 OK 0 B URL HTTP/2 hypnoseclothing.com/wp-content/cache/min/1/ajax/libs/moment.js/2.29.1/moment-with-locales.min.js?ver=1669738947
IP 72.10.173.218:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/min/1/ajax/libs/moment.js/2.29.1/moment-with-locales.min.js?ver=1669738947 HTTP/1.1
Host: hypnoseclothing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hypnoseclothing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 16:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 30 Nov 2023 10:35:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 10:35:25 GMT
server: Apache
X-Firefox-Spdy: h2