Report - spencer-ecom-bbc16d.ingress-florina.ewp.live/

Report Overview

Submitted URL
spencer-ecom-bbc16d.ingress-florina.ewp.live/
IP
63.250.43.137
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-10 15:45:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
116

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.1 kB	6.3 kB	142.250.74.35
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	676 B	1.5 kB	23.36.76.226
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	3.1 kB	115 kB	216.58.207.195
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	913 B	664 B	142.250.74.174
t.paypal.com	3487	2012-06-27T15:49:38Z	2023-03-10T12:38:02Z	1.1 kB	1.2 kB	151.101.65.35
stats.wp.com	2711	2017-01-30T06:06:59Z	2023-03-10T09:35:36Z	790 B	639 B	192.0.76.3
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	1.4 kB	3.5 kB	23.36.76.226
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.8 kB	5.0 kB	54.230.245.100
designer-api.hu-manity.co	167731	2021-03-25T13:25:13Z	2023-03-10T10:32:53Z	1.9 kB	53 kB	52.19.157.131
transactional-api.hu-manity.co	176299	2021-03-25T13:25:13Z	2023-03-10T10:32:53Z	1.2 kB	686 B	54.195.6.231
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	2.7 kB	43 kB	34.120.237.76
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.191.210.155
xstore.8theme.com	unknown	2018-12-11T09:46:21Z	2023-03-04T20:57:07Z	493 B	6.3 kB	104.26.11.74
code.tidio.co	15677	2014-11-27T10:26:14Z	2023-03-09T23:13:15Z	413 B	700 B	104.26.9.183
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	3.6 kB	93.184.220.29
spencer-ecom-bbc16d.ingress-florina.ewp.live	unknown			60 kB	1.3 MB	63.250.43.136
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	964 B	104.18.32.68
s.w.org	748	2017-01-30T05:56:16Z	2023-03-10T14:13:07Z	1.8 kB	41 kB	192.0.77.48
cdn.hu-manity.co	158732	2021-01-13T15:05:14Z	2023-03-10T09:33:02Z	397 B	75 kB	82.102.27.18
widget-v4.tidiochat.com	17456	2018-06-14T08:38:01Z	2023-03-09T23:13:17Z	436 B	673 B	104.26.9.139
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	1.3 kB	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
pixel.wp.com	2545	2017-01-30T06:31:40Z	2023-03-10T09:35:37Z	602 B	239 B	192.0.76.3
www.paypal.com	2583	2012-05-21T15:22:43Z	2023-03-10T12:38:01Z	1.8 kB	9.7 kB	151.101.193.21
socket.tidio.co	14023	2017-11-23T14:17:52Z	2023-03-10T09:06:18Z	661 B	210 B	34.242.42.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-emoji-release.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery-migrate.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/etheme-scripts.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/caos/655db410.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Line-1.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/js/index.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/imagesLoaded.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/comment-reply.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/woocommerce.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/jquery.lazyload.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/tabs.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/swiper.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/fixedHeader.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/promoTextCarousel.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ajaxSearch.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/wishlist.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobileMenu.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobilePanel.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/back-top.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend-modules.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/ui/core.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/underscore.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-util.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/09/Image-4-min.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/10/banner-min.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/1123.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/234.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Image2-300x300.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-1-2.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-4.jpeg	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff2?v=8.3.6	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/?wc-ajax=get_refreshed_fragments	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/contact-form-7/v1/contact-forms/1859/refill	Phishing
2022-11-10	medium	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/cartProgressBar.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (77)

	URL	Size	First Seen	Last Seen
	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobilePanel.min.js	1.7 kB	2023-03-07	2024-01-22
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobilePanel.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:15 Last Seen2024-01-22 08:06:10 Times Seen15 Hash 75817fe1e7cf322b8c3e7b9c003e2022 a24621ef2ed085f644edd8882c7c08b3c122422e 4166732aa2d1d6c9aa59b445afa71e7cbfda54e6e5296c28efe07078d18f5305 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	2.1 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash ce188a02592401063eff02ad889576d6 9eb48a7ea4d1121c80e7d3e8c2a72f4f9e99df5d 0aee061ab45cf43b5c36defd7aeba07027033f81e87bd3fac0d055d39975c15e Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	135 B	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-25 08:48:28 Times Seen26590 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js	5.0 kB	2023-03-08	2024-03-19
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-03-19 21:41:35 Times Seen353 Hash f24a41ebe5fbe2440caff2972b7c3341 a58d0685eb8defda0252ce1620c5fef93d297ea0 dca573f6831bcc39828ef0c435568a4ff0980edefdfbcf52e15ff8566befb529 Loading...

	www.paypal.com/tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false	12 kB	2023-03-07	2023-09-21
Pretty URL www.paypal.com/tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false IP 151.101.193.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2023-09-21 06:30:01 Times Seen2247 Hash 3307954f54f00b5074e3fa50b8d9be1d cd0434155a8895b91bb92e168293d6fe750f5c2e 25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	96 B	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-25 04:54:52 Times Seen3549 Hash d8772bfb2ec7dec5262a932766aa1669 8440292e305868d90f6f15a3ea6975a3b9774f43 c19c2ee1fc048012374a6d75c822daf9b7c0d4ebef7ab8df1ab22b229a00d012 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js	24 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash fdbb07c7d2866a99a64211a43f6bd6b7 b747663b7a1b194e8c7c975a6b9c10875964695a 97ea58de31db80e8ba4eff632e0e014ed8e0789f8950ad8350ec5a853784b69e Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend-modules.min.js	33 kB	2023-03-08	2024-03-19
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend-modules.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-03-19 21:41:36 Times Seen365 Hash e7034cc4a25a7e6912a857bdcfe45899 5b30046f597c18765062572a00e7221cc490b5f8 ab3426e035a4ecbad44e1352a8f7433d0dba2f1a5b72382e2af9eb00a17a798c Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2023-03-08	2024-04-19
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:59:51 Last Seen2024-04-19 14:54:08 Times Seen201 Hash bb58eb36fcf510a78276601060a7b4ae 00ab439b8b2378957c9c8060fe8957230cd27688 5ea1e6f99aea1c40be28026c4b0b450b25ba977f7664a81350611b386bba43e0 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	131 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 28fcbf48c7ceed9e409cb706ccbd3647 6d61e7238e83b1aaf88d8b067bce6f6574fba1cb cdab2c3db5f5b95dd5eac0cc86f7c4fede172e0ee2f7b23b9ab77a58fadc7cf8 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js	8.0 kB	2023-03-08	2023-12-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2023-12-11 08:09:31 Times Seen56 Hash ef711018665b24a570d3605255874523 bdcb5e1cc811c120fd2983444b296254b7618a8b d7b10b7ce6eceb9ee2483874f0f972e419ab10692ed738c1ae3422e48c489775 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js	2.1 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 08:48:30 Times Seen22393 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js	9.9 kB	2023-03-08	2024-04-24
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3136 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/tabs.min.js	4.6 kB	2023-03-07	2024-01-30
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/tabs.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:15 Last Seen2024-01-30 09:47:51 Times Seen29 Hash e21b18ab31f8ab8e8306043994d6a7a6 a43041820d6beb09b17c830487f29bc1d6336664 84151018b0655dc0b7ff1dbd1cf4f12b67030c1e275f138740f17d0bc7ed21c2 Loading...

