r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Mon, 05 Dec 2022 21:29:11 GMT
Date: Mon, 05 Dec 2022 20:25:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1455
Cache-Control: max-age=138588
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:46 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:55:34 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4301
Expires: Mon, 05 Dec 2022 21:37:27 GMT
Date: Mon, 05 Dec 2022 20:25:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 20:20:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 327
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xr+JALK+yy7zwu1xRDxhCUr76y20PMUavGdOTL2S7qWdfPBND2HOcph9R3kPerxvdmjxR9xpitB7ZdI2aZPZDQ==
x-amz-request-id: C55EFEKQ201FSAHS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:48:38 GMT
age: 2228
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:25:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 20:08:58 GMT
cache-control: public,max-age=3600
age: 1008
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
hsbusinessconsultancy.com/
72.18.131.227200 OK 29 kB URL HTTP/1.1 hsbusinessconsultancy.com/
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9834), with CRLF, CR, LF line terminators
Hash f27e8d99ed02f887b0e0c553a0293c07
80d9b29519bf522b9b7e3716aabde20a78ec0ec5
98ba1d56ada636b989138c364e8787a981e1a911226d7b4e11c05fb30e980a63
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:46 GMT
Server: Apache
Link: <https://hsbusinessconsultancy.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://hsbusinessconsultancy.com/index.php?rest_route=/wp/v2/pages/15>; rel="alternate"; type="application/json", <https://hsbusinessconsultancy.com/>; rel=shortlink
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:46 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 29130
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
216.58.211.14301 Moved Permanently 0 B URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 216.58.211.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Dec 2022 20:25:47 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
hsbusinessconsultancy.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
72.18.131.227200 OK 299 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:46 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:00:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:46 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 299
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/js/rpt.min.js?ver=5.1.6
72.18.131.227200 OK 244 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/js/rpt.min.js?ver=5.1.6
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
Hash 86bfffe9f27d063a1115520edfc3dce5
f645c2fe91c475edd40f596140ad6857b2cfe8f0
a4465c0061cf587cc04fe5f99c509d7b3ceff4e6bf059c1ae44eceea92139e40
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dk-pricr-responsive-pricing-table/inc/js/rpt.min.js?ver=5.1.6 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 29 Jun 2022 12:06:35 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 244
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hsbusinessconsultancy.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
72.18.131.227200 OK 972 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 19 Oct 2022 15:57:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/css/libs/swiper-bundle.min.css?ver=3.3.2
72.18.131.227200 OK 4.5 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/css/libs/swiper-bundle.min.css?ver=3.3.2
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (15307), with CRLF line terminators
Hash de867019e0aec5fd7fe90c58ac9aa4f6
90dbad4392bd9eb7878f48c21c386de7f2f69023
fefdc5ed6b9a8a4e36592c7fa21205b377e14eac98f1aca4670ad0af84cdb402
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/nimble-builder/assets/front/css/libs/swiper-bundle.min.css?ver=3.3.2 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 28 Sep 2022 15:56:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 4466
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/star-fonts.css?ver=6.1.1
72.18.131.227200 OK 574 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/star-fonts.css?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (2039), with no line terminators
Hash 84fa2f65003e663c2465ab3ffac9eebd
7e3649bc2d1f0e5afcfabb665aea1926656d3b71
2de5becea2321e3ecdf3f024ea4445e403f4db0a76a8e5e766a653163c8faf01
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/star-fonts.css?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Mon, 08 Jun 2020 07:43:16 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 574
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=16205213013.0.1
72.18.131.227200 OK 4.9 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=16205213013.0.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (21881)
Hash 73c81ba037f9cd32c2b2805a8f71b5dd
446970fba9bd6be0936ccebe26ff009c7b2da551
5481decfb61efd81f4d5b3a2b81aa0e19a8f7394f209ca4bc8cd8b8917cdebae
GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=16205213013.0.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Mon, 17 Oct 2022 18:33:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 4908
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/css/sek-base-light.min.css?ver=3.3.2
72.18.131.227200 OK 4.6 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/css/sek-base-light.min.css?ver=3.3.2
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (20883), with no line terminators
Hash 92f165b572f585416b905e7dc714d4c5
0d7637e9a9c3d4e6a0b113ad10b5b431c2face13
26b192b3d818869b6ee3cac4e5bbcf1905ed51180a6597ba963975e12b9329aa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/nimble-builder/assets/front/css/sek-base-light.min.css?ver=3.3.2 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 28 Sep 2022 15:56:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 4605
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/styles.css?ver=6.1.1
72.18.131.227200 OK 3.9 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/styles.css?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (25703), with no line terminators
Hash 8f6431e3f2454667b8ec5bf6f5a6b705
a58af9fec1c5c0944ade4cdc8370ab421f29c3bb
9644b5500aef388902dfd3118eea3822a6b99ae63bf0aeef962230f1a9aa8194
GET /wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/styles.css?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 20 Feb 2022 03:27:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 3900
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1426
Cache-Control: max-age=133491
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:47 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:30:38 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2f437e0504209bba906c8dcf0413fd08
b1d038811c92ef4a9fa802e9251eb68170f2df11
6b9a2f9842e394bbe6e3788fec07c51544a8a14c639cd799d6a97b6836322838
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5886
Cache-Control: max-age=115977
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:47 GMT
Etag: "638d5ed6-118"
