r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10173
Expires: Thu, 10 Nov 2022 18:34:52 GMT
Date: Thu, 10 Nov 2022 15:45:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1145
Cache-Control: max-age=155093
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:19 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 10:50:12 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
spencer-ecom-bbc16d.ingress-florina.ewp.live/
63.250.43.136301 Moved Permanently 0 B URL HTTP/1.1 spencer-ecom-bbc16d.ingress-florina.ewp.live/
IP 63.250.43.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2664
Expires: Thu, 10 Nov 2022 16:29:43 GMT
Date: Thu, 10 Nov 2022 15:45:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tnxF8/4DJZ+8u5N7SmPuRUihkjPJM8xGwMipO1CPKd+q7nEHO0IXH8PFloQ0kCDWvJzdjtMSYGA=
x-amz-request-id: C0MTV1WR1CPZ32W5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 14:49:26 GMT
age: 3353
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7a4d25462571324fbdefc87257245fc4
5cc98a84b448c75157c48ece3c72d940b0b3e632
757256007b0351391d00842807b385cc1c873de3c10e8ea390fea49f01bc743e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:45:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 11:56:50 GMT
Expires: Mon, 14 Nov 2022 11:56:49 GMT
Etag: "5cc98a84b448c75157c48ece3c72d940b0b3e632"
Cache-Control: max-age=331289,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767fea212855b512-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash b602376efac7456d9993306a42d7fde7
69f896d60a82c32671b8f7247d47de29a58f17f8
db5c3af44a3b895ddd52829b12ad2b8937c2247cc8e744eb600aee0464fa9842
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103933
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636bfa64-1d7"
Expires: Fri, 11 Nov 2022 20:37:33 GMT
Last-Modified: Wed, 09 Nov 2022 19:07:16 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CQtD0RSKC_1YmN85vQW37kqtzV7X92pK5U2t7ttlz08moUugd8BsKw==
Age: 5417
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash b602376efac7456d9993306a42d7fde7
69f896d60a82c32671b8f7247d47de29a58f17f8
db5c3af44a3b895ddd52829b12ad2b8937c2247cc8e744eb600aee0464fa9842
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103757
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636bfa64-1d7"
Expires: Fri, 11 Nov 2022 20:34:37 GMT
Last-Modified: Wed, 09 Nov 2022 19:07:16 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zxLH2OfUlbfzkxcitD8-N-UmiQSr4orE4jYgDOmqWvBg9oA-Zw2RNw==
Age: 5241
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5530
Cache-Control: max-age=154423
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:39:03 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1dbf1934fcf295de48b506087c28fbd5
ff9b366bcee843ea443852a9f96dffc86567111d
6254c8b18e7cb536c0a10b87e8731701de5d291b10e224a29263ef710186e17c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111609
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636c1c12-1d7"
Expires: Fri, 11 Nov 2022 22:45:29 GMT
Last-Modified: Wed, 09 Nov 2022 21:30:58 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EoR9k9MlsNwI1rbHlS6AEO-QuTlxPLd9umDhIP85qiP9iwUttgBrJw==
Age: 4471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1dbf1934fcf295de48b506087c28fbd5
ff9b366bcee843ea443852a9f96dffc86567111d
6254c8b18e7cb536c0a10b87e8731701de5d291b10e224a29263ef710186e17c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109935
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636c1c12-1d7"
Expires: Fri, 11 Nov 2022 22:17:35 GMT
Last-Modified: Wed, 09 Nov 2022 21:30:58 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kf07r6ad_MLxv6rJLFuV1RvTV_qbHigk0yF8jIi4gvRuvSPij2pA4g==
Age: 2797
designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7
52.19.157.131204 No Content 0 B URL HTTP/2 designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7
IP 52.19.157.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7 HTTP/1.1
Host: designer-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
date: Thu, 10 Nov 2022 15:45:20 GMT
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 24222405-b2e4-491c-bb38-55ad97e7bfd5
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,OPTIONS,PATCH,POST,DELETE
access-control-allow-headers: *
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/2764.svg
192.0.77.48200 OK 368 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2764.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 0483f2b648dcc986d01385062052ae1c
61bd815f1497863265a76d92623042835e5e7fe2
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
GET /images/core/emoji/14.0.0/svg/2764.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
transactional-api.hu-manity.co/api/transactional/session/save
54.195.6.231204 No Content 0 B URL HTTP/2 transactional-api.hu-manity.co/api/transactional/session/save
IP 54.195.6.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/transactional/session/save HTTP/1.1
Host: transactional-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 204 No Content
date: Thu, 10 Nov 2022 15:45:20 GMT
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 4ecf8746-3bfa-4bf8-adde-d703b60a98ec
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,OPTIONS,PATCH,POST,DELETE
access-control-allow-headers: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spencer-ecom-bbc16d.ingress-florina.ewp.live/
63.250.43.137200 OK 205 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/
IP 63.250.43.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size 205 kB (204643 bytes)
Hash 17c008354f902889c9c4e894e2603c46
ee7396bed70ef9b02b20002d643c244aedbe84fd
c16de0f7cf0263b96b3da10652598eb5165739ab99755fdbba25b8ec5ad9765b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 13:54:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, public
access-control-allow-origin: https://app.hu-manity.co
access-control-allow-methods: GET
x-nitro-cache: MISS
x-nitro-disabled-reason: request type not allowed
x-nitro-disabled: 1
link: <https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/>; rel="https://api.w.org/", <https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/wp/v2/pages/20>; rel="alternate"; type="application/json", <https://wp.me/PehBaf-k>; rel=shortlink
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-cacheable: YES
age: 6625
x-cache: HIT
accept-ranges: bytes
content-length: 204643
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
63.250.43.137200 OK 2.6 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-2bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 2592
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/wp-mediaelement.min.css
63.250.43.137200 OK 1.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-105a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1156
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css
63.250.43.137200 OK 812 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (2630), with no line terminators
Hash 8f448bc82d2befe019a7eb0123942876
f6a903712c57073e24a1ac79dca2cfc0f9001e6b
30f719833e77320f98fe6a7d115a710b381f8653a9ed69bcbdea7b198da2022e
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 12:06:44 GMT
vary: Accept-Encoding
etag: W/"63401654-a46"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 812
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css
63.250.43.137200 OK 7.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (30441)
Hash d1957b87008948cf16df403dfa2f9838
986b994531dc68927c59e7e57cb62f0051db9de0
df7a4d0c77bd4ebf8af2e0c1b5798db201c1b698f6d5c9a1683e7b3f609acf9f
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 12:06:44 GMT
vary: Accept-Encoding
etag: W/"63401654-778b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 6963
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css
63.250.43.137200 OK 2.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (9281), with no line terminators
Hash df5420954321c8c99604b6dd995dedc0
75c028ff14483537c1fb68bc9406f46e4e426aac
981c5e5362aaf7b6c7503521941256ffdbe54793f6fe39ee0a9e6fb430956772
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-2441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 2034
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css
63.250.43.137200 OK 4.9 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (29337), with no line terminators
Hash b829fc5810a6323bcc36dd9664ab2ab4
50b54c410238e258d56d50451ac5c7ad0adf267d
27ebd5dde3d0179ffcf8200f1daadad1d4d5d9fe65eb0c31479de42b9783b6b6
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 12:06:45 GMT
vary: Accept-Encoding
etag: W/"63401655-7299"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 4857
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/css/classic-themes.min.css
63.250.43.137200 OK 217 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/css/classic-themes.min.css
IP 63.250.43.137:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
content-length: 217
last-modified: Wed, 02 Nov 2022 15:38:52 GMT
etag: "63628f0c-d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/css/styles.css
63.250.43.137200 OK 972 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 63.250.43.137:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 13:51:15 GMT
vary: Accept-Encoding
etag: W/"635000d3-aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 972
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
63.250.43.137200 OK 4.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (19233)
Hash ac7354abda04bfb9c71fb45a4f1a7428
074f24b46fb81a0a98fe838e86a1daf597885996
40c81608682b4b605ac2108ce28d4bad98a63ac4ae56abda7a2b1b757bb956d3
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-4b4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 3958
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-emoji-release.min.js
63.250.43.137200 OK 5.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-emoji-release.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:45:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10782
x-cache: HIT
accept-ranges: bytes
content-length: 5004
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/css/frontend-lite.min.css
63.250.43.137200 OK 14 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/css/frontend-lite.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (65497)
Hash ac22bb533adbf6f9adc24d65d14b7000
9f0f401b0d8bbe03c7b98b307bd35cbca97068bf
a194fbb7708499421ca879e83730ea51bef2dab53026d15ad7a8b381e14ebc81
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:59 GMT
vary: Accept-Encoding