	www.paypal.com/sdk/js?client-id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&currency=GBP&integration-date=2022-04-13&components=buttons,funding-eligibility,messages&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater	429 kB	2023-03-11	2023-03-11
Pretty URL www.paypal.com/sdk/js?client-id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&currency=GBP&integration-date=2022-04-13&components=buttons,funding-eligibility,messages&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 34e9b98ae1b634ab53604766a2f028d3 a7df9149712b9b6b94800be5b5a1fca416fb7d7a 690830d8e171317508e137623a035129301878a91b5cc5da5ab8e6957e4b2bf9 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 04:27:26 Times Seen31805 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	1.1 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 21a94ec6df653cf7ee8aaa43f914ca65 3764d84fdc07a156f5ad82f2ddccdd42d8fc8e38 c9fbc6c958364c0a85242241d34c4ce589974e46e05df26a441b23cca9a42bd8 Loading...

	code.tidio.co/pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js	17 kB	2023-03-11	2023-03-11
Pretty URL code.tidio.co/pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js IP 104.26.9.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:43:50 Last Seen2023-03-11 12:39:30 Times Seen1 Hash 0ccdcfbc901f5a05563143ebf3b8b344 4c327fa8dcfc6a24dfc5ae5841da39510a8be0cc a4fd8d77304c43ff4eff08cd2d8b7bf77bec93ffa1294c0f1db7ef212d47b574 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/jquery.lazyload.js	10 kB	2023-03-08	2024-04-18
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/jquery.lazyload.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:43:26 Last Seen2024-04-18 09:44:10 Times Seen150 Hash eea132c6a183d646c042ce7792276831 add2129e1117f3517d5d92a8d237bbf85e33de6a c618ffc0c47323eba7bb7d2b5c215bd07d3b49ed989a749d281b595373b1a7ee Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ajaxSearch.min.js	24 kB	2023-03-11	2023-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ajaxSearch.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-04-25 10:38:21 Times Seen3 Hash ecca8dca99f21e452351e322671dce96 8600dc1e12333507571d1fd240ad3dd3aac179bd d60bdf931c8a777e2fcec1027869fc7f06ab10d8d49ae2bc8747fdb0a9f4dbfd Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	152 B	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 08:48:28 Times Seen19910 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	287 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 09a9b97eec6d40390651e5afe22fe2e7 e55cc575040677fd0f4c08ab2759196f9cc0982c b801b0800314d6451895f8679045ae77a66f3058928637850406850d4c3b441a Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js	2.9 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 08:48:30 Times Seen13975 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	132 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 76d31e52293f3d08f321542213c07671 e2ad21292f15c13901cb69f3c083060feab9a1c6 644707885559e4047f511bbcd64644d8c0b45e312daf90db5eae0d7ae5a3ae1d Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/imagesLoaded.js	5.6 kB	2023-03-07	2024-04-24
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/imagesLoaded.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-24 22:16:05 Times Seen1671 Hash 81545aed80e2c8b710b729bea178621b 049173b82e68c40492961bb95ddacefb44eab680 5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/woocommerce.min.js	15 kB	2023-03-11	2023-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/woocommerce.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-04-25 10:38:21 Times Seen3 Hash b747253d38a7f08febda6844c24d3e4e 7a8de0e75fd17d4c5914fe0a6fa526e6a02d9f80 5a8fa440c2f55aeb75a8ff79820adeb07a1ac4dd8794a66f6480e66655308f58 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	139 kB	2023-03-07	2024-04-24
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 18:24:18 Times Seen23153 Hash 15bb2b8491fc7e84137d65f610e1685a cd76b70a5426893e9c022b9a75c50a7c1348e2d0 b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Loading...

	widget-v4.tidiochat.com//1_125_0/static/js/widget.2bd6da4447adf86836c4.js	538 kB	2023-03-11	2023-03-11
Pretty URL widget-v4.tidiochat.com//1_125_0/static/js/widget.2bd6da4447adf86836c4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:44:52 Last Seen2023-03-11 12:39:30 Times Seen1 Hash 7dc7faec6c3426d9393e7dc937034697 fa8f5286aba4ae84d02889c3a19dace8a4ef1966 5cab61903014f61a7d98c3aa6ab32ca2eb5677883c156ad28a4d7bbed8532916 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery-migrate.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 06:13:12 Times Seen68612 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js	3.0 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 08:48:30 Times Seen1753 Hash 4e544022235ced14996464116a9ed9b2 31ee19d95973124b812a22c5ff5944d5b5bf8147 4ef2d5b0ef62523af87f3e13d8061449b2ddbfce07064f26b1305084abbf18f1 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js	6.7 kB	2023-03-11	2023-11-27
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-11-27 23:50:07 Times Seen4 Hash 25accc1dbb6d97096d0c1dfe30029592 2ca7282ee01eddd2efef1e51cf6e475c9d7861ba 9fee9f60a8ea39191a598f14dd2e29588d87423b4a119f05f28613915c50d676 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/ui/core.min.js	21 kB	2023-03-08	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/ui/core.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 04:27:24 Times Seen9804 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	171 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 62df329f4e00a0cec158c032e5bf2255 a82de2b697f42c5e6012a17094834084570ca001 1e4ca1de33588574d85c5c8c3afe750e55c335cc77820a0f7601174f5f215ec6 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/cartProgressBar.min.js	1.4 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/cartProgressBar.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 5c29330de820fb44571d7a43e261b0ab c0119bec1f8336d2d269b8771588a611d847e00f 61d04b09d4fce4f21f889781d3ab39156827d014ff210ee6ea0212a113dcb239 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js	754 B	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 06:13:10 Times Seen2669 Hash afb55c29bdbcfc262d9fa56743572cad d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba Loading...

	stats.wp.com/e-202245.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202245.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	5.9 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 40fecbc47b103da69c2510ec498e49e3 23dad0fb2fbe395861fc4e28b278a21d09a27ced 1b5fac3bb178ef11daac326a1073db3fa9d0713621fdf33e754c8e7863ccb47c Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js	25 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 04:54:53 Times Seen828 Hash 540be7a8259fbeaf4a732a344b267a7d ac51cc9bb5df51bd9568de8707b9b176f7d60254 a692f16cca3d27ae6772b85e05c46d117ca45678783d5ee010df7d67e8f12485 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	5.9 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 683c104128a24098a8b2f27f0de11bcd ce31ce7d7c1f9c711f7943abe2f6be1594abeb0d 78204687ab23031111f9b2dfc505e2cfc98e079e6d8ac4fd37d105401d7089e6 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js	9.5 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 08:48:30 Times Seen1879 Hash a5451283952efd5df49466bbeace6911 dce405842471c303c3d8fd6fa3c084aa56a71029 f4e38e5ef16efe51836cf7142412b8e1aa8b73ce89afed23be0cf77dfd8e095d Loading...