Expires: Wed, 07 Dec 2022 04:38:44 GMT
Last-Modified: Mon, 05 Dec 2022 03:00:38 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/simplegrid.css?ver=6.1.1
72.18.131.227200 OK 762 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/simplegrid.css?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (3868), with no line terminators
Hash 4cd8df6f18291da51168fab107da4fb1
5e964d51ccf6780c0c9693688540c12b69c43bd2
34d7171c3d7d561c7a100137b5f9e3e066abb264034cabe62f7c4b1f7d53251c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/css/simplegrid.css?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Mon, 08 Jun 2020 07:43:16 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 762
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/slick/slick.css?ver=1.4.4
72.18.131.227200 OK 577 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/slick/slick.css?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with CRLF line terminators
Hash 9a305af1bd689c44fc4661a500b05755
b07fa876f042d1712050acd9602d1b7fabe85f94
62c7e903b6dc0646986bddbed5003a4da334edfec2120804c87138142cdcd89e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/lib/slick/slick.css?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 577
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/slick/slick-theme.css?ver=1.4.4
72.18.131.227200 OK 878 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/slick/slick-theme.css?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2ae66f8c8317623b29df8ecb78cc4256
00ac077eef398917fc07b2f2fec25ec7ca48d72b
595d0559c400ebf55e98462bdbcb1efb7863c7ee9c8970a9f3f0109fe19718c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/lib/slick/slick-theme.css?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 878
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/jarallax/jarallax.css?ver=1.4.4
72.18.131.227200 OK 215 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/jarallax/jarallax.css?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with CRLF line terminators
Hash 56c3a74fe3d4418ba9695705e0c293f6
a90e783265c413733cd71365760484dd49bb50fb
1c43c083315b978581b9958088eba5fa9de78629d81d9dd5ccb943f37d4ae7b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/lib/jarallax/jarallax.css?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 215
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/ionicons/css/ionicons.min.css?ver=1.4.4
72.18.131.227200 OK 8.3 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/ionicons/css/ionicons.min.css?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type Unicode text, UTF-8 text, with very long lines (50806), with CRLF line terminators
Hash 3e899b37265be6568046a6b6723906e3
81630a92ee44f99310c46508b393d200c772577e
ccc586808aa43ac5b1a2838d5f9ef3aa686705b74daadce44ae654b9c2daa496
GET /wp-content/themes/arrival/assets/lib/ionicons/css/ionicons.min.css?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 8293
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/themes/arrival/style.css?ver=1.4.4
72.18.131.227200 OK 13 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/style.css?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type Unicode text, UTF-8 text, with very long lines (638), with CRLF line terminators
Hash 3b58ce5b00809d2b99fdf1f81bc1dd07
45bab675a2a4f671b72222b33435feb1e721428b
a7402735b3d0ad9f37e6682b924af8a45ab4eacc8e8f36516e26b42eaf631820
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/style.css?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 12658
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2f437e0504209bba906c8dcf0413fd08
b1d038811c92ef4a9fa802e9251eb68170f2df11
6b9a2f9842e394bbe6e3788fec07c51544a8a14c639cd799d6a97b6836322838
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5886
Cache-Control: max-age=115977
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:47 GMT
Etag: "638d5ed6-118"
Expires: Wed, 07 Dec 2022 04:38:44 GMT
Last-Modified: Mon, 05 Dec 2022 03:00:38 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FwMOIMl0yNB7VheIqsixrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zk+cwrfd2caDYwaSEzgEJ9MTM1M=
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/css/responsive.css?ver=1.4.4
72.18.131.227200 OK 1.1 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/css/responsive.css?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with CRLF line terminators
Hash 2f950799e63d397959895f16ca319f4d
75ed2afab7be44f9fbc6f4d9eeb46e515a45e30f
bebce2ea12417f37db225d5fec71ec20ee320cdce8f34036adda18a6102a91fb
GET /wp-content/themes/arrival/assets/css/responsive.css?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 1145
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/css/content.css?ver=1.4.4
72.18.131.227200 OK 3.4 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/css/content.css?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1a8c620d1f6b30a69c1b85d5fb1574ed
04ea3aeb10b12cc5751f7b5b9acafb24749ae54e
c6500d7318bea10a49bff497c84ae6f802c22d62e948a4082a04a7f4e3d04f3f
GET /wp-content/themes/arrival/assets/css/content.css?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 3385
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/css/rpt_style.min.css?ver=5.1.6
72.18.131.227200 OK 1.5 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/css/rpt_style.min.css?ver=5.1.6
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (7847)
Hash bfa76d9dd7de8ba17c47e0d8623bff80
1ffbe0a28d14e6c52afe905e79b986167e0a705f
eafc53160809c2611f29752f96dbf5228634b5511465f6f31797359225698dc2
GET /wp-content/plugins/dk-pricr-responsive-pricing-table/inc/css/rpt_style.min.css?ver=5.1.6 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 18 Dec 2019 07:58:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 1531
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/uploads/nimble_css/skp__post_page_15.css?ver=1667761672
72.18.131.227200 OK 7.9 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/nimble_css/skp__post_page_15.css?ver=1667761672
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (57164), with no line terminators
Hash 4d715c1e72e9cdd9baf6d7ca72fb3fd4
f9becd1b7c940e9c3f206189a0b48ec3a705f03b
0e258e476772e30124332545a3a9c4099d05e1ae1035c8e59b5feede0cb4af62
GET /wp-content/uploads/nimble_css/skp__post_page_15.css?ver=1667761672 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:07:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 7943
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/uploads/nimble_css/skp__global.css?ver=1667761672
72.18.131.227200 OK 1.2 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/nimble_css/skp__global.css?ver=1667761672
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (5008), with no line terminators
Hash 03eea022e0291f4413778c5b1d8e5a7a
a4898962b340dcd8edce478c3bb5377a70b05fbe
e96039cdb29c08df7858e249d5b06415c121785aff192940398a7c87f48d7f53
GET /wp-content/uploads/nimble_css/skp__global.css?ver=1667761672 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:07:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 1170
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