etag: W/"635f3bd3-19538"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 13575
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/menu.min.css
63.250.43.137200 OK 2.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/menu.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (14314), with no line terminators
Hash 19f5cb1fe842faf8b7eec462ad653c8d
dcc18b4acb68d6e50000b79935363db35fccdb91
6f51282ee45a04bb906b8620fa887da9a795b2b5cc101abc51008f8f9c9fb440
GET /wp-content/themes/xstore/css/modules/layout/header/parts/menu.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-37ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 2023
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
transactional-api.hu-manity.co/api/transactional/session/save
54.195.6.231200 OK 64 B URL HTTP/2 transactional-api.hu-manity.co/api/transactional/session/save
IP 54.195.6.231:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1949508bdcc8ea012a38751b5dcb6753
6a4a24c15d7ae4de765e0e76839a1f7146a5da0d
f37982dbd1ac02d4380903d8d637117a292100ef19402c60d22aa0db5f7dc0f6
POST /api/transactional/session/save HTTP/1.1
Host: transactional-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/json; charset=utf-8
x-api-key: hudft60djisdusdjwek
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Content-Length: 250
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/json; charset=utf-8
content-length: 64
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 4f4e6b6e-8766-4088-aa4d-3949dbfe2440
access-control-allow-origin: *
etag: W/"40-akokwV165N52Xg52g5ofcUal2g0"
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/search.min.css
63.250.43.137200 OK 1.9 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/search.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (6307), with no line terminators
Hash 6a11db18e4d7d8bf10f718abff6dcf7f
ab1fcb5828c1806b160e78e1a6699fb92a572d58
488d48a4994ff1e0972d3d47ad372d059081c95d27a6758c86a87f9e518f7f93
GET /wp-content/themes/xstore/css/modules/layout/header/parts/search.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-18a3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1926
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/xstore/kirki-styles.css
63.250.43.137200 OK 7.5 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/xstore/kirki-styles.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (57444)
Hash 127d629e2ade348c6c8fac656e434c73
a88a0bacf8ac71ae9b3ffe0f1a840383a667b307
fe59da02c8642c16ebb14fdcb7838f8630988969c8e21000e5e6b07161e238f3
GET /wp-content/uploads/xstore/kirki-styles.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 23:59:36 GMT
vary: Accept-Encoding
etag: W/"634dec68-f375"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 7533
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-14.css
63.250.43.137200 OK 357 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-14.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (1100), with no line terminators
Hash 34fa5eb6ac4fe50f293054b29bfa62dc
370c94d0c090ee483235c2592cf189565652da53
efc2f9370e0b8cd6f5173454ff9242a591dfa25f2d6831d6df1faddc956fd3ac
GET /wp-content/uploads/elementor/css/post-14.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:47:59 GMT
vary: Accept-Encoding
etag: W/"635fb5ef-44c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 357
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/cookie-notice.min.css
63.250.43.137200 OK 825 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/cookie-notice.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (3153), with no line terminators
Hash b35baf26145ff15fd7345b2d44a1ddac
4de3705455a267d10ebbcc25190bbdeb6acb8b1d
1e0680b3cb827a5bdea8b1282dbe620e56d568140f06f99850670463fd5bfe5b
GET /wp-content/themes/xstore/css/cookie-notice.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-c51"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 825
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/global.css
63.250.43.137200 OK 1.3 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/global.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (8805)
Hash 48b2ebafefa31d9246c35c0677635edb
318c6f869ec0a5bac99e169d573376102e9cf540
9a13c78634d853e37c69faccabc15e40130420ace4d11d361544f06e892d3a3b
GET /wp-content/uploads/elementor/css/global.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:48:00 GMT
vary: Accept-Encoding
etag: W/"635fb5f0-3c8f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1320
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/back-top.min.css
63.250.43.137200 OK 528 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/back-top.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (1548), with no line terminators
Hash 536c806b1d5059f999c560e2855cd55c
d46aa5b2fa179465006ff40f9b2acfb128f86d16
985dacf9cefbbc242c03787b76ae814aa74b5d9448fac84953afbc906a449d3c
GET /wp-content/themes/xstore/css/modules/back-top.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-60c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 528
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/elementor.min.css
63.250.43.137200 OK 3.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/elementor.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (18509), with no line terminators
Hash 6bd728658723b038098c5a3808c672f4
1f4dc90c0894b6ffd8641b772772450cf8323661
093a4dc3f6801ffbf582890f674ebb388258815b9734e350d612e09604c63bf2
GET /wp-content/themes/xstore/css/elementor.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-484d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 3180
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css
63.250.43.137200 OK 3.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (22510), with CRLF, LF line terminators
Hash c9f02ec71d69758dcb3f7247f6541bec
edb28ecf0c5fffc14fd4db380ed77a9a2b511345
27e718d51bcd1c72bbd0f21e51e198bd0bfb77762b967d67d1a12f075bda0167
GET /wp-content/uploads/elementor/css/post-20.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:48:00 GMT
vary: Accept-Encoding
etag: W/"635fb5f0-6b65"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 3237
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/global.min.css
63.250.43.137200 OK 1.8 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/global.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (7942), with no line terminators
Hash b6f97174a1b7c2f9e2ec1918393e3559
cec03df057e92a0d4f6d805a8ab09c4071b5705c
d3bd16131602698ef9d109aa359e3f6e40153ae624dda79aa6b21e53664cd14c
GET /wp-content/themes/xstore/css/modules/woocommerce/global.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-1f06"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1767
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/xstore.min.css
63.250.43.137200 OK 36 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/xstore.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (51233), with CRLF line terminators
Hash 1a008fc36c4dcd1f7ff29e5d9a552af0
46dcbb50e197e4852b9ddbb83b12020f8fc82100
c0f6b90aa616091864b9339ed8bcbfd5bb4f4238f6fccc8c1def358d4efed5b0
GET /wp-content/themes/xstore/xstore.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:50 GMT
vary: Accept-Encoding
etag: W/"6368fcd2-30534"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 36044
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7
52.19.157.131200 OK 52 kB URL HTTP/2 designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7
IP 52.19.157.131:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (52287), with no line terminators
Hash 3b89fdfcab2fb12a4c477197a661eb3a
7a51f99ecc9dc30c65bc2e45373c9147698bd100
0159136d567ea22a19eb45933fe04e36abff02167634c68ebbe0a855585ebdf7
GET /api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7 HTTP/1.1
Host: designer-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/json; charset=utf-8
x-api-key: hudft60djisdusdjwek
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/json; charset=utf-8
content-length: 52342
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 72ff4e86-4b8e-43d3-99d5-98cef9f8aa15
access-control-allow-origin: *
etag: W/"cc76-elH5nsydwwxlvC5FNzyRR2mL0QA"
X-Firefox-Spdy: h2
cdn.hu-manity.co/hu-banner.min.js
82.102.27.18200 OK 74 kB URL HTTP/2 cdn.hu-manity.co/hu-banner.min.js
IP 82.102.27.18:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d98719b35fd99d0c73b9ebdd5167fd78
6d7e002aa016de72bd2df789452690a22af85f37
1ae0457b8b664bccf23938a2396cc04e408dd79a399c980dbf5fbd71245713d5
GET /hu-banner.min.js HTTP/1.1
Host: cdn.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
x-amz-id-2: /v9B5f+5HWf5SLm4K1eSXiwo8XnLG6dRC56NTSYyaMKk7nyANmlkCbnS0TKoG9kl+tZzMb1EMRw=
x-amz-request-id: TDW1EAK7AX66P59B
last-modified: Thu, 03 Nov 2022 13:32:15 GMT
etag: W/"3d0a12be6874b31fc2687e42b5eeb858"
expires: Thu, 10 Nov 2022 16:45:20 GMT
cache-control: max-age=3600
content-encoding: gzip
link: <http://ert-banner.s3-website-eu-west-1.amazonaws.com/hu-banner.min.js>; rel="canonical"
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/contact-forms.min.css
63.250.43.137200 OK 1.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/contact-forms.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (4332), with no line terminators
Hash 3921e559dbab26ae0e2860af3f6f2b41
490d5ac4e95a7991b3d0b7e85ff39826540f7d3b
6947e18d9588d69ba5bf8db2eca7acb732d441635e97c52c4899c12ebcfc8a56
GET /wp-content/themes/xstore/css/modules/contact-forms.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-10ec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1180
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
63.250.43.137200 OK 13 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (57726)
Hash b8914a9a422b658a721edee22da4803f
dcb57be1523de06493b62bff04208dbb7eaf7b92
32cbd3295c9c436f50437a22d401fa3838a98c1dc03eddfc4552eda9e0a6bc6e
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-e238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 12581
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore-child/style.css
63.250.43.137200 OK 227 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore-child/style.css
IP 63.250.43.137:0
Hash 99da6749e7e9fc3a1cb628f1754520bd
0acc569fc1c6d828a91866db2238c157e190c3dd
9341b4042803d1c8da0b0244d9a06cfa6337cec389dcb5e31c7165766567050b
GET /wp-content/themes/xstore-child/style.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
content-length: 227
last-modified: Thu, 22 Sep 2022 02:09:47 GMT
etag: "632bc3eb-e3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