	cdn.hu-manity.co/hu-banner.min.js	219 kB	2023-03-08	2023-03-11
Pretty URL cdn.hu-manity.co/hu-banner.min.js IP 82.102.27.18 ASN #9009 M247 Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:48 Last Seen2023-03-11 23:22:09 Times Seen1 Hash 3d0a12be6874b31fc2687e42b5eeb858 d1ff4f2e61ad4707e62b63894e1e8ea62e3eba81 666fe0404d83ed18fc45eaf9a494ca07d0791ddd8b25dd6a25f2758a5c15fceb Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-emoji-release.min.js	19 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-emoji-release.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 04:27:26 Times Seen38041 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js	20 kB	2023-03-11	2023-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-04-25 10:38:21 Times Seen3 Hash 1efcfb423c6776e2caea937ad42660ad 1baad3ab66129e74ad8e8a68277358550061e2cf 560ce41cf8e4d5131dfbe5b7159e83fb902c6b43a9d85bbc4f1f64eea457dce3 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	294 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 491d36b68e86a4e7bcabe94beb526445 91b5487762dce6aab420c0f2da1fecc64a7ed235 ad57c1dba87bf310a5a0d422eba8ac91d6bf1df3eb1349525db7176a11912920 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/back-top.min.js	715 B	2023-03-07	2024-04-18
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/back-top.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:53:15 Last Seen2024-04-18 09:44:10 Times Seen148 Hash 0aa1a4cace5c6e5f8edbb33bab9cc1fe 2d7ce783d66420d02c5339e75291650233cbd333 7c642da9e520f1e6b74e1c88a30c3c4536ed63393c9149e1b2c00bf6574598c5 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/js/index.js	12 kB	2023-03-08	2024-04-24
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/js/index.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3481 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 09:04:18 Times Seen37059060 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	96 B	2023-03-07	2024-03-01
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-03-01 03:22:18 Times Seen170 Hash 903d99d7dd539feefd196de5edf7b92e 8122327012a619c618bc7733df2f6b32aeeb5c95 a03b4b62f6811c457c558fa553b32530e452fc508112370db9804d10f08bdda1 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js	21 kB	2023-03-07	2024-04-23
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-23 17:19:03 Times Seen3345 Hash f3d7b1578081c9cf982cfbc29f514836 fdb6b04b917b9a1c72e3cf2da686c2584d3fd50f c0f874276d38c6d9e43767d76a15de39506461b268a3cbf19fc8218f3ec8631a Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/swiper.min.js	146 kB	2023-03-10	2023-11-23
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/swiper.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:40:27 Last Seen2023-11-23 13:08:46 Times Seen10 Hash 4e8a7d69583f2fbd508a0b47951cde3f 07e3bdc74ed3c190a44b5ebefdd2f6f659613699 406219c20ea7c50ee0dc5447dab7b36b9723600e5f07523c2c0a15701dfa78ad Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/comment-reply.min.js	3.0 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/comment-reply.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 09:02:09 Times Seen29279 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	stats.wp.com/s-202245.js	9.4 kB	2023-03-07	2024-03-07
Pretty URL stats.wp.com/s-202245.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-07 00:14:50 Times Seen3354 Hash 82d763decfeb58a330f075ecd1bfbec4 9834c21e75bcf80d52c98bf55641f2bd92e200d3 7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/caos/655db410.js	50 kB	2023-03-08	2024-04-24
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/caos/655db410.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	523 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 990da1cb9afe8434e2295abef4db3176 ffc4b9c64876ae734eb8f1f612b1a237e7002018 72fa78b15a73efda3216a2e1c3fc90a39ab95d835560aecb073b4c973a2543fc Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	172 B	2023-03-07	2024-04-19
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:08 Last Seen2024-04-19 11:29:25 Times Seen208 Hash 580d0fbaa1741cbfc935755d66c8cf33 f9aa91adec6a5261eea677b760f194dc505798d2 6b0150c8a13541f621df6ad2511dc1c4c13d06796fc4dcc84ca26b65a68ddd11 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js	1.8 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 08:48:30 Times Seen21596 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	32 B	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-25 03:35:12 Times Seen3392 Hash f28cdba8b1a33fab7b4935482c683e17 7fb92b438ae880e659636e12f78ecca1ab9dd1a9 76d9ab1fc9999540d0f7167df3325f71fbd86160eda576cb60f285b0e65d89a9 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	2.2 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash c66650fd6081143187866d66343f597c 8d12fc9308b0adaef1082bad105fb1f1c1e8595c ddeb39b8698f72166b50dd7135c508a8851fe7257d13d50e94ddda81c5ed1aca Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js	6.1 kB	2023-03-11	2023-10-22
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-10-22 01:13:29 Times Seen15 Hash 1eae2ca51e7b89a8e413c41de361300f afbe81e84e7ab8f51c9d96e0a6069b417b3cb1a9 04e48a8c399020f8cf1701329cf2b3c8f12f31a0aeacd4935a53e85dc833967b Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/fixedHeader.min.js	1.8 kB	2023-03-07	2024-01-30
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/fixedHeader.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:04:29 Last Seen2024-01-30 09:47:51 Times Seen21 Hash 220ee628b90f0d0be89dcbfb3910b6af 7dfb5d8d069c96e074d0cdd58b4254382feecf90 c67062a73461aa88d3a85fb9dfc1c332400deaa58cc6fa7abdb7407c685e6965 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-util.min.js	1.4 kB	2023-03-08	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-util.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-25 08:06:28 Times Seen24414 Hash 19d386c9004e54941c1cc61d357efa5d 0a77594006c8d86fdcc0adbc2b9aecaef3869586 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/etheme-scripts.min.js	45 kB	2023-03-11	2023-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/etheme-scripts.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-04-25 10:38:21 Times Seen3 Hash 9d9e917804dcf7e9c6728db91924750b 5a12bec8458c80591d821ee2bc0f2a0fbdcc7c6b 30a1c022d7f173c0de1657f710d90ce0bf66e535a7e241b6ae0479b21c059d0f Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/underscore.min.js	19 kB	2023-03-08	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/underscore.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-25 08:48:30 Times Seen41414 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	491 B	2023-03-07	2024-04-10
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-10 00:36:22 Times Seen2042 Hash eda0861d93eea53c3286b2fd93d2e42d 979767d815a8847b00fe1d45a5757fdf67b8ca1b 6e799f88d7836b96f8d81538a375039937e497b6a103bd1d259dfef980fdf926 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobileMenu.min.js	1.5 kB	2023-03-07	2024-01-30
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobileMenu.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:15 Last Seen2024-01-30 09:47:51 Times Seen26 Hash d1b3e4917f1b792390ac6595080bdeb8 503b566c9e01b33f4f3771b0c174ae309c36fd40 bbe95ca234e407626f14471165edcf12a383e1ec2a86d8bf0086a43df7db153b Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	221 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash e9551383726dea6656c55ef3d2772c48 e0eef2166d7e12a303f4e819b87da796648a9e9f e5c23c77005be4b3504365f3d4f9759ba15c17a2a888f5d36d4d7f7ecc4695bf Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	1.5 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 2bbd52cd5f15fcd00e481a36104f8f1d bf645d2b4583d16a959b68a41feed1b59b7b9011 0bc106ce065317d1413eda724700b285e398baee6b9edf5b10791d11f5771079 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	2.6 kB	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 0c25f3b1a303ad8fc10b1c45bd264bf9 2824cebc5002f084df89785770bd0917a9f112b3 60f5e43fb6c7de32f7fc79c1ee48d93870f777a12d62a4af182a43b2ce6022d4 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/wishlist.min.js	1.4 kB	2023-03-07	2023-11-27
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/wishlist.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:04:29 Last Seen2023-11-27 23:50:07 Times Seen26 Hash f7967f1ab9682d9dddb587c8d73d4003 5792834ea462e499d2f2692d2005fbe477e63f41 b36a7e5325652b4d1e8f82f7ec9862559d1700d9d4c63e5eb556f7b0b4c2a6aa Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js	12 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 08:06:29 Times Seen52728 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	503 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash d76082d05748246c042066fabd2d1690 cdbcf52d6fdabc3fd65c00fec287c9fd970c4d14 d300f834d5bb043529406c38d58a7c7f69ab4c8f4e0be194c7af3ef5c6b724af Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/promoTextCarousel.min.js	470 B	2023-03-10	2024-01-27
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/promoTextCarousel.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:02:50 Last Seen2024-01-27 16:39:25 Times Seen41 Hash 6a2c7aae31973a9e2896b6e57bad0d76 2d6032b69e0c46b1ad3b91dda027bd22459f71b0 24be73c4ae03307b6c40fce67773a7d8dfab502beabe09018888fa309bc2f3ac Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	96 B	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 06:13:10 Times Seen10620 Hash eb3a538fd2a39c22198e72c3b9f498a7 c966ebdbd2701a0980a85671126664f3892d4f1e ac233233e7bcaf806041b243578fab081dced8a045d9a82756410da9ea2382a1 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	110 B	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:16 Last Seen2024-04-25 06:13:10 Times Seen2274 Hash f17a1ca0e09b355fe605ac1ad37c4105 ce25a6e7d65c97829444381397e5ca58954bfeaf ac0bae1f39bff1aee40d5c283b0c0ca756959d7a442d9ad4b2a6d2634369698e Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/	470 B	2023-03-11	2023-03-11
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/ IP 63.250.43.136 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:19:44 Last Seen2023-03-11 10:19:44 Times Seen1 Hash 15a38fb70474ad2550ce0244211a36f1 b4c6b50f03be5abfc95bc0a172c68cf298c4a42c c837bf78ba962bc56cfa1146142c24c258bd805e3a5ca08c09367cf5f2703f27 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js	15 kB	2023-03-07	2024-04-25
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-25 04:54:53 Times Seen4422 Hash 157f18464a93eab7fb62a7f3e618ac2c f47727e80d529d6e4941fea32f2e8a8ee5008b8a 9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306 Loading...

	spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend.min.js	40 kB	2023-03-08	2024-03-19
Pretty URL spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-03-19 21:41:36 Times Seen402 Hash 63da63aaa1485c280f3505da6724bccf 1c5110797988e86ffd37f66a79cec3dc023a66eb 4276020d6f31a5d3116fde82520418b99a39cf1fc04d578b8eecab57894126a1 Loading...

HTTP Transactions (178)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10173
Expires: Thu, 10 Nov 2022 18:34:52 GMT
Date: Thu, 10 Nov 2022 15:45:19 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1145
Cache-Control: max-age=155093
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:19 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 10:50:12 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

spencer-ecom-bbc16d.ingress-florina.ewp.live/

63.250.43.136

301 Moved Permanently

0 B

URL HTTP/1.1
spencer-ecom-bbc16d.ingress-florina.ewp.live/
IP
63.250.43.136:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2664
Expires: Thu, 10 Nov 2022 16:29:43 GMT
Date: Thu, 10 Nov 2022 15:45:19 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: tnxF8/4DJZ+8u5N7SmPuRUihkjPJM8xGwMipO1CPKd+q7nEHO0IXH8PFloQ0kCDWvJzdjtMSYGA=
x-amz-request-id: C0MTV1WR1CPZ32W5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 14:49:26 GMT
age: 3353
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
7a4d25462571324fbdefc87257245fc4
5cc98a84b448c75157c48ece3c72d940b0b3e632
757256007b0351391d00842807b385cc1c873de3c10e8ea390fea49f01bc743e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:45:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 11:56:50 GMT
Expires: Mon, 14 Nov 2022 11:56:49 GMT
Etag: "5cc98a84b448c75157c48ece3c72d940b0b3e632"
Cache-Control: max-age=331289,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767fea212855b512-OSL

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b602376efac7456d9993306a42d7fde7
69f896d60a82c32671b8f7247d47de29a58f17f8
db5c3af44a3b895ddd52829b12ad2b8937c2247cc8e744eb600aee0464fa9842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103933
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636bfa64-1d7"
Expires: Fri, 11 Nov 2022 20:37:33 GMT
Last-Modified: Wed, 09 Nov 2022 19:07:16 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CQtD0RSKC_1YmN85vQW37kqtzV7X92pK5U2t7ttlz08moUugd8BsKw==
Age: 5417

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b602376efac7456d9993306a42d7fde7
69f896d60a82c32671b8f7247d47de29a58f17f8
db5c3af44a3b895ddd52829b12ad2b8937c2247cc8e744eb600aee0464fa9842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103757
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636bfa64-1d7"
Expires: Fri, 11 Nov 2022 20:34:37 GMT
Last-Modified: Wed, 09 Nov 2022 19:07:16 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zxLH2OfUlbfzkxcitD8-N-UmiQSr4orE4jYgDOmqWvBg9oA-Zw2RNw==
Age: 5241

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5530
Cache-Control: max-age=154423
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:39:03 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1dbf1934fcf295de48b506087c28fbd5
ff9b366bcee843ea443852a9f96dffc86567111d
6254c8b18e7cb536c0a10b87e8731701de5d291b10e224a29263ef710186e17c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111609
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636c1c12-1d7"
Expires: Fri, 11 Nov 2022 22:45:29 GMT
Last-Modified: Wed, 09 Nov 2022 21:30:58 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EoR9k9MlsNwI1rbHlS6AEO-QuTlxPLd9umDhIP85qiP9iwUttgBrJw==
Age: 4471

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1dbf1934fcf295de48b506087c28fbd5
ff9b366bcee843ea443852a9f96dffc86567111d
6254c8b18e7cb536c0a10b87e8731701de5d291b10e224a29263ef710186e17c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109935
Date: Thu, 10 Nov 2022 15:45:20 GMT
Etag: "636c1c12-1d7"
Expires: Fri, 11 Nov 2022 22:17:35 GMT
Last-Modified: Wed, 09 Nov 2022 21:30:58 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kf07r6ad_MLxv6rJLFuV1RvTV_qbHigk0yF8jIi4gvRuvSPij2pA4g==
Age: 2797

designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7

52.19.157.131

204 No Content

0 B

URL HTTP/2
designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7
IP
52.19.157.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7 HTTP/1.1
Host: designer-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