72.18.131.227200 OK 4.2 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 29 Jun 2022 12:07:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 4169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/js/grid.js?ver=6.1.1
72.18.131.227200 OK 316 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/js/grid.js?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with CRLF line terminators
Hash 3a6166e5ad085ae3a5dcd71106da7fe2
eb246c7ce3fa9fce1c230d5e02d216e8c9c12209
85dd1761ce5346da4591bcf58271b665ae92449f954e47626ab5d5f585e88c2c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/js/grid.js?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 30 Dec 2020 08:38:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 316
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/js/read-more.js?ver=6.1.1
72.18.131.227200 OK 587 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/js/read-more.js?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type HTML document, ASCII text, with CRLF line terminators
Hash 7e135ab38cd97da11a031115002c6ac1
1ffc3817f2c241a8acde424cb5c2c36adb285a2d
d245e99b4c8904125b867b72ba308bd58ef9fa3ec695f3776807193aa7d795e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/js/read-more.js?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 20 Feb 2022 03:27:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 587
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/js/wooButtons.js?ver=1.4.4
72.18.131.227200 OK 1.1 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/js/wooButtons.js?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type HTML document, ASCII text, with CRLF line terminators
Hash d223e714f3f58d7cae74a1b6399e65b7
d8dab7d3690cb5e3dfdd25867e1daadb82429d12
761c6bb62d083a7a6d7679a177e5e101696155dbe97ece9eaf83c00259f39995
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/js/wooButtons.js?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 1125
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
72.18.131.227200 OK 31 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 02 Nov 2022 03:55:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 30995
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/jquery-fitvids/jquery.fitvids.js?ver=1.4.4
72.18.131.227200 OK 1.4 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/jquery-fitvids/jquery.fitvids.js?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type HTML document, ASCII text, with CRLF line terminators
Hash 99fcdda22a13f1dcb7b0e1f554d8446e
2e6841c08d97cf849e22d2ac320d7167e1309bf5
d2d954bb94b1a8e66856ce5d8d9a1ccc3bb253201bc3527a78ff4f45fc87b6ca
GET /wp-content/themes/arrival/assets/lib/jquery-fitvids/jquery.fitvids.js?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 1354
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=16205213013.0.1
72.18.131.227200 OK 15 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=16205213013.0.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (58142)
Hash 94dcca3f266f2731d905608b798e100b
2d693f27cd2a8df5df6f786be02c7b542a8356df
cdf2109330a4e86186c84cb11d7b43c06a0dc5118c630f23a7f808e2fe250cf9
GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=16205213013.0.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Mon, 17 Oct 2022 18:33:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 15027
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/slick/slick.min.js?ver=6.1.1
72.18.131.227200 OK 10 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/slick/slick.min.js?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash b85930f19e6ddab27aecf0b74ba4d69b
2a459e83535035c0f0f9f09e68d0d1f7838744e5
27f59fc7fbb34fc991341a966e38784c1be7ffdf100a3a4aa1307b2f95f9cbc0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/lib/slick/slick.min.js?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 10445
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/smoothscroll/smoothscroll.min.js?ver=1.4.4
72.18.131.227200 OK 3.2 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/smoothscroll/smoothscroll.min.js?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (7422), with no line terminators
Hash 5856cc80395528ff95f73ce94a80f569
377bf2f5eb02500e3291a1c2af2b1e37d9117fa3
8d890a644b04b20c7d4b920a5e2d9d33c838f39a4e334cb0e191d76ea0dd3bf0
GET /wp-content/themes/arrival/assets/lib/smoothscroll/smoothscroll.min.js?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 3195
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/jarallax/jarallax.min.js?ver=1.4.4
72.18.131.227200 OK 5.1 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/lib/jarallax/jarallax.min.js?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (15276), with CRLF line terminators
Hash 92bb174588f1fcb82c1e8f92edd9839b
481f775b37e143b1be6699ae21eb449b687b806e
721d44f469715c30be9f9b5451e06b4ad4d820511ba3bd17703f576541706e58
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/lib/jarallax/jarallax.min.js?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 5075
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/js/skip-link-focus-fix.js?ver=1.4.4
72.18.131.227200 OK 416 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/js/skip-link-focus-fix.js?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with CRLF line terminators
Hash 6556b1b5d59bce6e688dd168018bacbc
1c76752a62deba54fab1df0a44b1c164cb75a0c6
0e520ce5a09fb96d7613c43d267cb1ea40d66e1ea1da71108781d46b28455658
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/js/skip-link-focus-fix.js?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 416
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/themes/arrival/assets/js/custom-scripts.js?ver=1.4.4
72.18.131.227200 OK 1.8 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/themes/arrival/assets/js/custom-scripts.js?ver=1.4.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with CRLF line terminators
Hash 748d98b5651c9ec7a690308a041c1a03
a204c8bf7b70546f68e2e6da744725c6aa02bee0
a6d7aeeb093cd5c3fc148cc975a2a64b548f0235dcd9ea7e0caa8726f5c896df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/arrival/assets/js/custom-scripts.js?ver=1.4.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:08:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 1802
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-includes/css/classic-themes.min.css?ver=1
72.18.131.227200 OK 189 B URL HTTP/1.1 hsbusinessconsultancy.com/wp-includes/css/classic-themes.min.css?ver=1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 02 Nov 2022 03:55:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 189
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
72.18.131.227200 OK 12 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 16 Nov 2022 03:54:27 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 12518
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
hsbusinessconsultancy.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
72.18.131.227200 OK 2.9 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 19 Oct 2022 15:57:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 2937