63.250.43.137200 OK 309 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-29d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 309
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/xstore-icons.css
63.250.43.137200 OK 988 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/xstore-icons.css
IP 63.250.43.137:0
File type ASCII text, with CRLF line terminators
Hash e85cd9f5d06e808f8f48e22c268b8be9
0ebcd532da7e3240e78958ab7e37a2975845f987
81acb40cbb9ec913b5563f80e16e09ff9f86332390cce685113b0522bc92104a
GET /wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/xstore-icons.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:38:58 GMT
vary: Accept-Encoding
etag: W/"6368fc62-1692"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 988
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/bold.css
63.250.43.137200 OK 339 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/bold.css
IP 63.250.43.137:0
File type ASCII text, with CRLF line terminators
Hash b38da0da5491acaa0841bef0f2a71e80
671f6497585819c4ebb879d51aa5b995c36a190d
e7099848da6add8ebf0fce6a8d295dc16cc77a4e18bbf970f77a8e62b761a9d9
GET /wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/bold.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:38:58 GMT
vary: Accept-Encoding
etag: W/"6368fc62-330"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 339
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/jetpack/css/jetpack.css
63.250.43.137200 OK 16 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/jetpack/css/jetpack.css
IP 63.250.43.137:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash b259a9c7a4e9904b25745160e39e4421
4fec09ba381381b0b45f4289937f9369c17edd8d
767b671d1089ceb2a4590785c585a4e4a29ca6120f572f5c89cf09de157b7e8d
GET /wp-content/plugins/jetpack/css/jetpack.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 19:10:07 GMT
vary: Accept-Encoding
etag: W/"6362c08f-14f92"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 16484
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery.min.js
63.250.43.137200 OK 31 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (65447)
Hash 2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 31038
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery-migrate.min.js
63.250.43.137200 OK 4.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery-migrate.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-2bd8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 4169
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/etheme-scripts.min.js
63.250.43.137200 OK 14 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/etheme-scripts.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (45267), with no line terminators
Hash 31597136fb1a6abe9e7c846d1edc50dd
d2abb672313126d136cf7815e2834ec05e5e7422
a7d8a1e43e8ef9bea0567b70ddf17f9192817cef014c58c02d9fdf6edb4b0781
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/etheme-scripts.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-b0d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 13973
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js
63.250.43.137200 OK 4.8 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (20473), with no line terminators
Hash 7c01866d6a0a24787bd9b490be0822bf
ea91fd4275430ec540bebe219117e53d4e8c29a4
6c543035072107700e09e970bfaa38529ebade689338594d7755feaf9ff9e412
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:38:55 GMT
vary: Accept-Encoding
etag: W/"6368fc5f-4ff9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 4783
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /Nnyj/8+6Xp8i2ki1IPPCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qB7Nqm1+ESpwbd2gZU3lHfBgbwQ=
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/caos/655db410.js
63.250.43.137200 OK 20 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/caos/655db410.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1325)
Hash 20b960c6754993b9de987b955a09ae54
702d246038b2d92584f56a7cff4ec23803c043f2
ec17f7b91e257be50c2482a2af1f966d195c9a0a8f63a3fcd3ca5907b273c296
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/caos/655db410.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:22 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 12:37:44 GMT
vary: Accept-Encoding
etag: W/"636cf098-c436"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 20072
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/theme/assets/images/logo.png
63.250.43.137200 OK 997 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/theme/assets/images/logo.png
IP 63.250.43.137:0
File type PNG image data, 147 x 28, 8-bit colormap, non-interlaced\012- data
Hash 7f055dfbca14b2e2a736aee103950cfd
976a9b6c02a6abd0965b1d9dd5c770787cb4ceca
d5fec1615262b62b2cb2fdffd98564d6b5c20df6375e91fb1b53e13c213c48a1
GET /wp-content/themes/xstore/theme/assets/images/logo.png HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/png
content-length: 997
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
etag: "6368fcd1-3e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/archive.min.css
63.250.43.137200 OK 6.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/archive.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (40125), with no line terminators
Hash 9cca66cbe494e0a6a3a12bd418ecf2cd
bdcad1ae8e18e358e093645d0d1ca00deb3950f0
92e7ddb230e434411161e80997ebb1682fc2e1103cd1404e44f1d6300a3d61eb
GET /wp-content/themes/xstore/css/modules/woocommerce/archive.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-9cbd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 6240
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/categories-carousel.min.css
63.250.43.137200 OK 192 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/categories-carousel.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (357), with no line terminators
Hash ad89846da6e7cea3f572f0b8bec2fc5c
852058a7dfff5efd1323e987a43cf640a25e6b03
97b0a887657b66f23d3c1fd8f7850ae8068e2307dc196a31d617d53a9192997b
GET /wp-content/themes/xstore/css/modules/builders/categories-carousel.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-165"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 192
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/categories.min.css
63.250.43.137200 OK 1.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/categories.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (4654), with no line terminators
Hash bcbcee4e0919ffe399f792a4b2fb103e
3964e104f93bf9a8975e0424646aff15797e4676
cd48b0105977ff03c3d3084260d639b6898ef3f0b5111bed35f99073ab4b53c4
GET /wp-content/themes/xstore/css/modules/builders/elementor/categories.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-122e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1012
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/woocommerce-placeholder-300x300.png
63.250.43.137200 OK 12 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/woocommerce-placeholder-300x300.png
IP 63.250.43.137:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash a994ef2fb1ed5e60fb0ebb7bad1c1302
fae8ebc6f3723b21ff10737a44322c6fa7f69c2d
6dc7ce03d70c67cd2935168cba3a8977e96c92da79275c96a7155543a8f26769
GET /wp-content/uploads/woocommerce-placeholder-300x300.png HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/png
content-length: 11947
last-modified: Thu, 22 Sep 2022 23:29:23 GMT
etag: "632cefd3-2eab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Line-1.jpeg
63.250.43.137200 OK 967 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Line-1.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 143x4, components 3\012- data
Hash 207daad1a71f0581b678d103635351e5
976ad0a5443089b8075f288632d1c8792c09844d
69cbbc762d2fe972eb4b254052e682b975f9cd587a6f1aff86f7eeaa69dcd572
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/02/Line-1.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/jpeg
content-length: 967
last-modified: Thu, 22 Sep 2022 23:06:03 GMT
etag: "632cea5b-3c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/swatches.min.css
63.250.43.137200 OK 3.5 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/swatches.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (22121), with no line terminators
Hash 84cf0cc758d322ab1ccb9836d80cb07d
81cccaf09614c99b769ef15887a5ed82e6117a56
9436805fd6d17534760eca844333cc4dee4e52ebad09e67bec0eb57f6380acd4
GET /wp-content/themes/xstore/css/swatches.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-5669"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3468
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/account.min.css
63.250.43.137200 OK 956 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/account.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (3128), with no line terminators
Hash 130023059eda27b7163903e91b4d8688
3965951926e935a5b800c42b31563367bbb671da
64dc07677b09486a12f4f868eae27bc1378ac264728de21a034fed9199c0e961
GET /wp-content/themes/xstore/css/modules/layout/header/parts/account.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-c38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 956
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-animated-headline.min.css
63.250.43.137200 OK 2.1 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-animated-headline.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (19395), with no line terminators
Hash c5a9a746ff9c79931e55433f07161e3f
70d703141d5200e86447aaf882025ceb558a9521
738a4e5b39c65e5955ce741ae44ad8de0ff17efdf4328cf8b00a6b49c24ad357
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-animated-headline.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-4bc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2076
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-advanced-headline.min.css
63.250.43.137200 OK 772 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-advanced-headline.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (2749), with no line terminators
Hash 106517819d744e97db58ba7d0668b91e
a8af78cf2dd96e9d7d3bf823db73c990de71329f
2362a330fdb0d3b2505b08266718250f1f41e0743ceff875a8b95164d7bd1b3d
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-advanced-headline.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-abd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 772
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banners-global.min.css
63.250.43.137200 OK 254 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banners-global.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (821), with no line terminators