HTTP/2 204 No Content
date: Thu, 10 Nov 2022 15:45:20 GMT
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 24222405-b2e4-491c-bb38-55ad97e7bfd5
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,OPTIONS,PATCH,POST,DELETE
access-control-allow-headers: *
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/2764.svg

192.0.77.48

200 OK

368 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/2764.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Size
368 B (368 bytes)
Hash
0483f2b648dcc986d01385062052ae1c
61bd815f1497863265a76d92623042835e5e7fe2
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27

HTTP Headers

GET /images/core/emoji/14.0.0/svg/2764.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

transactional-api.hu-manity.co/api/transactional/session/save

54.195.6.231

204 No Content

0 B

URL HTTP/2
transactional-api.hu-manity.co/api/transactional/session/save
IP
54.195.6.231:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/transactional/session/save HTTP/1.1
Host: transactional-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

HTTP/2 204 No Content
date: Thu, 10 Nov 2022 15:45:20 GMT
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 4ecf8746-3bfa-4bf8-adde-d703b60a98ec
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,OPTIONS,PATCH,POST,DELETE
access-control-allow-headers: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

spencer-ecom-bbc16d.ingress-florina.ewp.live/

63.250.43.137

200 OK

205 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
205 kB (204643 bytes)
Hash
17c008354f902889c9c4e894e2603c46
ee7396bed70ef9b02b20002d643c244aedbe84fd
c16de0f7cf0263b96b3da10652598eb5165739ab99755fdbba25b8ec5ad9765b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 13:54:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, public
access-control-allow-origin: https://app.hu-manity.co
access-control-allow-methods: GET
x-nitro-cache: MISS
x-nitro-disabled-reason: request type not allowed
x-nitro-disabled: 1
link: <https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/>; rel="https://api.w.org/", <https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/wp/v2/pages/20>; rel="alternate"; type="application/json", <https://wp.me/PehBaf-k>; rel=shortlink
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-cacheable: YES
age: 6625
x-cache: HIT
accept-ranges: bytes
content-length: 204643
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

63.250.43.137

200 OK

2.6 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.6 kB (2592 bytes)
Hash
583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-2bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 2592
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/wp-mediaelement.min.css

63.250.43.137

200 OK

1.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4186), with no line terminators
Size
1.2 kB (1156 bytes)
Hash
30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-105a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1156
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css

63.250.43.137

200 OK

812 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2630), with no line terminators
Size
812 B (812 bytes)
Hash
8f448bc82d2befe019a7eb0123942876
f6a903712c57073e24a1ac79dca2cfc0f9001e6b
30f719833e77320f98fe6a7d115a710b381f8653a9ed69bcbdea7b198da2022e

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 12:06:44 GMT
vary: Accept-Encoding
etag: W/"63401654-a46"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 812
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css

63.250.43.137

200 OK

7.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30441)
Size
7.0 kB (6963 bytes)
Hash
d1957b87008948cf16df403dfa2f9838
986b994531dc68927c59e7e57cb62f0051db9de0
df7a4d0c77bd4ebf8af2e0c1b5798db201c1b698f6d5c9a1683e7b3f609acf9f

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 12:06:44 GMT
vary: Accept-Encoding
etag: W/"63401654-778b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 6963
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css

63.250.43.137

200 OK

2.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9281), with no line terminators
Size
2.0 kB (2034 bytes)
Hash
df5420954321c8c99604b6dd995dedc0
75c028ff14483537c1fb68bc9406f46e4e426aac
981c5e5362aaf7b6c7503521941256ffdbe54793f6fe39ee0a9e6fb430956772

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-2441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 2034
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css

63.250.43.137

200 OK

4.9 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (29337), with no line terminators
Size
4.9 kB (4857 bytes)
Hash
b829fc5810a6323bcc36dd9664ab2ab4
50b54c410238e258d56d50451ac5c7ad0adf267d
27ebd5dde3d0179ffcf8200f1daadad1d4d5d9fe65eb0c31479de42b9783b6b6

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 12:06:45 GMT
vary: Accept-Encoding
etag: W/"63401655-7299"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 4857
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/css/classic-themes.min.css

63.250.43.137

200 OK

217 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/css/classic-themes.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
content-length: 217
last-modified: Wed, 02 Nov 2022 15:38:52 GMT
etag: "63628f0c-d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/css/styles.css

63.250.43.137

200 OK

972 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/css/styles.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
972 B (972 bytes)
Hash
8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 13:51:15 GMT
vary: Accept-Encoding
etag: W/"635000d3-aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 972
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css

63.250.43.137

200 OK

4.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19233)
Size
4.0 kB (3958 bytes)
Hash
ac7354abda04bfb9c71fb45a4f1a7428
074f24b46fb81a0a98fe838e86a1daf597885996
40c81608682b4b605ac2108ce28d4bad98a63ac4ae56abda7a2b1b757bb956d3

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-4b4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 3958
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-emoji-release.min.js

63.250.43.137

200 OK

5.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-emoji-release.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5004 bytes)
Hash
1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:45:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10782
x-cache: HIT
accept-ranges: bytes
content-length: 5004
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/css/frontend-lite.min.css

63.250.43.137

200 OK

14 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/css/frontend-lite.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65497)
Size
14 kB (13575 bytes)
Hash
ac22bb533adbf6f9adc24d65d14b7000
9f0f401b0d8bbe03c7b98b307bd35cbca97068bf
a194fbb7708499421ca879e83730ea51bef2dab53026d15ad7a8b381e14ebc81

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:59 GMT
vary: Accept-Encoding
etag: W/"635f3bd3-19538"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 13575
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/menu.min.css

63.250.43.137

200 OK

2.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/menu.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (14314), with no line terminators
Size
2.0 kB (2023 bytes)
Hash
19f5cb1fe842faf8b7eec462ad653c8d
dcc18b4acb68d6e50000b79935363db35fccdb91
6f51282ee45a04bb906b8620fa887da9a795b2b5cc101abc51008f8f9c9fb440

HTTP Headers

GET /wp-content/themes/xstore/css/modules/layout/header/parts/menu.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-37ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 2023
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

transactional-api.hu-manity.co/api/transactional/session/save

54.195.6.231

200 OK

64 B

URL HTTP/2
transactional-api.hu-manity.co/api/transactional/session/save
IP
54.195.6.231:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
1949508bdcc8ea012a38751b5dcb6753
6a4a24c15d7ae4de765e0e76839a1f7146a5da0d
f37982dbd1ac02d4380903d8d637117a292100ef19402c60d22aa0db5f7dc0f6

HTTP Headers

POST /api/transactional/session/save HTTP/1.1
Host: transactional-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/json; charset=utf-8
x-api-key: hudft60djisdusdjwek
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Content-Length: 250
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/json; charset=utf-8
content-length: 64
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 4f4e6b6e-8766-4088-aa4d-3949dbfe2440
access-control-allow-origin: *
etag: W/"40-akokwV165N52Xg52g5ofcUal2g0"
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/search.min.css