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
72.18.131.227200 OK 5.0 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 29 Jun 2022 12:07:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 5009
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
72.18.131.227200 OK 4.0 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 19 Oct 2022 15:57:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:47 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 3957
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/plugins/gtranslate/flags/24/en.png
72.18.131.227200 OK 1.8 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/gtranslate/flags/24/en.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
GET /wp-content/plugins/gtranslate/flags/24/en.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 06 Nov 2022 19:00:19 GMT
Accept-Ranges: bytes
Content-Length: 1767
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:48 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
maps.google.com/maps?q=OFFICE%20622%2C%20B1%20BUILDING%2C%20AJMAN%20FREEZONE%2C%20AJMAN&t=m&z=12&output=embed&iwloc=near
142.250.74.142301 Moved Permanently 315 B URL HTTP/2 maps.google.com/maps?q=OFFICE%20622%2C%20B1%20BUILDING%2C%20AJMAN%20FREEZONE%2C%20AJMAN&t=m&z=12&output=embed&iwloc=near
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a721cf59d64907ab2245b83229528e70
21d14ee51d9a5b390c13318293b01a7f33b29eb0
8cd27b5da9b6799eacf57a1b44a2703662dec4f722f733acc0c951a3d157c2bb
GET /maps?q=OFFICE%20622%2C%20B1%20BUILDING%2C%20AJMAN%20FREEZONE%2C%20AJMAN&t=m&z=12&output=embed&iwloc=near HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 20:25:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sOFFICE+622,+B1+BUILDING,+AJMAN+FREEZONE,+AJMAN!5e0!6i12
content-type: text/html; charset=UTF-8
server: mafe
content-length: 315
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/css/translateelement.css
172.217.21.170200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 172.217.21.170:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 20:18:18 GMT
expires: Mon, 05 Dec 2022 21:18:18 GMT
cache-control: public, max-age=3600
age: 450
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 435114
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:14:50 GMT
expires: Wed, 29 Nov 2023 22:14:50 GMT
cache-control: public, max-age=31536000
age: 511858
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 435093
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:33 GMT
expires: Wed, 29 Nov 2023 15:42:33 GMT
cache-control: public, max-age=31536000
age: 535395
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1671
Cache-Control: max-age=88026
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:48 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:52:54 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:25:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1005074
expires: Sat, 25 Nov 2023 20:25:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1OlhpPnL1UXi8kNB0jhCDs401noL4YtvEyMo8WqqBQf2%2FX4t15KQCJpvCbb%2BngTlPjuCpFiYnBN%2FO4MQ1Keq1YEFFssadMQxcr%2FWyvPNF6WwLvbH9vGk5Nnk20%2FAgSQOLnP6k7g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774f835c684c1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:regular%7CRoboto:regular%7CRubik:regular&display=swap
142.250.74.74200 OK 751 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat:regular%7CRoboto:regular%7CRubik:regular&display=swap
IP 142.250.74.74:0
Hash 6252a991a0fc02e3cf5868853c8d261f
70fa9793cfc272a66a6b22eb7c72416cf6038a87
0c39104eb70815c99c4ba126243290837dbd99a570cde690af1948df01d94bbc
GET /css?family=Montserrat:regular%7CRoboto:regular%7CRubik:regular&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 20:25:48 GMT
Date: Mon, 05 Dec 2022 20:25:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1671
Cache-Control: max-age=88026
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:25:48 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:52:54 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/partials/menu-module.min.js?v=3.3.2
72.18.131.227200 OK 2.9 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/partials/menu-module.min.js?v=3.3.2
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (8611), with no line terminators
Hash 7b615197d546749f5185ba83192cb125
a0e4fa01f47ef01d5f88226bd82dfff67f1241b9
40c65fa4c9ce84744762e32662535417a2304c0204d9e5877f21ce180cc93263
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/nimble-builder/assets/front/js/partials/menu-module.min.js?v=3.3.2 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
Cookie: poptin_old_user=true; poptin_user_id=0.an5m34rc98d
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 28 Sep 2022 15:56:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 2860
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/partials/slider-module.min.js?v=3.3.2
72.18.131.227200 OK 2.6 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/partials/slider-module.min.js?v=3.3.2
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (7624), with no line terminators
Hash 3f51c3463132e68aa85dda787bb8606d
5ffdf8e860bf7f27335e2de8de171edfec5c28bb
49c4877a0e719c2b2d30b868441d78f6f0c73b6ac63abf4e7f9bd7a63b478085
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/nimble-builder/assets/front/js/partials/slider-module.min.js?v=3.3.2 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
Cookie: poptin_old_user=true; poptin_user_id=0.an5m34rc98d
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 28 Sep 2022 15:56:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 2607
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 12708
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 10:42:33 GMT
Expires: Wed, 29 Nov 2023 10:42:33 GMT
Cache-Control: public, max-age=31536000
Age: 553395
Last-Modified: Mon, 11 Jul 2022 18:55:59 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 21:13:25 GMT
Expires: Thu, 30 Nov 2023 21:13:25 GMT
Cache-Control: public, max-age=31536000
Age: 429143
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/ccat-nimble-front.min.js?v=3.3.2
72.18.131.227200 OK 4.8 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/ccat-nimble-front.min.js?v=3.3.2
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (15797), with no line terminators
Hash 0741aa5239db8fa386cbe393ba3b26c8
6a7395668eef8a5222c1fd238ab8a1b0b2c5912b
82d402b3366b84ee5c58418dbd43fd2250408f313752172e4e749bcc169a87d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/nimble-builder/assets/front/js/ccat-nimble-front.min.js?v=3.3.2 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
Cookie: poptin_old_user=true; poptin_user_id=0.an5m34rc98d
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 28 Sep 2022 15:56:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 4792
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/rubik/v21/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
216.58.207.227200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/rubik/v21/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17132, version 1.0\012- data