Hash fdb682731a8ffb0ff3d9db8aa4311956
602a2e1bf1c8dd1e04f0ba311b8497468bf07b86
d24153b3f6c1b1b184d83b77e1c4ff9caabbf507942b11a68ad3b79905049394
GET /wp-content/themes/xstore/css/modules/banners/banners-global.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-335"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 254
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-icon-box.min.css
63.250.43.137200 OK 588 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-icon-box.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (2793), with no line terminators
Hash 7ce430dd0b0592ae0a7af1409b3b6956
60aef73b2591a9856e7c7057f3d286e8aa4ae8db
0ee26d08771bf09a2683c96210bb97a00219465a2d24fd71cde9ad8662cce775
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-icon-box.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-ae9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 588
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-testimonials.min.css
63.250.43.137200 OK 498 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-testimonials.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (1760), with no line terminators
Hash bf5667e74dd2475b320a31b5d93cfc35
67353c175c1f850372de0565e3132b1e252b2e00
3d573a23e9038960ee71939afc8a61d068c1f29d4004e12586075801487b010a
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-testimonials.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-6e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 498
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/mobile-menu.min.css
63.250.43.137200 OK 1.3 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/mobile-menu.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (6439), with no line terminators
Hash c1722993246bc4e051cdfb843851e81c
1a7879aa90dccd305b54b47d3774f3e907b16992
7b5ccec87dc8ace523a3f5208a2879f522a9202099d806200f29812aee602401
GET /wp-content/themes/xstore/css/modules/layout/header/parts/mobile-menu.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-1927"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1342
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-text-button.min.css
63.250.43.137200 OK 1.1 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-text-button.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (6352), with no line terminators
Hash 9dd9eff8debcb7eea5bc677940bec47e
3fd08c2ce7218b68bbff1853e5a6fbfd2f7d0693
b8fa7579cd9e05e06ef67b5325f0f2eca911e135377db9919ca68f3475d24d47
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-text-button.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-18d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1137
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banner.min.css
63.250.43.137200 OK 1.1 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banner.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (4735), with no line terminators
Hash fa6acf409b3c63ecd23d374985fba35d
b5026fd370f8a30022ab1f9bee9d93ff308f51af
93981a5e0850430676f650359339a202f7ed3a57bfb7f7823b2b7c89a562976e
GET /wp-content/themes/xstore/css/modules/banners/banner.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-127f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1132
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/off-canvas.min.css
63.250.43.137200 OK 1.6 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/off-canvas.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (6989), with no line terminators
Hash 6ce2c6142cbf08d3c1e7e186149f2bf2
4c7c3a7702cb6df6e283d33bd76372490d056912
5b224c428844cc3c72dd85746eb835266cb19a6b3b5ffa595674812e96e60235
GET /wp-content/themes/xstore/css/modules/layout/off-canvas.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-1b4d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1644
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/toggles-by-arrow.min.css
63.250.43.137200 OK 356 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/toggles-by-arrow.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (1100), with no line terminators
Hash 472cf4427587559ff8ddb66f82508331
bd7d9c040f8405ad8f26d6be26c454c52541517a
3f070ced055804ac503036577861f16b6426ed247e52dc78d1ffdf5b0853da32
GET /wp-content/themes/xstore/css/modules/layout/toggles-by-arrow.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-44c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 356
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/ajax-search.min.css
63.250.43.137200 OK 1.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/ajax-search.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (4182), with no line terminators
Hash b6d636e48904ab641a1721b2ae994d35
c5bdf9b054bac693c5e90ec55b84df23569a3d19
8dd8ddcd040e59d461d81afc78de2400a2aa42357c774a218dc8654c382c5edd
GET /wp-content/themes/xstore/css/modules/layout/header/parts/ajax-search.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-1056"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1183
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-contact-form-7.min.css
63.250.43.137200 OK 518 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-contact-form-7.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (1639), with no line terminators
Hash 7dffac30b2849c9bba550b0cf2451b07
a1e68d396531adf0c97de2f44283eff9316f5275
70fed2b6d4435134b5e3e14db681ec3c00036597901937ef7150a9638f760fe2
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-contact-form-7.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-667"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 518
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js
63.250.43.137200 OK 3.8 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js
IP 63.250.43.137:0
File type Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Hash 2829d566a7b23618109b18588c49daf9
4ffec8708ef01c17c4dbbba9e1756fb60ad4f919
bf6d483efd7c83b2cad0f9663fa86a357926a03a31573de4c98b6f962f7c0d48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 12:06:45 GMT
vary: Accept-Encoding
etag: W/"63401655-3a4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3780
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js
63.250.43.137200 OK 5.7 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js
IP 63.250.43.137:0
File type HTML document, ASCII text, with very long lines (21310), with no line terminators
Hash 8f2aecfb93b1dda3f598191dc8466255
59013842a76704302d8722de7845409ca01e1c42
7ad7f12b2707922f94cfffa5dbaa1b727ddb09b744e07f95990afac9cdeba7ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-533e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 5746
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js
63.250.43.137200 OK 6.6 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js
IP 63.250.43.137:0
File type HTML document, ASCII text, with very long lines (24951), with no line terminators
Hash ea231e9884a26205743eca4cce2dc670
a3f05227909bea6364d2365529ff6d6c902b6bda
e651c602cda77da19ae3e603b6f172f4adbb4c14cbdcb3f4219e49ac81792114
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 12:06:45 GMT
vary: Accept-Encoding
etag: W/"63401655-6177"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 6627
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js
63.250.43.137200 OK 2.9 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:51:15 GMT
vary: Accept-Encoding
etag: W/"635000d3-26d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2937
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
63.250.43.137200 OK 982 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-72a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 982
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
63.250.43.137200 OK 794 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-85b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 794
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/js/index.js
63.250.43.137200 OK 4.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/js/index.js
IP 63.250.43.137:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:51:15 GMT
vary: Accept-Encoding
etag: W/"635000d3-3016"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3957
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
63.250.43.137200 OK 3.5 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (9115)
Hash 4eb090d1d9263b041ec90bac1a6e6e8f
0b0a01684ed1e07a41a9f6eb02423738a68f8b12
f621d8d1bdc2c1508699ef2510c1b35122fef1ee7da3ed10fe66a881a6d882b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-2525"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 3499
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
63.250.43.137200 OK 2.6 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-4824"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2592
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-wc-add-to-cart.min.css
63.250.43.137200 OK 288 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-wc-add-to-cart.min.css
IP 63.250.43.137:0
File type ASCII text, with very long lines (831), with no line terminators
Hash 00d3869a2a295b0c17f49c4095123ef5
aa8a48ec413aba8bb3a72d3e9534cd23c2870462
9f362ecaca4572643e53d4a2b7b678ef8a6d0a883c067776a2385b2cc9bb6bf7
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-wc-add-to-cart.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-33f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 288
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/imagesLoaded.js
63.250.43.137200 OK 1.8 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/imagesLoaded.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (5477), with CRLF line terminators
Hash f5e2c2fec902e06cca8a2ecf652aad7f
2717affe594a9d7eeb1e400a7e4f6a240d05719d
a6d9a28b7647db71d49b17e33550c3c56b8d71ef3523199e66223758a6f19739
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/libs/imagesLoaded.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-15e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1814
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/comment-reply.min.js
63.250.43.137200 OK 1.4 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/comment-reply.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (2946)
Hash 28214bc78b9edfcfbc9c7b651fb4f56c
fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-ba5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1351
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f1f5-1f1e6.svg