63.250.43.137

200 OK

1.9 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/search.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6307), with no line terminators
Size
1.9 kB (1926 bytes)
Hash
6a11db18e4d7d8bf10f718abff6dcf7f
ab1fcb5828c1806b160e78e1a6699fb92a572d58
488d48a4994ff1e0972d3d47ad372d059081c95d27a6758c86a87f9e518f7f93

HTTP Headers

GET /wp-content/themes/xstore/css/modules/layout/header/parts/search.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-18a3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1926
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/xstore/kirki-styles.css

63.250.43.137

200 OK

7.5 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/xstore/kirki-styles.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57444)
Size
7.5 kB (7533 bytes)
Hash
127d629e2ade348c6c8fac656e434c73
a88a0bacf8ac71ae9b3ffe0f1a840383a667b307
fe59da02c8642c16ebb14fdcb7838f8630988969c8e21000e5e6b07161e238f3

HTTP Headers

GET /wp-content/uploads/xstore/kirki-styles.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 23:59:36 GMT
vary: Accept-Encoding
etag: W/"634dec68-f375"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 7533
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-14.css

63.250.43.137

200 OK

357 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-14.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1100), with no line terminators
Size
357 B (357 bytes)
Hash
34fa5eb6ac4fe50f293054b29bfa62dc
370c94d0c090ee483235c2592cf189565652da53
efc2f9370e0b8cd6f5173454ff9242a591dfa25f2d6831d6df1faddc956fd3ac

HTTP Headers

GET /wp-content/uploads/elementor/css/post-14.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:47:59 GMT
vary: Accept-Encoding
etag: W/"635fb5ef-44c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 357
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/cookie-notice.min.css

63.250.43.137

200 OK

825 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/cookie-notice.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3153), with no line terminators
Size
825 B (825 bytes)
Hash
b35baf26145ff15fd7345b2d44a1ddac
4de3705455a267d10ebbcc25190bbdeb6acb8b1d
1e0680b3cb827a5bdea8b1282dbe620e56d568140f06f99850670463fd5bfe5b

HTTP Headers

GET /wp-content/themes/xstore/css/cookie-notice.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-c51"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 825
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/global.css

63.250.43.137

200 OK

1.3 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/global.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (8805)
Size
1.3 kB (1320 bytes)
Hash
48b2ebafefa31d9246c35c0677635edb
318c6f869ec0a5bac99e169d573376102e9cf540
9a13c78634d853e37c69faccabc15e40130420ace4d11d361544f06e892d3a3b

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:48:00 GMT
vary: Accept-Encoding
etag: W/"635fb5f0-3c8f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1320
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/back-top.min.css

63.250.43.137

200 OK

528 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/back-top.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1548), with no line terminators
Size
528 B (528 bytes)
Hash
536c806b1d5059f999c560e2855cd55c
d46aa5b2fa179465006ff40f9b2acfb128f86d16
985dacf9cefbbc242c03787b76ae814aa74b5d9448fac84953afbc906a449d3c

HTTP Headers

GET /wp-content/themes/xstore/css/modules/back-top.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-60c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 528
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/elementor.min.css

63.250.43.137

200 OK

3.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/elementor.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (18509), with no line terminators
Size
3.2 kB (3180 bytes)
Hash
6bd728658723b038098c5a3808c672f4
1f4dc90c0894b6ffd8641b772772450cf8323661
093a4dc3f6801ffbf582890f674ebb388258815b9734e350d612e09604c63bf2

HTTP Headers

GET /wp-content/themes/xstore/css/elementor.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-484d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 3180
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css

63.250.43.137

200 OK

3.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (22510), with CRLF, LF line terminators
Size
3.2 kB (3237 bytes)
Hash
c9f02ec71d69758dcb3f7247f6541bec
edb28ecf0c5fffc14fd4db380ed77a9a2b511345
27e718d51bcd1c72bbd0f21e51e198bd0bfb77762b967d67d1a12f075bda0167

HTTP Headers

GET /wp-content/uploads/elementor/css/post-20.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:48:00 GMT
vary: Accept-Encoding
etag: W/"635fb5f0-6b65"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 3237
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/global.min.css

63.250.43.137

200 OK

1.8 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/global.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7942), with no line terminators
Size
1.8 kB (1767 bytes)
Hash
b6f97174a1b7c2f9e2ec1918393e3559
cec03df057e92a0d4f6d805a8ab09c4071b5705c
d3bd16131602698ef9d109aa359e3f6e40153ae624dda79aa6b21e53664cd14c

HTTP Headers

GET /wp-content/themes/xstore/css/modules/woocommerce/global.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-1f06"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1767
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/xstore.min.css

63.250.43.137

200 OK

36 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/xstore.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (51233), with CRLF line terminators
Size
36 kB (36044 bytes)
Hash
1a008fc36c4dcd1f7ff29e5d9a552af0
46dcbb50e197e4852b9ddbb83b12020f8fc82100
c0f6b90aa616091864b9339ed8bcbfd5bb4f4238f6fccc8c1def358d4efed5b0

HTTP Headers

GET /wp-content/themes/xstore/xstore.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:50 GMT
vary: Accept-Encoding
etag: W/"6368fcd2-30534"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 36044
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7

52.19.157.131

200 OK

52 kB

URL HTTP/2
designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7
IP
52.19.157.131:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (52287), with no line terminators
Size
52 kB (52342 bytes)
Hash
3b89fdfcab2fb12a4c477197a661eb3a
7a51f99ecc9dc30c65bc2e45373c9147698bd100
0159136d567ea22a19eb45933fe04e36abff02167634c68ebbe0a855585ebdf7

HTTP Headers

GET /api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--8939ac7 HTTP/1.1
Host: designer-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/json; charset=utf-8
x-api-key: hudft60djisdusdjwek
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/json; charset=utf-8
content-length: 52342
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 72ff4e86-4b8e-43d3-99d5-98cef9f8aa15
access-control-allow-origin: *
etag: W/"cc76-elH5nsydwwxlvC5FNzyRR2mL0QA"
X-Firefox-Spdy: h2

cdn.hu-manity.co/hu-banner.min.js

82.102.27.18

200 OK

74 kB

URL HTTP/2
cdn.hu-manity.co/hu-banner.min.js
IP
82.102.27.18:0
ASN
#9009 M247 Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (74285 bytes)
Hash
d98719b35fd99d0c73b9ebdd5167fd78
6d7e002aa016de72bd2df789452690a22af85f37
1ae0457b8b664bccf23938a2396cc04e408dd79a399c980dbf5fbd71245713d5

HTTP Headers

GET /hu-banner.min.js HTTP/1.1
Host: cdn.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: keycdn-engine
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
x-amz-id-2: /v9B5f+5HWf5SLm4K1eSXiwo8XnLG6dRC56NTSYyaMKk7nyANmlkCbnS0TKoG9kl+tZzMb1EMRw=
x-amz-request-id: TDW1EAK7AX66P59B
last-modified: Thu, 03 Nov 2022 13:32:15 GMT
etag: W/"3d0a12be6874b31fc2687e42b5eeb858"
expires: Thu, 10 Nov 2022 16:45:20 GMT
cache-control: max-age=3600
content-encoding: gzip
link: <http://ert-banner.s3-website-eu-west-1.amazonaws.com/hu-banner.min.js>; rel="canonical"
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/contact-forms.min.css