Hash 637e6eeebaa93d7f97395a48a0a0f1bb
eeefc4ee060c073e4667f9870bea769a1ebdb563
f1e0d25f0cd5456e508eb7e6086e0da9c48d01e8f179a85d75da77e28de38b29
GET /s/rubik/v21/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17132
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 20:59:16 GMT
Expires: Wed, 29 Nov 2023 20:59:16 GMT
Cache-Control: public, max-age=31536000
Age: 516392
Last-Modified: Mon, 18 Jul 2022 19:20:13 GMT
Content-Type: font/woff2
hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/libs/swiper-bundle.min.js?3.3.2
72.18.131.227200 OK 38 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/nimble-builder/assets/front/js/libs/swiper-bundle.min.js?3.3.2
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type ASCII text, with very long lines (65267), with CRLF line terminators
Hash 559bfc528c284263015d789c0c66e0f6
f6ac4a81776f5f4929d8daa09fedf1a7ebccc9a2
8ea3ff7b642b24521e5360967f0405501e5642230d1a89474c3d3b91877ef6b8
GET /wp-content/plugins/nimble-builder/assets/front/js/libs/swiper-bundle.min.js?3.3.2 HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/
Connection: keep-alive
Cookie: poptin_old_user=true; poptin_user_id=0.an5m34rc98d
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 28 Sep 2022 15:56:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:25:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Content-Length: 37639
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sOFFICE+622,+B1+BUILDING,+AJMAN+FREEZONE,+AJMAN!5e0!6i12
216.58.207.228200 OK 1.4 kB URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sOFFICE+622,+B1+BUILDING,+AJMAN+FREEZONE,+AJMAN!5e0!6i12
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3030)
Hash d300d33ef62a160cc8ae4e5e0c5cc4f8
9c3a11b075acf8a4bdd5f656e0fd2da0bc4ace65
6eacfa3fa4cc8512ac918263272882928c932bb55be75ee0cacf190a78a31e77
GET /maps/embed?origin=mfe&pb=!1m4!2m1!1sOFFICE+622,+B1+BUILDING,+AJMAN+FREEZONE,+AJMAN!5e0!6i12 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 20:25:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-5JpEXfXMJcQxjd1VZ5KF2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1409
x-xss-protection: 0
server-timing: gfet4t7; dur=434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:25:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:09:54 GMT
age: 80154
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 81221
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:25:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:25:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 33566
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:25:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 81364
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 81789
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:25:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 81703
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/2/init_embed.js
142.250.74.3200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/2/init_embed.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (2669)
Hash ed2723b79bc5eab77a130d1494114fc3
868e33258f37face8b5d0fe4420632505c1d25be
4707d296c9f44bffe17c3b0a98ea5ce6f0e83cf700ba691ede674daf6f6b4443
GET /maps-api-v3/embed/js/51/2/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69315
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 21:46:01 GMT
expires: Thu, 30 Nov 2023 21:46:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 22:32:00 GMT
content-type: text/javascript
age: 427187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hsbusinessconsultancy.com/wp-content/plugins/chaty/images/whatsapp.png
72.18.131.227200 OK 114 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/plugins/chaty/images/whatsapp.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 550 x 999, 8-bit colormap, non-interlaced\012- data
Size 114 kB (114536 bytes)
Hash 8a055527b27b887521a9f084497d8879
3d3dd626e5a52c280df47631892d6cbd635f3312
66f09c394acf0c248dd6e5a53918fdd90c9bcc148e66f4de6d23e22225ade842
GET /wp-content/plugins/chaty/images/whatsapp.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsbusinessconsultancy.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=16205213013.0.1
Connection: keep-alive
Cookie: poptin_old_user=true; poptin_user_id=0.an5m34rc98d
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Mon, 17 Oct 2022 18:33:11 GMT
Accept-Ranges: bytes
Content-Length: 114536
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:48 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2021/05/20160328182502-business-women-working-analyze-analizing-documents.jpeg
72.18.131.227200 OK 34 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2021/05/20160328182502-business-women-working-analyze-analizing-documents.jpeg
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x350, components 3\012- data
Hash 995c5569371e96e07d547eba7ffa744e
da145b5858b82bb72a810fae02efc0210057a03e
4a609c818f5793e06dff285c1461f4ebd5357992ab75a4c2d7b7e084985db022
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/05/20160328182502-business-women-working-analyze-analizing-documents.jpeg HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 30 May 2021 08:27:07 GMT
Accept-Ranges: bytes
Content-Length: 34179
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/rubik/v3/_mlO9_1N7oXYhEnEzC2l-g.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v3/_mlO9_1N7oXYhEnEzC2l-g.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20668, version 1.0\012- data
Hash 33f60a04f378a080dc0dfe350d74743a
b86baba04a992186669b6956ae864262c7607ca5
10439ba665bcdffc1e727bc74c0c4b64c8ac0e8f8981fcdaa8d49e672b78d8b2
GET /s/rubik/v3/_mlO9_1N7oXYhEnEzC2l-g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://cdn.popt.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:42:56 GMT
expires: Fri, 01 Dec 2023 08:42:56 GMT
cache-control: public, max-age=31536000
age: 387773
last-modified: Thu, 08 Dec 2016 01:13:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hsbusinessconsultancy.com/wp-content/uploads/2021/05/360_F_116333958_8eKvNu84AZ1r5MKvvhxc5c0kTKDxQCeP.jpg
72.18.131.227200 OK 43 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2021/05/360_F_116333958_8eKvNu84AZ1r5MKvvhxc5c0kTKDxQCeP.jpg
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 540x360, components 3\012- data
Hash 5e809f04acb8280e2a3a4dd17c9e702b
bb942829fde5772372dc287702d82c418e574f9a
a9a851f0e688c68c2ac7d59cae975e098b99a2e3acede1339a1a9968b3423331
GET /wp-content/uploads/2021/05/360_F_116333958_8eKvNu84AZ1r5MKvvhxc5c0kTKDxQCeP.jpg HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 30 May 2021 08:27:16 GMT
Accept-Ranges: bytes
Content-Length: 43270
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
hsbusinessconsultancy.com/wp-content/uploads/2021/05/2655942-1024x546.jpg
72.18.131.227200 OK 50 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2021/05/2655942-1024x546.jpg
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x546, components 3\012- data