192.0.77.48200 OK 38 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f1f5-1f1e6.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (37288), with NEL line terminators
Hash f26d4dbcdc6c10a3c2be14dc07a861b5
f4bebbcc057c7e10f6822949f0e09699ab2a61b6
528e0479422d79a877883a03e70809bc222254d898580d46b528f73973c8aaf2
GET /images/core/emoji/14.0.0/svg/1f1f5-1f1e6.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/woocommerce.min.js
63.250.43.137200 OK 4.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/woocommerce.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (15069), with no line terminators
Hash c8654149683e29c1cf34927952c97b63
b092981eec55fd7c910cd233b39b25aa2338fa9f
50a96c326bf3c39aba8622d01134d311be0f0fc2fe23e8566f6a691aca9cb726
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/woocommerce.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-3add"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3988
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/jquery.lazyload.js
63.250.43.137200 OK 2.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/jquery.lazyload.js
IP 63.250.43.137:0
File type ASCII text, with CRLF line terminators
Hash 4f65eabe39327931b6ba2767c2fb6d6d
bfc292b340ce38a4dd1810b0a3e0c381727db59d
8b5d9e3f3e4f0cf6dd49f3b2c032240864221545e4e7c719d94df1e95e68b938
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/libs/jquery.lazyload.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-2906"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2216
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/tabs.min.js
63.250.43.137200 OK 1.3 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/tabs.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (4562), with no line terminators
Hash cb5275c70966894d236e54e2cb8ad9c6
e81830225f445868423c902433bcf5ea6cd3c6aa
624cf851836ff10b0c0f6d5d74fdedae67b688c1dc66943ad6d69834398e0277
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/tabs.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-11d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 1255
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/swiper.min.js
63.250.43.137200 OK 38 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/swiper.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a6a8c2425ded22c3ad586cb31ed79e2e
62204d533484fd07ea8eca3a75908cdb7fce75bb
fe1664ad18034ba4f6c8db16a51978d00238e93f7d75a80849cb259a640df71c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/swiper.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-23914"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 38380
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/fixedHeader.min.js
63.250.43.137200 OK 692 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/fixedHeader.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1824), with no line terminators
Hash 11c09283fbcf821fdca5299ec42d061a
08e89321d3a1b5dc15ccb27120e2ce173429cbfb
3a50d9b3e3a56c51fd811345d72d464c17698dd93cd3bb57db74e22f61ad9182
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/fixedHeader.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-720"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 692
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/promoTextCarousel.min.js
63.250.43.137200 OK 270 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/promoTextCarousel.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (470), with no line terminators
Hash 0bce2161f862f1d328bb2312ff848cc7
dfe58ac631917157ef3848e21b5eb283aad3a1cf
68751ee7682bd5ce97f1e9e90ec7a56eff849687a7ef5662f91e96960b13628a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/promoTextCarousel.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-1d6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 270
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js
63.250.43.137200 OK 2.8 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (8014), with no line terminators
Hash bb5b36b27b7ccdd4b6840227bc0a31c8
c883b2a2baa9ad7ee31c8918b5980c7faaa6d2f1
7f25c9c8519fe53dcf36e64e57a16426dae09034cccde8cb0ff0bcac60730cae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 11:48:01 GMT
vary: Accept-Encoding
etag: W/"635fb5f1-1f4e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 2832
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ajaxSearch.min.js
63.250.43.137200 OK 6.6 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ajaxSearch.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (23875), with no line terminators
Hash f3b7802458d2bc85ebe5dfc23c05fcf3
bf7a50c96eec9fb0da442392ef0f352bbb4d997d
87e00478ce1a1aa87150d16efcdd2ee27748222c5c157452f2347560ca6fffec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/ajaxSearch.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-5d43"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 6607
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/wishlist.min.js
63.250.43.137200 OK 609 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/wishlist.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1398), with no line terminators
Hash 6c2c87629c570197edc8f3cfc26b0150
49aad80150076a45ac4698415da685945694694f
ca060f0d3143d7a4be84e0658069ee2dfdd14a183c24a034ca254ef9a3a542c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/wishlist.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-576"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 609
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobileMenu.min.js
63.250.43.137200 OK 469 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobileMenu.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1549), with no line terminators
Hash aa2fdde5bb8e268f6d54a0260a4d1e54
89c6b55c6e252fd112e9c628abcf1ea1aadb3ce5
17b95adf507c0a67bfc9a0881014c5ef344267f6ef7df8368eaaa6b814cf6574
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/mobileMenu.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-60d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 469
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js
63.250.43.137200 OK 1.7 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (6085), with no line terminators
Hash 94b057dfa3a851bba635345dacebe4d6
153565d848b953bc14b6aa0328b51ca11b057e7e
d88087dce1345bda7a20e2fde0fea475ba952860fe3a401fcdafe8083debd868
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-17c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1681
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js
63.250.43.137200 OK 8.1 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (24410), with no line terminators
Hash 66c59590a323888f6194631b121fa6ef
a0d6cb88ca20987c8bd5848dd65c69ac2016053e
4c126d5382db385c67130b1759eae8696a8d8b99b53c12a35e5bfb66fdff63af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-5f5a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 8112
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js
63.250.43.137200 OK 2.1 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (6721), with no line terminators
Hash c6e86440067eb89b1ab2a826be511520
41b2f913bddb3ac9dc6c643ce63460831b6232b9
2e20cda7c7d5bb1ba317aed974548caa1e3a821bbc63dbd9674f9028fa461903
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-1a41"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2053
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobilePanel.min.js
63.250.43.137200 OK 607 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobilePanel.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1650), with no line terminators
Hash 7dc994b7b2a42eff840aa499cf9ef52d
bbd4325b668e8580916009e7f4845dd1a232d517
95d46bd108011bb62c1b90e14ed717fc1a003b07c90a09b66d3d477a5d0c5a4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/mobilePanel.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-672"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 607
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/back-top.min.js
63.250.43.137200 OK 397 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/back-top.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (715), with no line terminators
Hash 5d1d9d7fbd5bd52c865098901f0e5750
069e90f2c46a8e5cb7fca5b5b8d0fea8ec11221e
1158a0432a6f6c230adba0f467861f05740412e479e28923ffec17b11e0d9b61
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/back-top.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-2cb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 397
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
63.250.43.137200 OK 2.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (4918)
Hash 878b66f1c31be4c5c0b3fa63361827f5
fa1b9d0b21ef0a5fed2b68d89b7302072eb0609b
3680b910f920304310fbdfd6577855911fe7e860e66a0db4f1d445d3490385fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-135d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2194
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
63.250.43.137200 OK 11 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
IP 63.250.43.137:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 1f79db22d77613a3447dcd5981cb5b88
5f4e6dd187422f1d403efb17e43db35e303b6631
b1e8df3a6403b556715234783a78faeb545f54dd3c65601165c97c7d7063ed9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-80b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 10751
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
63.250.43.137200 OK 3.0 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 4a8bd9ec5e8683ca461354b56882d3e2
993bc0c343abdd5e5f555b8ade72320ae7f59502
97cb584c6d8b9e884e58afdfe9aa8204940cb39047f2bf84d19b96db01ee8de5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-2fa6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2995
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/ui/core.min.js
63.250.43.137200 OK 7.1 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/ui/core.min.js
IP 63.250.43.137:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 4e91f3bde34bcef7ac5a2e1553ec4b7e
398cc0b8fa5795ad41a1490b42b974621e5c3529
8ad8783c45440f481056ff5d7b9cad3e3d52bb043b9ec40260daa62feec0ea18
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-53c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 7098
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/underscore.min.js
63.250.43.137200 OK 7.3 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/underscore.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (18798)
Hash 3f92fc0fb188799b432341421df6cfde
09041f63af89e1164a53dec66eb7b2ac1dc58ba6
6b09e750d7ecaac14315f7c7e09b6de17f8d1f790b4acdc094b74832402aee31
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-4991"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 7311