63.250.43.137

200 OK

1.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/contact-forms.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4332), with no line terminators
Size
1.2 kB (1180 bytes)
Hash
3921e559dbab26ae0e2860af3f6f2b41
490d5ac4e95a7991b3d0b7e85ff39826540f7d3b
6947e18d9588d69ba5bf8db2eca7acb732d441635e97c52c4899c12ebcfc8a56

HTTP Headers

GET /wp-content/themes/xstore/css/modules/contact-forms.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-10ec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 1180
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css

63.250.43.137

200 OK

13 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57726)
Size
13 kB (12581 bytes)
Hash
b8914a9a422b658a721edee22da4803f
dcb57be1523de06493b62bff04208dbb7eaf7b92
32cbd3295c9c436f50437a22d401fa3838a98c1dc03eddfc4552eda9e0a6bc6e

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-e238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 12581
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore-child/style.css

63.250.43.137

200 OK

227 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore-child/style.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
227 B (227 bytes)
Hash
99da6749e7e9fc3a1cb628f1754520bd
0acc569fc1c6d828a91866db2238c157e190c3dd
9341b4042803d1c8da0b0244d9a06cfa6337cec389dcb5e31c7165766567050b

HTTP Headers

GET /wp-content/themes/xstore-child/style.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
content-length: 227
last-modified: Thu, 22 Sep 2022 02:09:47 GMT
etag: "632bc3eb-e3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css

63.250.43.137

200 OK

309 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (483)
Size
309 B (309 bytes)
Hash
0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-29d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 309
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/xstore-icons.css

63.250.43.137

200 OK

988 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/xstore-icons.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
988 B (988 bytes)
Hash
e85cd9f5d06e808f8f48e22c268b8be9
0ebcd532da7e3240e78958ab7e37a2975845f987
81acb40cbb9ec913b5563f80e16e09ff9f86332390cce685113b0522bc92104a

HTTP Headers

GET /wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/xstore-icons.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:38:58 GMT
vary: Accept-Encoding
etag: W/"6368fc62-1692"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 988
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/bold.css

63.250.43.137

200 OK

339 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/bold.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
339 B (339 bytes)
Hash
b38da0da5491acaa0841bef0f2a71e80
671f6497585819c4ebb879d51aa5b995c36a190d
e7099848da6add8ebf0fce6a8d295dc16cc77a4e18bbf970f77a8e62b761a9d9

HTTP Headers

GET /wp-content/plugins/et-core-plugin/app/assets/lib/xstore-icons/css/bold.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:38:58 GMT
vary: Accept-Encoding
etag: W/"6368fc62-330"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 339
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/jetpack/css/jetpack.css

63.250.43.137

200 OK

16 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/jetpack/css/jetpack.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
16 kB (16484 bytes)
Hash
b259a9c7a4e9904b25745160e39e4421
4fec09ba381381b0b45f4289937f9369c17edd8d
767b671d1089ceb2a4590785c585a4e4a29ca6120f572f5c89cf09de157b7e8d

HTTP Headers

GET /wp-content/plugins/jetpack/css/jetpack.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 19:10:07 GMT
vary: Accept-Encoding
etag: W/"6362c08f-14f92"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 16484
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery.min.js

63.250.43.137

200 OK

31 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
31 kB (31038 bytes)
Hash
2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 31038
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery-migrate.min.js

63.250.43.137

200 OK

4.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/jquery-migrate.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-2bd8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 4169
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/etheme-scripts.min.js

63.250.43.137

200 OK

14 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/etheme-scripts.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (45267), with no line terminators
Size
14 kB (13973 bytes)
Hash
31597136fb1a6abe9e7c846d1edc50dd
d2abb672313126d136cf7815e2834ec05e5e7422
a7d8a1e43e8ef9bea0567b70ddf17f9192817cef014c58c02d9fdf6edb4b0781

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/etheme-scripts.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-b0d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 13973
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js

63.250.43.137

200 OK

4.8 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20473), with no line terminators
Size
4.8 kB (4783 bytes)
Hash
7c01866d6a0a24787bd9b490be0822bf
ea91fd4275430ec540bebe219117e53d4e8c29a4
6c543035072107700e09e970bfaa38529ebade689338594d7755feaf9ff9e412

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/et-core-plugin/packages/st-woo-swatches/public/js/frontend.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:21 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:38:55 GMT
vary: Accept-Encoding
etag: W/"6368fc5f-4ff9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 4783
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.191.210.155

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.210.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /Nnyj/8+6Xp8i2ki1IPPCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qB7Nqm1+ESpwbd2gZU3lHfBgbwQ=

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/caos/655db410.js

63.250.43.137

200 OK

20 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/caos/655db410.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1325)
Size
20 kB (20072 bytes)
Hash
20b960c6754993b9de987b955a09ae54
702d246038b2d92584f56a7cff4ec23803c043f2
ec17f7b91e257be50c2482a2af1f966d195c9a0a8f63a3fcd3ca5907b273c296

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/caos/655db410.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:22 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 12:37:44 GMT
vary: Accept-Encoding
etag: W/"636cf098-c436"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10558
x-cache: HIT
accept-ranges: bytes
content-length: 20072
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/theme/assets/images/logo.png

63.250.43.137

200 OK

997 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/theme/assets/images/logo.png
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 147 x 28, 8-bit colormap, non-interlaced\012- data
Size
997 B (997 bytes)
Hash
7f055dfbca14b2e2a736aee103950cfd
976a9b6c02a6abd0965b1d9dd5c770787cb4ceca
d5fec1615262b62b2cb2fdffd98564d6b5c20df6375e91fb1b53e13c213c48a1

HTTP Headers

GET /wp-content/themes/xstore/theme/assets/images/logo.png HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/png
content-length: 997
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
etag: "6368fcd1-3e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/archive.min.css

63.250.43.137

200 OK

6.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/archive.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (40125), with no line terminators
Size
6.2 kB (6240 bytes)
Hash
9cca66cbe494e0a6a3a12bd418ecf2cd
bdcad1ae8e18e358e093645d0d1ca00deb3950f0
92e7ddb230e434411161e80997ebb1682fc2e1103cd1404e44f1d6300a3d61eb

HTTP Headers

GET /wp-content/themes/xstore/css/modules/woocommerce/archive.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-9cbd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 6240
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/categories-carousel.min.css

63.250.43.137

200 OK

192 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/categories-carousel.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (357), with no line terminators
Size
192 B (192 bytes)
Hash
ad89846da6e7cea3f572f0b8bec2fc5c
852058a7dfff5efd1323e987a43cf640a25e6b03
97b0a887657b66f23d3c1fd8f7850ae8068e2307dc196a31d617d53a9192997b

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/categories-carousel.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-165"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 192
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/categories.min.css

63.250.43.137

200 OK

1.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/categories.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4654), with no line terminators
Size
1.0 kB (1012 bytes)
Hash
bcbcee4e0919ffe399f792a4b2fb103e
3964e104f93bf9a8975e0424646aff15797e4676
cd48b0105977ff03c3d3084260d639b6898ef3f0b5111bed35f99073ab4b53c4