Hash 6a1632697115074ea6e3cb6e6d473900
95353819d12a6b1f1328610307489f84b5c715b1
7e3d2cbbd06a27702f44a14794ab83bae66a317f9ac6b2a326abb5d10c0ddb8c
GET /wp-content/uploads/2021/05/2655942-1024x546.jpg HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 30 May 2021 08:27:14 GMT
Accept-Ranges: bytes
Content-Length: 50276
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
hsbusinessconsultancy.com/wp-content/uploads/2021/05/924117-1024x576.jpg
72.18.131.227200 OK 53 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2021/05/924117-1024x576.jpg
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x576, components 3\012- data
Hash ac8c3b9e178f79697a4bf8a5bac853c7
d4b27a2bce47f646a5613c988075fa1269f9b9e1
9dfcb63dbde07909d6d662050368156408c073a2fbb8466efc76e881a0b4c6de
GET /wp-content/uploads/2021/05/924117-1024x576.jpg HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Sun, 30 May 2021 08:27:11 GMT
Accept-Ranges: bytes
Content-Length: 52658
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
hsbusinessconsultancy.com/wp-content/uploads/2021/04/cropped-transparent-logo-hs-solutions.png
72.18.131.227200 OK 318 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2021/04/cropped-transparent-logo-hs-solutions.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 1920 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 318 kB (317573 bytes)
Hash 0ba59acd2a3f1cf7ed99b8471c2ba454
82c3f8ab9d55c08518342c4f1068489a384643f3
5e2a6f4489f19e57ebdfb6ee82b1a76d1bfcd172dd76a37f50f91ace1f70ab54
GET /wp-content/uploads/2021/04/cropped-transparent-logo-hs-solutions.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Thu, 29 Apr 2021 09:22:40 GMT
Accept-Ranges: bytes
Content-Length: 317573
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/HS-Business-Consultancy-6-768x1087.png
72.18.131.227200 OK 359 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/HS-Business-Consultancy-6-768x1087.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1087, 8-bit/color RGBA, non-interlaced\012- data
Size 359 kB (358846 bytes)
Hash ba3876f13b75e7037cd6759768895d57
30537ba9d46193c94ff9b26fe9b52064db27f4c0
71610c2b1bfc5501512bb54a311935095fe64c477da19a2a481c94465650e125
GET /wp-content/uploads/2022/11/HS-Business-Consultancy-6-768x1087.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 02 Nov 2022 18:45:09 GMT
Accept-Ranges: bytes
Content-Length: 358846
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-business-consultancy-3-1-768x1086.png
72.18.131.227200 OK 716 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-business-consultancy-3-1-768x1086.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1086, 8-bit/color RGBA, non-interlaced\012- data
Size 716 kB (716064 bytes)
Hash d0af9b6396df56783c6ba9c27ffd10f9
5e07b4138095266b57c4980e383508faee66c02d
4def7ff776d6c073d3438423be5ee24959229d6dead2e04dbb6dc4e36aaa71bd
GET /wp-content/uploads/2022/11/hs-business-consultancy-3-1-768x1086.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 02 Nov 2022 19:27:26 GMT
Accept-Ranges: bytes
Content-Length: 716064
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/HS-Business-Consultancy-4-768x1087.png
72.18.131.227200 OK 487 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/HS-Business-Consultancy-4-768x1087.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1087, 8-bit/color RGBA, non-interlaced\012- data
Size 487 kB (487243 bytes)
Hash 0881ee8c81fe945d99d5c4d89328b5bf
4c34513a54c5b3dd8372a1bd76914940d8559111
f0fb491338a838847bd005fe47324b5de12a20e33eed5e78a0f3c90373c83539
GET /wp-content/uploads/2022/11/HS-Business-Consultancy-4-768x1087.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 02 Nov 2022 18:52:32 GMT
Accept-Ranges: bytes
Content-Length: 487243
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-ad-1st-nov-2-1-768x1086.png
72.18.131.227200 OK 374 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-ad-1st-nov-2-1-768x1086.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1086, 8-bit/color RGBA, non-interlaced\012- data
Size 374 kB (373805 bytes)
Hash 4be73cba226af4ea30edefd33cc6b0c6
184b960bef13f2659bac3192c57f402664d6945b
589e99b1f816f0e7844bffe0951b589915662150d3fa8419a0a277ed03dc06b3
GET /wp-content/uploads/2022/11/hs-ad-1st-nov-2-1-768x1086.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: HttpsOnly
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Tue, 01 Nov 2022 18:19:47 GMT
Accept-Ranges: bytes
Content-Length: 373805
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-business-consultancy-5-1-2-768x1057.png
72.18.131.227200 OK 1.6 MB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-business-consultancy-5-1-2-768x1057.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1057, 8-bit/color RGBA, non-interlaced\012- data
Size 1.6 MB (1603481 bytes)
Hash 55288829cb8727da46274566400e05fc
4e1ce2ecbbd2f907a0afaf6221e8abb92df94f22
6fc18eacf2ebf225559e2d2278517156e716c2ad21a5eee4fcfd81b9d16e278a
GET /wp-content/uploads/2022/11/hs-business-consultancy-5-1-2-768x1057.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 02 Nov 2022 19:22:11 GMT
Accept-Ranges: bytes
Content-Length: 1603481
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-ad-1st-nov-768x1086.png
72.18.131.227200 OK 412 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-ad-1st-nov-768x1086.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1086, 8-bit/color RGBA, non-interlaced\012- data
Size 412 kB (412412 bytes)
Hash 7a873667d7ea929caec163ea23bcbf0b
5f20aeb69324176d24f4fc967050c522340e01c4
cd753b825cc6a26b3ec173a0bd61a60533b2fc920d9500aa9bda204b894086de
GET /wp-content/uploads/2022/11/hs-ad-1st-nov-768x1086.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: HttpsOnly
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Tue, 01 Nov 2022 18:22:09 GMT
Accept-Ranges: bytes
Content-Length: 412412
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-business-consultancy-2-1-768x1086.png
72.18.131.227200 OK 236 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-business-consultancy-2-1-768x1086.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1086, 8-bit/color RGBA, non-interlaced\012- data
Size 236 kB (236547 bytes)
Hash a2891bd01151b34ec629c421af4bc994
249432504c1c58ed3e0f73b36ac54b6076d3a060
84620f20320550a0d462c90f437c218488f6529369117a3c4b27fd301ddb635d
GET /wp-content/uploads/2022/11/hs-business-consultancy-2-1-768x1086.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: HttpsOnly
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Wed, 02 Nov 2022 06:03:02 GMT
Accept-Ranges: bytes
Content-Length: 236547
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-ad-1st-nov-3-768x1086.png
72.18.131.227200 OK 509 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2022/11/hs-ad-1st-nov-3-768x1086.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 768 x 1086, 8-bit/color RGBA, non-interlaced\012- data
Size 509 kB (508660 bytes)
Hash 420f09c603451c9874c0a104792d348c
55f1159369450ae93a2ce9caff047df1088b716b
c546233fd72c2a0f69b72b271666104b5228c60a59dee20731d99c1685f34108