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-util.min.js
63.250.43.137200 OK 756 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-util.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1391)
Hash 838aa5f64f258023c2f4ced3125cc12e
0f9ba4eee7038506d01a6e741b16324ffb347fda
8212000a2ae7888dec134e6a079a16c19d71f6bcd0924384abb16027325ed218
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-592"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 756
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js
63.250.43.137200 OK 374 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 12:35:36 GMT
vary: Accept-Encoding
etag: W/"634d4c18-2f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 374
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
63.250.43.137200 OK 1.6 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
IP 63.250.43.137:0
Hash f0e4fc8e1c8f940a2b19eab99770ef10
568bedaabbf57e26ce315eb1f974fd940839bd8f
6dbe324f09cf563fcf337294450dec02271b05a3c4aff8bb88a036d046d52348
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-bdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5489
Expires: Thu, 10 Nov 2022 17:16:50 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5489
Expires: Thu, 10 Nov 2022 17:16:50 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/cart-widget.min.css
63.250.43.137200 OK 15 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/cart-widget.min.css
IP 63.250.43.137:0
Hash e9d0d5dc1966eecb3cf6c65b6f0774ec
f7d14e5c93917f25b7379198c6e884540c17b554
a3ad174ddb57955b97b3801a57ffd686b4f1f409e562989453b5d8d636370d2a
GET /wp-content/themes/xstore/css/modules/woocommerce/cart-widget.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-2a03"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 64931
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 62961
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:01 GMT
age: 64520
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2917b487c605eb7f53d20ff3b4fbfef0
5dd8989fb1129638361c16ad2a1fde93a4c4aafd
aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NPKM_A-uSrNtoT6ScKmBXTdMNsunt3d6UAWSzhLPsSPewThG_a0N8Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 64931
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2SqQjq27y6Vrwzl9a_ho6sOPImE7Fpbyxie8_fuPGa6bf8fn-yX0Jw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:13:45 GMT
age: 63096
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash abc1b6dead712b3905b9b0c0c8b63b56
e63b4c3f61604e313af85d9577866b98f75faa2a
fe7ff7563830e4fd0ab0af0eb929ca26e7a59d6ac147115d127a9585867d139a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=896098490&t=pageview&_s=1&dl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ul=en-us&de=UTF-8&dt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAAABEAAAACAAsi~&jid=1601610567&gjid=1276515684&cid=97460034.1668095117&tid=G-5G4RZ87WQ9&_gid=2122813859.1668095117&_r=1&_slc=1&z=1182993545
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=896098490&t=pageview&_s=1&dl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ul=en-us&de=UTF-8&dt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAAABEAAAACAAsi~&jid=1601610567&gjid=1276515684&cid=97460034.1668095117&tid=G-5G4RZ87WQ9&_gid=2122813859.1668095117&_r=1&_slc=1&z=1182993545
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&aip=1&a=896098490&t=pageview&_s=1&dl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ul=en-us&de=UTF-8&dt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAAABEAAAACAAsi~&jid=1601610567&gjid=1276515684&cid=97460034.1668095117&tid=G-5G4RZ87WQ9&_gid=2122813859.1668095117&_r=1&_slc=1&z=1182993545 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: text/plain
Content-Length: 0
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
date: Thu, 10 Nov 2022 15:45:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f602.svg
192.0.77.48200 OK 764 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f602.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1668), with no line terminators
Hash 85e0459ab18fdc3fafe7e82319bb0ff3
33813a1851c6845983cfb8cf9fd6dab96394f2df
309cad5fdb7a59c23c28e897b8ca74a60990298679921f95d1a66dedaec2237f
GET /images/core/emoji/14.0.0/svg/1f602.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash abc1b6dead712b3905b9b0c0c8b63b56
e63b4c3f61604e313af85d9577866b98f75faa2a
fe7ff7563830e4fd0ab0af0eb929ca26e7a59d6ac147115d127a9585867d139a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--9bd086b
52.19.157.131400 Bad Request 35 B URL HTTP/2 designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--9bd086b
IP 52.19.157.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d39949deb304165581d64923c5bfe94
762dea1e4984a788bc63b813b665eb996eed8e81
5aa5c91708b518a5f6ee1c3d7133f9a7f0b72788899a2183469bda49cf7a3355
GET /api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--9bd086b HTTP/1.1
Host: designer-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/json; charset=utf-8
x-api-key: hudft60djisdusdjwek
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: application/json; charset=utf-8
content-length: 35
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 428963c0-f1f1-4631-b7ae-9fe2eccb1989
access-control-allow-origin: *
etag: W/"23-di3qHkmEp4i8Y7gTtmXrmW7tjoE"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecddc66d7f0b76b7e92f1a92433e08e2
b7e7ff14a92a0924bc8782be57b513e661f7a973
438bdfcec1f983fbfdbef1cf93d068a7096e3b06e7d0afebbfe26781a51f83b6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "438BDFCEC1F983FBFDBEF1CF93D068A7096E3B06E7D0AFEBBFE26781A51F83B6"
Last-Modified: Wed, 09 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15322
Expires: Thu, 10 Nov 2022 20:00:43 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xstore.8theme.com/elementor/demos/minimal-electronics/wp-content/uploads/sites/71/2022/02/07_Review-min.jpeg
104.26.11.74200 OK 5.4 kB URL HTTP/2 xstore.8theme.com/elementor/demos/minimal-electronics/wp-content/uploads/sites/71/2022/02/07_Review-min.jpeg
IP 104.26.11.74:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x568, components 3\012- data
Hash c9c4a9d8c0b800947db02086ca76df5a
c05c4778017dcb32a03deea4ae3856b7ee6de667
cb8bc3452e7594b1f682e7605fbf847f11c0f2db0a901338438cf82ebc63a34c
GET /elementor/demos/minimal-electronics/wp-content/uploads/sites/71/2022/02/07_Review-min.jpeg HTTP/1.1
Host: xstore.8theme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: image/jpeg
content-length: 5380
cache-control: max-age=31536000
cf-bgj: h2pri
etag: "6208cd38-1504"
expires: Mon, 08 May 2023 20:16:41 GMT
last-modified: Sun, 13 Feb 2022 09:19:52 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22288
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTJmVYFZzVVNzgWq0%2FaSZn0965%2BvvU8T%2Bzg84rnGZ9pGJL8QdVcxFmJZbJkXfdUbxbWI2zaC3pK3s9AEE0aLyMbJ9JZ2jM2KzSn27MUV9eSFlppWOoTvyosD3OcEJFi3IfAy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767fea2ebd7bb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 92269
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26304, version 1.0\012- data
Hash 29404b5009a74d47f2a7923da5741fd5
c8c7a68af3f7e4f92d932203efda0c38e4d170ab
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
GET /s/jost/v14/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 08:22:03 GMT
expires: Thu, 09 Nov 2023 08:22:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
content-type: font/woff2
age: 112998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Hash f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 20:33:08 GMT
expires: Fri, 03 Nov 2023 20:33:08 GMT
cache-control: public, max-age=31536000
age: 587533
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:56:18 GMT
expires: Thu, 09 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 74943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 15:45:09 GMT
expires: Fri, 10 Nov 2023 15:45:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 75092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/images/drag.png
63.250.43.137200 OK 358 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/images/drag.png
IP 63.250.43.137:0
File type PNG image data, 32 x 18, 8-bit colormap, non-interlaced\012- data
Hash 778591fc00cc3a820b03a74d73392ce0
c62cab9c2c5a46db32919f0a22c8938de86ab675
e934dcbb43671ccceb743e8ede2eb9ab38846a2836e07cf0d88d93aef510dab1
GET /wp-content/themes/xstore/images/drag.png HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/xstore.min.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/png
content-length: 358
last-modified: Mon, 07 Nov 2022 12:40:50 GMT
etag: "6368fcd2-166"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecddc66d7f0b76b7e92f1a92433e08e2
b7e7ff14a92a0924bc8782be57b513e661f7a973
438bdfcec1f983fbfdbef1cf93d068a7096e3b06e7d0afebbfe26781a51f83b6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "438BDFCEC1F983FBFDBEF1CF93D068A7096E3B06E7D0AFEBBFE26781A51F83B6"
Last-Modified: Wed, 09 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15322
Expires: Thu, 10 Nov 2022 20:00:43 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/09/Image-4-min.jpeg
63.250.43.137200 OK 88 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/09/Image-4-min.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x580, components 3\012- data
Hash 78af4fd706f1a2cb10b4d9fcfb6720bb
8c85e1e3aff4e8329cf0c552c72bdb559e46d65d
8d5f30a728b81f5c269086bb66026751ddeb412267b52f1fdcf71e317dd387e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/Image-4-min.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/jpeg
content-length: 88062
last-modified: Wed, 28 Sep 2022 01:10:22 GMT
etag: "63339efe-157fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/10/banner-min.jpeg
63.250.43.137200 OK 23 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/10/banner-min.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x383, components 3\012- data
Hash 30fa65dd00ec1867a5985e8e1a6df57d
d62e705ba64a893ea9ffe19c955a996655cca77d
9d89400913dc2ff0f958a1ffef7d71a450d57ec16444487327b56aade2e3deeb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/banner-min.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:30 GMT
content-type: image/jpeg
content-length: 22583
last-modified: Mon, 17 Oct 2022 23:01:45 GMT
etag: "634dded9-5837"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10551
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
63.250.43.137200 OK 78 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 63.250.43.137:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:27 GMT
content-type: font/woff2
content-length: 78196
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
etag: "635f3bd2-13174"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=211063143&post=20&tz=-5&srv=spencer-ecom-bbc16d.ingress-florina.ewp.live&j=1%3A11.5.1&host=spencer-ecom-bbc16d.ingress-florina.ewp.live&ref=&fcp=2832&rand=0.6695709030543171
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=211063143&post=20&tz=-5&srv=spencer-ecom-bbc16d.ingress-florina.ewp.live&j=1%3A11.5.1&host=spencer-ecom-bbc16d.ingress-florina.ewp.live&ref=&fcp=2832&rand=0.6695709030543171
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=211063143&post=20&tz=-5&srv=spencer-ecom-bbc16d.ingress-florina.ewp.live&j=1%3A11.5.1&host=spencer-ecom-bbc16d.ingress-florina.ewp.live&ref=&fcp=2832&rand=0.6695709030543171 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/1123.jpeg
63.250.43.137200 OK 42 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/1123.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 785x445, components 3\012- data
Hash d5c8384eacce76e909518b40d8864974
1f5b6b54302683546af223b9d6475af54e66cab5
c23da716922275b3f869d93a68c70074c57b2961af3fcdcbcfab26c515bdb36a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/02/1123.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:42 GMT
content-type: image/jpeg
content-length: 41977
last-modified: Thu, 22 Sep 2022 23:06:03 GMT
etag: "632cea5b-a3f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10539
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/234.jpeg
63.250.43.137200 OK 36 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/234.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 785x445, components 3\012- data
Hash d9e89fdceadd5a8b11482cca635351d8
073fb4daa40d15317a8a85dc2f0ac0a664bf7dc8
79b1375bb5ab6724199c2085aeff477f0130ab0b04f44040135364f5bad4b15c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/02/234.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:42 GMT
content-type: image/jpeg
content-length: 35696
last-modified: Thu, 22 Sep 2022 23:06:04 GMT
etag: "632cea5c-8b70"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10539
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/
63.250.43.137200 OK 20 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/
IP 63.250.43.137:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
POST / HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: multipart/form-data; boundary=---------------------------318293393035590424221898392428
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Content-Length: 184
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 20
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 537aa7c2d1d8b67db93e232c7a9ab923
a4a1d61c77923b71f5ba25de5602309b6af51eb7
f687556a931dc10c3b2304c619b6e5a901e48a5bb241f6d3a3ba6eaa29f92bf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5318
Cache-Control: max-age=126162
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Etag: "636c519d-1d7"
Expires: Sat, 12 Nov 2022 02:48:03 GMT
Last-Modified: Thu, 10 Nov 2022 01:19:25 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
63.250.43.137200 OK 77 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 63.250.43.137:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:27 GMT
content-type: font/woff2
content-length: 77160
last-modified: Fri, 07 Oct 2022 12:06:44 GMT
etag: "63401654-12d68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Image2-300x300.jpeg
63.250.43.137200 OK 5.6 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Image2-300x300.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash fcbcea23c1a0c1e87070e094ede8bc13
4a6d61c8e3a0c92cfd84e104d50444d32e0d47be
77a6147398fe08063c32b36c4881d12cb6ef56196c047964548811d477b7e56f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/02/Image2-300x300.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 14:08:41 GMT
content-type: image/jpeg
content-length: 5643
last-modified: Thu, 22 Sep 2022 23:28:50 GMT
etag: "632cefb2-160b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 5800
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/favicon.ico
63.250.43.137204 No Content 0 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/favicon.ico
IP 63.250.43.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 10 Nov 2022 12:40:06 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 11116
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
63.250.43.137200 OK 664 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 63.250.43.137:0
File type ASCII text, with very long lines (1320)
Hash b002c6faba654c12af3af0acbf594d71
db46fedc93faad97dd4bd84631494d53163a1815
9db9782e2d582bb2144adeb7b7b0b0ee6075d9ebbb4cd28e580a046495362779
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:45:39 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-54f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10783
x-cache: HIT
accept-ranges: bytes
content-length: 664
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
63.250.43.137200 OK 36 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 63.250.43.137:0
File type ASCII text, with very long lines (65280)
Hash a46e6555153bd32db46b588f92468fec
00f81e8c63664516d3fae2ad5585688b964b6b5d
ced01af673936a3d52321dfecb776d9da4c53cc28ffedc691ab7a24892f720e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:45:39 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-21f91"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10783
x-cache: HIT
accept-ranges: bytes
content-length: 35516
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
63.250.43.137200 OK 150 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
IP 63.250.43.137:0
Size 150 kB (150171 bytes)
Hash 7b051c1e383e4ae9b56304b9e8dcd51d
16e050d061e1c6dea4fdcd0e7d00efdbfecb337f
3d2350e733ad6ac3d0e77bca89636fcc3ae703a8a4162cbe3522a65e5c26643a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-b7a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.paypal.com/tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false
151.101.193.21200 OK 4.3 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false
IP 151.101.193.21:0
File type ASCII text, with very long lines (12084), with no line terminators
Hash da1b94bdea2eb1769e74df6fbd2c1a2e
4c7f6b5318ffd3d36b6b431f4bd113b55d8f14a7
45cc4e008a654e4ef3f3b3eb0ca92f52ade64445039059b5395b11734b033be4
GET /tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hVFRt4KmE5l7k5zEqs6T3ofGJ8m3e6CxYysoN5SKL9nm/D6P' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
paypal-debug-id: f2643650a2374
traceparent: 00-0000000000000000000f2643650a2374-c8ca3ad30477d882-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:45:22 GMT
age: 5797
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4043-HHN, cache-bma1683-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1668095123.773594,VS0,VE22
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f2643650a2374-73415d7a04ee7f96-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4299
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-1-2.jpeg
63.250.43.137200 OK 5.2 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-1-2.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 85x85, components 3\012- data
Hash 3aabbb97a60aa61dc08c80777fe96101
54412fcad49b556644010fe72ada86a9b4aebdb8
4e10b6fdd43123f3b898dd5fa623eaf72f7928241b52783f7f743110364c8c1c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/02/Avatar-1-2.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 5213
last-modified: Thu, 22 Sep 2022 23:06:06 GMT
etag: "632cea5e-145d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 5800
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-4.jpeg
63.250.43.137200 OK 6.3 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-4.jpeg
IP 63.250.43.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 85x85, components 3\012- data
Hash 770976a1ae14a2e19ac22b0c1069d035
0020f9926f6eb61b5895b9d6e181f2d92e3f17e0
548ac63c57735938e80d38b22ee9c03edad9eccc95825fe4255fb17411cb86bd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/02/Avatar-4.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:43 GMT
content-type: image/jpeg
content-length: 6312
last-modified: Thu, 22 Sep 2022 23:06:06 GMT
etag: "632cea5e-18a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10538
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1668095118900&g=0&completeurl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ru=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
151.101.65.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1668095118900&g=0&completeurl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ru=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
IP 151.101.65.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1668095118900&g=0&completeurl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ru=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Thu, 10 Nov 2022 15:45:22 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 8e3c86ca330ff
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1762789522%26vteXpYrS%3D1668096922%26vr%3D62379e011840a62446f2bc99ffffffff%26vt%3D62379e011840a62446f2bc99fffffffe; Expires=Mon, 10 Nov 2025 15:45:22 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D62379e011840a62446f2bc99ffffffff%26vt%3D62379e011840a62446f2bc99fffffffe; Expires=Mon, 10 Nov 2025 15:45:22 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-00000000000000000008e3c86ca330ff-ce92411dbf506cdc-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Thu, 10 Nov 2022 15:45:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4062-HHN, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1668095123.843583,VS0,VE193
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7ea7fa14a34c843c488cadc5417db82e
b721ce005c30a61896453ac69e1e63cde4cd704b
9550bb5efdc9dccdf02744d85a7f413fc7986b1f663bf53a8b57c2da8842342b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6279
Cache-Control: max-age=123476
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:23 GMT
Etag: "636c4360-118"
Expires: Sat, 12 Nov 2022 02:03:19 GMT
Last-Modified: Thu, 10 Nov 2022 00:18:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff?v=8.3.6
63.250.43.137200 OK 40 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff?v=8.3.6
IP 63.250.43.137:0
File type Web Open Font Format, TrueType, length 40440, version 1.3\012- data