GET /wp-content/uploads/2022/11/hs-ad-1st-nov-3-768x1086.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: HttpsOnly
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:49 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Tue, 01 Nov 2022 18:17:27 GMT
Accept-Ranges: bytes
Content-Length: 508660
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:49 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 9.3 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
Hash 1a17a9dd0c1103c7fe3c9fb92a696b63
27697c45756f6e5aa0cb766b6936bddebfce53bd
80e132a661891707470dedfeee2ccf32b91d3db8fa4c5d21e34ebfd6734658c9
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 435420
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 374189
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hsbusinessconsultancy.com/wp-content/uploads/2021/04/cropped-logo-4-e1619688011620-1-32x32.png
72.18.131.227200 OK 1.1 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2021/04/cropped-logo-4-e1619688011620-1-32x32.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 11365db14bb9ab26417b5c1f8c77669f
b55539ff058ff41f8861101aa1fc97ce749ae2aa
31b3a871db9f61fef7a866755363d7043c1d5291447b0b3a39d43c6aed2a6493
GET /wp-content/uploads/2021/04/cropped-logo-4-e1619688011620-1-32x32.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: HttpsOnly
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:50 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Thu, 29 Apr 2021 09:21:09 GMT
Accept-Ranges: bytes
Content-Length: 1056
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:50 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
hsbusinessconsultancy.com/wp-content/uploads/2021/04/cropped-logo-4-e1619688011620-1-192x192.png
72.18.131.227200 OK 15 kB URL HTTP/1.1 hsbusinessconsultancy.com/wp-content/uploads/2021/04/cropped-logo-4-e1619688011620-1-192x192.png
IP 72.18.131.227:0
ASN #30475 WEHOSTWEBSITES-COM
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 73bb1fe4f40be05a3b60a046a049f1a4
7a0214f5e7f8122a713ad93d745046187b7dd371
06dceb1396cf9d65ef11c46921326327d48983490fff289ac3426aaa1de53134
GET /wp-content/uploads/2021/04/cropped-logo-4-e1619688011620-1-192x192.png HTTP/1.1
Host: hsbusinessconsultancy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: HttpsOnly
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:25:50 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Permissions-Policy: geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
Last-Modified: Thu, 29 Apr 2021 09:21:09 GMT
Accept-Ranges: bytes
Content-Length: 14808
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 20:25:50 GMT
Vary: User-Agent
Set-Cookie: HttpsOnly;Secure
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: same-origin
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 20:12:19 GMT
expires: Tue, 05 Dec 2023 20:12:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.35200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.35:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 21:19:18 GMT
expires: Mon, 04 Dec 2023 21:19:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 83192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 20:10:55 GMT
expires: Tue, 05 Dec 2023 20:10:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 435114
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/philosopher/v19/vEFV2_5QCwIS4_Dhez5jcWBuT00.woff2
216.58.207.227200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/philosopher/v19/vEFV2_5QCwIS4_Dhez5jcWBuT00.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19416, version 1.0\012- data
Hash 1dc0b12f391d61c5e8382c0d274c2374
eb682de4b8c97cbe8ea03a728b4e0638a23020a2
28f56aba8c13677b3be2478a6cb6e29a9a71ef8e98a0a4a18ec9d4491221f328
GET /s/philosopher/v19/vEFV2_5QCwIS4_Dhez5jcWBuT00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 22:41:41 GMT
expires: Sun, 03 Dec 2023 22:41:41 GMT
cache-control: public, max-age=31536000
age: 164650
last-modified: Wed, 27 Apr 2022 16:01:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16664, version 1.0\012- data
Hash 247f3761e787cb917d84b6beb4826113
a8376faed88a229491b529573007fe65dd818e01
4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a
GET /s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:51:38 GMT
expires: Wed, 29 Nov 2023 15:51:38 GMT
cache-control: public, max-age=31536000
age: 534853
last-modified: Wed, 27 Apr 2022 15:49:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 20:25:47 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+171; expires=Wed, 04-Dec-2024 20:25:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C500%2C700&subset=latin%2Clatin-ext
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C500%2C700&subset=latin%2Clatin-ext
IP 142.250.74.74:0
GET /css?family=Roboto+Condensed%3A400%2C400i%2C700%2C700i%7CRoboto%3A400%2C500%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 20:25:47 GMT
date: Mon, 05 Dec 2022 20:25:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d3lopmpcew67el.cloudfront.net/client_99662c3037d4c/account_89093263078c9_poptin_294ba2696e074_2021-05-09_03-18-22_version_5.html
65.9.54.189200 OK 0 B URL HTTP/2 d3lopmpcew67el.cloudfront.net/client_99662c3037d4c/account_89093263078c9_poptin_294ba2696e074_2021-05-09_03-18-22_version_5.html
IP 65.9.54.189:0
GET /client_99662c3037d4c/account_89093263078c9_poptin_294ba2696e074_2021-05-09_03-18-22_version_5.html HTTP/1.1
Host: d3lopmpcew67el.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Mon, 05 Dec 2022 20:25:50 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Sun, 09 May 2021 00:31:15 GMT
etag: W/"87ca5523aaf79bff24329014452cdfe9"
x-amz-version-id: EXlwYk0z6G.Zm75ohsY8w587yOBj_ys5
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 54dc93d23ebec5cb4513ba0ee9d6c2d8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 3L0QMtNKQALa0DjAQmMr1aQB3XMWU6NQyBqIZDpt9LNQH9BjbmAluw==
X-Firefox-Spdy: h2
cdn.popt.in/pixel.js?id=99662c3037d4c
172.64.172.22200 OK 0 B URL HTTP/2 cdn.popt.in/pixel.js?id=99662c3037d4c
IP 172.64.172.22:0
GET /pixel.js?id=99662c3037d4c HTTP/1.1
Host: cdn.popt.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:25:47 GMT
content-type: text/javascript
last-modified: Mon, 05 Dec 2022 14:25:50 GMT
etag: W/"c72f8b7b9b7d746b8972c40ecd64f711"
x-amz-version-id: aBNHFVWAMf90gHg1dhHFBaNC37DPyn5F
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 39159a0d814f803c2a493023a4925c00.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: tW4ZTklSSLlf6PDH4cmOqJVM1drWvlp2KC5q4r7HQs7hH24avL4Y3A==
cache-control: max-age=1800
cf-cache-status: HIT
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTHWtFf10nMJNjOiWv24l7DvxvLfeThY23IWzI9m%2Bcz7kBH6Qu8GAXuCWs22xJwyk3I9rIPy401fP9nJLYk1XZ1lGAHPINKOAc663ZLeAVdNY5wP05hO6Q7U%2Bil4mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f8356ad257470-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