Hash 0b4e0d278a57341289c20163a3c491cc
6845c29ad7bd32a037e32b1ae734715ad0c19a0f
916bde7a76e3ec7996fed734382f2ac14368a18deb386abce07321e2608ccf3f
GET /wp-content/themes/xstore/fonts/xstore-icons-bold.woff?v=8.3.6 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
X-Moz: prefetch
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:39:31 GMT
content-type: font/woff
content-length: 40440
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
etag: "6368fcd3-9df8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 11152
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff2?v=8.3.6
63.250.43.137200 OK 20 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff2?v=8.3.6
IP 63.250.43.137:0
File type Web Open Font Format (Version 2), TrueType, length 20332, version 1.0\012- data
Hash dfa27e570eaff49db401e9e83e3c4e5b
3de6baa444573bb6093ac867fabda93c287a3566
ab0dd8f775f772701c82ae2572d1be2ed9c253efb67afc18f8cb9a8edcdc4be2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/fonts/xstore-icons-bold.woff2?v=8.3.6 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
X-Moz: prefetch
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:39:31 GMT
content-type: font/woff2
content-length: 20332
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
etag: "6368fcd3-4f6c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 11152
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a887e9a9a6189021401a51796d885ac0
165db0063a528982cbafc51cd0f1fb52e86e89c5
f9496ec42b6079d3753388ee26b6876a63f3a3f77b292f89a87acb6a4d95c997
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2288
Cache-Control: max-age=128523
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:23 GMT
Etag: "636c66ae-116"
Expires: Sat, 12 Nov 2022 03:27:26 GMT
Last-Modified: Thu, 10 Nov 2022 02:49:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-product-grid.min.css
63.250.43.137200 OK 9.5 kB URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-product-grid.min.css
IP 63.250.43.137:0
Hash 5f8c62a699eeab305f8a3b8a13a57e96
b8401650a1776f3ab07f52ce4a7fa6c8b6d8e857
179148fa5947619899643f8ddf6e5e6241e3e7eaf4cef69858ecf636d6f4980e
GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-product-grid.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-3015"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/?wc-ajax=get_refreshed_fragments
63.250.43.137200 OK 754 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/?wc-ajax=get_refreshed_fragments
IP 63.250.43.137:0
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2646), with no line terminators
Hash 89ff578944460447c64c175343cacdb8
f6a66c00a0fad4f2d96d1256af25c2a1411d8869
4da375cba6e5299a56f88f09570dcf9bc650226546edd293e07baad6cb2345c6
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:23 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-methods: GET
x-nitro-cache: MISS
x-nitro-disabled-reason: ajax
x-nitro-disabled: 1
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 754
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 45bdc1e31c1a32bab3d7fc7717ca4036
cd09c85d350e5189bf59f5445a56c5021e41daa0
ae932036d89191e253cee9a182ff4465ccab21c9e8f7112c0f2293eedf54a6aa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158615
Date: Thu, 10 Nov 2022 15:45:23 GMT
Etag: "636cd2e6-1d7"
Expires: Sat, 12 Nov 2022 11:48:58 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:02 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RyCKdvA6bROW5xQ0I74zT6qelqP_EXOwtuFBHmVx73MIcSDZNqnFlA==
Age: 4676
socket.tidio.co/socket.io/?ppk=pigjsqocuy5e5m0h5xtldz5rrjkvmmqr&device=desktop&EIO=3&transport=websocket
34.242.42.20101 Switching Protocols 0 B URL HTTP/1.1 socket.tidio.co/socket.io/?ppk=pigjsqocuy5e5m0h5xtldz5rrjkvmmqr&device=desktop&EIO=3&transport=websocket
IP 34.242.42.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?ppk=pigjsqocuy5e5m0h5xtldz5rrjkvmmqr&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mjB8vTP4ldHc9EDQRSaHpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 10 Nov 2022 15:45:24 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2SaXxlDXGlyOR3+knbzr74OAY8A=
Sec-WebSocket-Extensions: permessage-deflate
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/contact-form-7/v1/contact-forms/1859/refill
63.250.43.137200 OK 22 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/contact-form-7/v1/contact-forms/1859/refill
IP 63.250.43.137:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034
Analyzer Verdict Alert fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/1859/refill HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:25 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: no-cache, public
x-robots-tag: noindex
link: <https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 22
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f449.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f449.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f449.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
code.tidio.co/pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js
104.26.9.183302 Found 0 B URL HTTP/2 code.tidio.co/pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js
IP 104.26.9.183:0
GET /pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 10 Nov 2022 15:45:23 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_125_0/static/js/render.2bd6da4447adf86836c4.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoDk5SI6PtK%2FIV5gZK5CJprPnVo%2B7%2BDtNnEeHOqzuUcF9uL5FrVBnQeRWigwUXM9WDFt9Aep80mEceMwt%2BxOyO8M1s4FgRXZFkp2fQjcJPljbLTY0yggXnDO7Nitrkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767fea37c92db511-OSL
X-Firefox-Spdy: h2
stats.wp.com/e-202245.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202245.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 29 Oct 2023 22:44:48 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.193.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.193.21:0
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
content-type: application/json
Content-Length: 1616
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/W/"3f7-XqQhBpkA8ON6csi6eF1S+t+aD0s"
paypal-debug-id: f8168527b5975
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 10 Nov 2023 15:45:23 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 11 Nov 2022 00:31:19 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Sun, 13 Nov 2022 15:45:22 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2ODA5NTEyMzYxMCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Thu, 10 Nov 2022 16:15:23 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1762789523%26vteXpYrS%3D1668096923%26vr%3D6237a06d1840a78852ded4b6ffba163f%26vt%3D6237a06d1840a78852ded4b6ffba163e%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; HttpOnly; Secure
ts_c=vr%3D6237a06d1840a78852ded4b6ffba163f%26vt%3D6237a06d1840a78852ded4b6ffba163e; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; Secure
traceparent: 00-0000000000000000000f8168527b5975-9558262c7026b335-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Thu, 10 Nov 2022 15:45:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4071-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1668095123.474772,VS0,VE229
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_125_0/static/js/render.2bd6da4447adf86836c4.js
104.26.9.139200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_125_0/static/js/render.2bd6da4447adf86836c4.js
IP 104.26.9.139:0
GET /1_125_0/static/js/render.2bd6da4447adf86836c4.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:23 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 08:15:52 GMT
vary: Accept-Encoding
etag: W/"6368beb8-4315"
cache-control: max-age=691200
cf-cache-status: HIT
age: 5268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx05Q%2BroPcL9PocfK4XIwJxA%2Fway5qi7KgzVfYKqoQg8PYKbG5Egf0zspZo4%2BQ8YwNMiX3g77kmAuCGqFyX1kfu3KSDzyRxjtnlHI4qrmq6Khna7MXsZkB4Zoc0cCk8ms7K3%2FhgA7LXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767fea393dedfab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.193.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.193.21:0
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f816852f25ccd
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 11 Nov 2022 00:31:19 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 10 Nov 2023 15:45:23 GMT; Secure
x-pp-s=eyJ0IjoiMTY2ODA5NTEyMzM3MCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Sun, 13 Nov 2022 15:45:23 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Thu, 10 Nov 2022 16:15:23 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1762789523%26vteXpYrS%3D1668096923%26vr%3D62379f751840ad04bb3280ffffc5e268%26vt%3D62379f751840ad04bb3280ffffc5e267%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; HttpOnly; Secure
ts_c=vr%3D62379f751840ad04bb3280ffffc5e268%26vt%3D62379f751840ad04bb3280ffffc5e267; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; Secure
traceparent: 00-0000000000000000000f816852f25ccd-11024ca476b166bb-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Thu, 10 Nov 2022 15:45:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4041-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1668095123.227929,VS0,VE237
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css
63.250.43.137200 OK 0 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css
IP 63.250.43.137:0
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:48:01 GMT
vary: Accept-Encoding
etag: W/"635fb5f1-d69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 15:45:20 GMT
date: Thu, 10 Nov 2022 15:45:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/cartProgressBar.min.js
63.250.43.137200 OK 0 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/cartProgressBar.min.js
IP 63.250.43.137:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/xstore/js/modules/cartProgressBar.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-59d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css
63.250.43.137200 OK 0 B URL HTTP/2 spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css
IP 63.250.43.137:0
GET /wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Fri, 21 Oct 2022 14:15:19 GMT
vary: Accept-Encoding
etag: W/"6352a977-1168"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
stats.wp.com/s-202245.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /s-202245.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 06 Nov 2023 21:27:18 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2