display.popt.in/APIRequest/99662c3037d4c?domain=http%3A%2F%2Fhsbusinessconsultancy.com%2F&referrer=&previous_url=&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.an5m34rc98d%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=HS%20BUSINESS%20CONSULTANCY%20%E2%80%93%20LET%27S%20GROW%20TOGETHER&origin_landing_page=http%3A%2F%2Fhsbusinessconsultancy.com%2F&if_page_refreshed=false&poptin_viewed_url=http%3A%2F%2Fhsbusinessconsultancy.com%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=
172.64.173.22200 OK 0 B URL HTTP/2 display.popt.in/APIRequest/99662c3037d4c?domain=http%3A%2F%2Fhsbusinessconsultancy.com%2F&referrer=&previous_url=&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.an5m34rc98d%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=HS%20BUSINESS%20CONSULTANCY%20%E2%80%93%20LET%27S%20GROW%20TOGETHER&origin_landing_page=http%3A%2F%2Fhsbusinessconsultancy.com%2F&if_page_refreshed=false&poptin_viewed_url=http%3A%2F%2Fhsbusinessconsultancy.com%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=
IP 172.64.173.22:0
GET /APIRequest/99662c3037d4c?domain=http%3A%2F%2Fhsbusinessconsultancy.com%2F&referrer=&previous_url=&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.an5m34rc98d%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=HS%20BUSINESS%20CONSULTANCY%20%E2%80%93%20LET%27S%20GROW%20TOGETHER&origin_landing_page=http%3A%2F%2Fhsbusinessconsultancy.com%2F&if_page_refreshed=false&poptin_viewed_url=http%3A%2F%2Fhsbusinessconsultancy.com%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list= HTTP/1.1
Host: display.popt.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:25:48 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, Content-Type
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IkFJaHBJRVhlditGV1lXa0JlbFlQclE9PSIsInZhbHVlIjoibHhCZ1FISWM4V3pzbFM2djVQSkRuZmxvaHRKMXBpdk90TjBaeDMraEN2TjRSZEs4VXFteDh2OG1CU3R4QTUrMSIsIm1hYyI6IjMxMTYzZTQ1MWMyNTJhOTVhN2M2YWIyYjMxNDM2YTNkYWUyNjUwNjczY2ZiNTllZmFhZmQ4NjMwZGY1YjZjOTcifQ%3D%3D; expires=Mon, 05-Dec-2022 20:35:48 GMT; Max-Age=600; path=/
laravel_session=eyJpdiI6InBiWVBuOGx1OFNtNHk5RFI0S0sySVE9PSIsInZhbHVlIjoic3F4RWVxS0RSM0UrWmtuV1FrRDBOMnZqODA1R2FHcnVzdW0xY1NtdWY3VHFNQmswWERJUFhJQU5RS2hTK29QVSIsIm1hYyI6IjMxZDM4OGU4M2IyZjRmOGU1MWJjY2MyMTdmOGVlNjZiZTNlNjc1ZTlkNDc0OGJmMzNkYzg4ZDAxMWIxYjU0MDAifQ%3D%3D; expires=Mon, 05-Dec-2022 20:35:48 GMT; Max-Age=600; path=/; httponly
qifsHjAACHWcCWVFPPHqKYHn5jF9Gez5X5puEWTi=eyJpdiI6Ik92M1o1WmFJeUs4ZzQ5bmZIMWU1ZXc9PSIsInZhbHVlIjoiMVRcL2VQelVsNHdiVk5jXC9LSnUrZzBGT3dcLzJTdEI5YjY4RzlJTHZxbXBoOGNRb01idHRpWWRMcE1uMmhRcWxLNzg0XC9LUVZUNlpIcWpHcFMxY3daQVVqb3FNVUxKUVhhRnd6K1VvS0tDOVkwRTNcL29RTXhYVkw0aFpcL3NTWEk4TUhtNmRWaFBrRmpBUGVtaWxDUmM1Nmw0UjNZTGxmdForcEF0a2FVTjkzODBBK3RkV0pXZTljS3VLYlUwOVYwSXBZam0yRnZXV1R6MGFBNTJSV3RwN3hYYW01WTZXRE4yZjUrdlVvTkdmV2l1Z2FSMnNpMnlEZHJuK2JadGxJMXpBd3daWWxoWEs4RktsVG0zY1RTd25vaGgrVDh5UjlcL1RoMkRxMXdBRGM0STBqcFJUck1zXC9NOUp6MXZmUWl0WXBvTWIwZDlvSDFERnlKWUdDMmlMUWtudGNTb0RyY3l6akVBTTErWjgwYXBRVjdUNFhiRlNGbUx0Y2VLcE9DcFVqNWdjN1lXVEhWYnJacEp5V05UOWJ0cEl1bnlrb3NsSjBrXC9JNUJUb1pSSUlLR2NNV1BnaE1aaWhMN29ZVDg0SjhnZ2JjYTRsV1hnTFgzMzdTQlBVOTRXR0Jwa3NnSzlTcGkyUnM2VEdOa0x2RXlxQnRrNUdtNkxEZ1BIU0hlQ285Y0lscE80S2IzQ3JEdmxGZTZZNmJZVlZHTDZwRlRcLzVVMmhVWXFuUWRkbmtTZXRcL2d0N3gwUnBrMUxPYnk2V2xaQWQzc0pqY2hBa3NPbFdpYXlBTGlJeXF5MzRDWGZXdzJoRng0UjZFWHpJVmhZSUQ1SXhuckN1ZUtlYm1xc0hmdlpQMHI5d1R2MlVSd01iWGE5RjdRUiswcUVoSmw3bklXNllcL0lwZlo2Q05KWVgwUklhZVBweGRFcVdBdHFKak9tWCtLY3JkK2crbGNQQzZVMVpIQnBWZDNUVDhWbGR2K3lSNDRcL2dIdTMrM0NaN3laY1F4c3NFd0tIUnV2bVJzck9ndFVzVTE2OFwvbWRtVkRUZ0RxWmVUXC9NdzNUTG41ZlJVemxLdm0zSFJlMk1jQ0t2SzdheENmeVJCR2s5bGJMOUsxWU1iRytxaEptYUJ5eXdYeFFvRm9PMTZHMHVHRDQxaUpDS3d0V0ZhME1JRE5oYUpwM0RvQU5lS0hUZ24xcEM4SmdSRGVSM3JcL3hudlwvcFVqNFVSRXhKdGR6SldXcmNLU2c5VlB3TjJDM2hHNXZUQzZTS3Q5blczaW5UVEpVdzM4SVwvUDVuNVJsd1V1Q1lNMXNEaEpkS09KZ0VheldSOWtTcytzWGlRNXZlR1VQQkNoMnE3SUZDZ3VFMHBRTVIrRWFycHZvTzJRdStkUWhWYUJId0JqeElCK1pyd0x5b252Q0xyYWJzZ0xGdHBrVHVPSHN1c3NDbklFNExuRktkK1BpUjUrVXZvVWRYRGtaK1R1N29IZG84NmJBPT0iLCJtYWMiOiJmYTc5NjAwODc3NTRkODg3ZTEzMTgxZjkyMmQ4YzY3MzQ2YmU4ZmVjMTBkMzA1Y2ZjZmY5Yjk5YmY3ZmIwZTBlIn0%3D; expires=Mon, 05-Dec-2022 20:35:48 GMT; Max-Age=600; path=/; httponly
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Caebg8m7xAWK%2F1ASi%2FRSoz5RXYDiKXuaozChOKDjbv14GTco%2BK%2BqmWOIgLFeQezUCOTe6a037xUg87JPv4BZagpbL0sycFRCwe4%2BcO86FWLyKJ8gsEDJeqdtgPLP%2FqYbMDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f835ebea276d2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
display.popt.in/APIRequest/viewed/294ba2696e074?viewer_id=7b3bcdb5ce386&trigger=false&client_id=99662c3037d4c&type=desktop&url=http://hsbusinessconsultancy.com/
172.64.173.22200 OK 0 B URL HTTP/2 display.popt.in/APIRequest/viewed/294ba2696e074?viewer_id=7b3bcdb5ce386&trigger=false&client_id=99662c3037d4c&type=desktop&url=http://hsbusinessconsultancy.com/
IP 172.64.173.22:0
GET /APIRequest/viewed/294ba2696e074?viewer_id=7b3bcdb5ce386&trigger=false&client_id=99662c3037d4c&type=desktop&url=http://hsbusinessconsultancy.com/ HTTP/1.1
Host: display.popt.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hsbusinessconsultancy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:25:51 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, Content-Type
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IklUYU1SbjVyczhHMmVrMHRySUZWK2c9PSIsInZhbHVlIjoiYWpic2J0b1MzSzdKMWxLTHp5Qmcxc1YrK0UwOVk4WlNXSDlPNFlDcWN4USt0XC84ZEd0dVpRWGdMczZ4UG1PUmciLCJtYWMiOiIzNzI3ZDBhNzFjZTg2N2RhMTk5NTJjZDNkNTY0YzAwMjkxNGNmODFhNDAzNmI0YTM0Njc3ZDFlMTU2NDM2N2I5In0%3D; expires=Mon, 05-Dec-2022 20:35:51 GMT; Max-Age=600; path=/
laravel_session=eyJpdiI6IngzYzkxU2tlWEpXWlNJVkZXK0RZanc9PSIsInZhbHVlIjoiSkxGWW1wU1ZTb3BqdjhVeE9kN0VNOXBXNXBoWVFtWkFtTWI3QTVURG8zUGtMRDJMQnBcL1lLRUVrRnJIb1FsckMiLCJtYWMiOiJlOGI5NGJiYWNjYWZiZTJiNjRkYTc0ZTA5NzNjYWI1NGY3OTJhNWZlN2E5ZGRhZDRmMDAyM2NkMTM0OWIzMjVjIn0%3D; expires=Mon, 05-Dec-2022 20:35:51 GMT; Max-Age=600; path=/; httponly
KDiLit0SsBYU0rvfNeZvh6XkhQQHhAn0SQbAnLmy=eyJpdiI6InZ3VzJBTXlKWkVISXFXVlwvdVk0VDNBPT0iLCJ2YWx1ZSI6InJ2VHE3Rlh3U3U5OXRMeWoyazFzdlhOaUl0ZGdWQXRRWGNURTlNWERKM0tFNmgwYUpvSkZHaXVOQ3R0YTA2SCtTQW0xRklDQjJ0U1A2UjZiU2tQXC9acnNXbmI3R0I2U0NEQzgwY3U4RkR4MmRzYTdqNzlvaTBvRTdjM2VTRjJKR01IdXZkM0t3WFwvalowWlRuNlk4TlVxYTh2NkJveUpteXd2K3JiejFTTmlJa0Nzb0pKZ1hsM1pvalwvZmcrTnNPQlwvSG42SDBoaU1ya1ozUlRLZUxLVnFBR3pPa1VpWk91S0lkQ3dhdWJxRll2ZVVDcDRxRzJcL1F4YSthNG85Q0QzWkF3dWtJdlA1ZVhmTUkrWE5IMERuUTN4ZGpvb2E3dnNadXhGdU8rT1VoMlZoTE9OQUNjQzk2S2R3WFJlRjVOaDZBR0taU2tUM2VEUGJuMmlvSnlvc0dwNlpTVXVLU09PS0lhdzZtTnFOSlJkdk5YQ29oTThJVjR3aDhIZ0tveXhoTHpaMGRMd2JJditVVjllQ2RqV1V5b2RLbWtcLzJWdFhNUDVBQ1NuMnVnUkpia08rRmZWWWpZaGlTN3pHQWhSXC83ZGNsTlk3S1hSMmJUTlwvZFhNc25pN2tLSWNDNjlrVzZSdHoyRmkrWUdqb0VBdEFvalVSbERzdXVhYzluc1daRWJDSU5rdklSMmtUQzlVS3hFZ0hVeUhnPT0iLCJtYWMiOiIxOWMzZDUxZmMxMWI4YjU3MDUwYTc3YjM5ZWNlNjEyZmUxZWE0MGNmOTBhNzgzNTY4ZGNiMjU5M2U5YWRlMzdlIn0%3D; expires=Mon, 05-Dec-2022 20:35:51 GMT; Max-Age=600; path=/; httponly
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw6ZR7oQTmdDTA02JfSstw%2Bilv6gEvISwS%2BLcHrT27CppQY27SByqizxWPoW5Ef1AHl%2B4ACEDx8MWGyQXmnsqcZrXsdlkoSOMPvxLykUAoi6SFx20gD0iFaphTjhEMNmBK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f836f5c0076d2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2