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/categories.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-122e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1012
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/woocommerce-placeholder-300x300.png

63.250.43.137

200 OK

12 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/woocommerce-placeholder-300x300.png
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11947 bytes)
Hash
a994ef2fb1ed5e60fb0ebb7bad1c1302
fae8ebc6f3723b21ff10737a44322c6fa7f69c2d
6dc7ce03d70c67cd2935168cba3a8977e96c92da79275c96a7155543a8f26769

HTTP Headers

GET /wp-content/uploads/woocommerce-placeholder-300x300.png HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/png
content-length: 11947
last-modified: Thu, 22 Sep 2022 23:29:23 GMT
etag: "632cefd3-2eab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Line-1.jpeg

63.250.43.137

200 OK

967 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Line-1.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 143x4, components 3\012- data
Size
967 B (967 bytes)
Hash
207daad1a71f0581b678d103635351e5
976ad0a5443089b8075f288632d1c8792c09844d
69cbbc762d2fe972eb4b254052e682b975f9cd587a6f1aff86f7eeaa69dcd572

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/02/Line-1.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/jpeg
content-length: 967
last-modified: Thu, 22 Sep 2022 23:06:03 GMT
etag: "632cea5b-3c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/swatches.min.css

63.250.43.137

200 OK

3.5 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/swatches.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (22121), with no line terminators
Size
3.5 kB (3468 bytes)
Hash
84cf0cc758d322ab1ccb9836d80cb07d
81cccaf09614c99b769ef15887a5ed82e6117a56
9436805fd6d17534760eca844333cc4dee4e52ebad09e67bec0eb57f6380acd4

HTTP Headers

GET /wp-content/themes/xstore/css/swatches.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-5669"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3468
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/account.min.css

63.250.43.137

200 OK

956 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/account.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3128), with no line terminators
Size
956 B (956 bytes)
Hash
130023059eda27b7163903e91b4d8688
3965951926e935a5b800c42b31563367bbb671da
64dc07677b09486a12f4f868eae27bc1378ac264728de21a034fed9199c0e961

HTTP Headers

GET /wp-content/themes/xstore/css/modules/layout/header/parts/account.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-c38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 956
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-animated-headline.min.css

63.250.43.137

200 OK

2.1 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-animated-headline.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19395), with no line terminators
Size
2.1 kB (2076 bytes)
Hash
c5a9a746ff9c79931e55433f07161e3f
70d703141d5200e86447aaf882025ceb558a9521
738a4e5b39c65e5955ce741ae44ad8de0ff17efdf4328cf8b00a6b49c24ad357

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-animated-headline.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-4bc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2076
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-advanced-headline.min.css

63.250.43.137

200 OK

772 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-advanced-headline.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2749), with no line terminators
Size
772 B (772 bytes)
Hash
106517819d744e97db58ba7d0668b91e
a8af78cf2dd96e9d7d3bf823db73c990de71329f
2362a330fdb0d3b2505b08266718250f1f41e0743ceff875a8b95164d7bd1b3d

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-advanced-headline.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-abd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 772
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banners-global.min.css

63.250.43.137

200 OK

254 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banners-global.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (821), with no line terminators
Size
254 B (254 bytes)
Hash
fdb682731a8ffb0ff3d9db8aa4311956
602a2e1bf1c8dd1e04f0ba311b8497468bf07b86
d24153b3f6c1b1b184d83b77e1c4ff9caabbf507942b11a68ad3b79905049394

HTTP Headers

GET /wp-content/themes/xstore/css/modules/banners/banners-global.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-335"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 254
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-icon-box.min.css

63.250.43.137

200 OK

588 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-icon-box.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2793), with no line terminators
Size
588 B (588 bytes)
Hash
7ce430dd0b0592ae0a7af1409b3b6956
60aef73b2591a9856e7c7057f3d286e8aa4ae8db
0ee26d08771bf09a2683c96210bb97a00219465a2d24fd71cde9ad8662cce775

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-icon-box.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-ae9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 588
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-testimonials.min.css

63.250.43.137

200 OK

498 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-testimonials.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1760), with no line terminators
Size
498 B (498 bytes)
Hash
bf5667e74dd2475b320a31b5d93cfc35
67353c175c1f850372de0565e3132b1e252b2e00
3d573a23e9038960ee71939afc8a61d068c1f29d4004e12586075801487b010a

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-testimonials.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-6e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 498
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/mobile-menu.min.css

63.250.43.137

200 OK

1.3 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/mobile-menu.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6439), with no line terminators
Size
1.3 kB (1342 bytes)
Hash
c1722993246bc4e051cdfb843851e81c
1a7879aa90dccd305b54b47d3774f3e907b16992
7b5ccec87dc8ace523a3f5208a2879f522a9202099d806200f29812aee602401

HTTP Headers

GET /wp-content/themes/xstore/css/modules/layout/header/parts/mobile-menu.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-1927"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1342
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-text-button.min.css

63.250.43.137

200 OK

1.1 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-text-button.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6352), with no line terminators
Size
1.1 kB (1137 bytes)
Hash
9dd9eff8debcb7eea5bc677940bec47e
3fd08c2ce7218b68bbff1853e5a6fbfd2f7d0693
b8fa7579cd9e05e06ef67b5325f0f2eca911e135377db9919ca68f3475d24d47

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-text-button.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-18d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1137
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banner.min.css

63.250.43.137

200 OK

1.1 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/banners/banner.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4735), with no line terminators
Size
1.1 kB (1132 bytes)
Hash
fa6acf409b3c63ecd23d374985fba35d
b5026fd370f8a30022ab1f9bee9d93ff308f51af
93981a5e0850430676f650359339a202f7ed3a57bfb7f7823b2b7c89a562976e

HTTP Headers

GET /wp-content/themes/xstore/css/modules/banners/banner.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-127f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1132
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/off-canvas.min.css

63.250.43.137

200 OK

1.6 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/off-canvas.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6989), with no line terminators
Size
1.6 kB (1644 bytes)
Hash
6ce2c6142cbf08d3c1e7e186149f2bf2
4c7c3a7702cb6df6e283d33bd76372490d056912
5b224c428844cc3c72dd85746eb835266cb19a6b3b5ffa595674812e96e60235

HTTP Headers

GET /wp-content/themes/xstore/css/modules/layout/off-canvas.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-1b4d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1644
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/toggles-by-arrow.min.css

63.250.43.137

200 OK

356 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/toggles-by-arrow.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1100), with no line terminators
Size
356 B (356 bytes)
Hash
472cf4427587559ff8ddb66f82508331
bd7d9c040f8405ad8f26d6be26c454c52541517a
3f070ced055804ac503036577861f16b6426ed247e52dc78d1ffdf5b0853da32

HTTP Headers

GET /wp-content/themes/xstore/css/modules/layout/toggles-by-arrow.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-44c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 356
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/ajax-search.min.css

63.250.43.137

200 OK

1.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/layout/header/parts/ajax-search.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4182), with no line terminators
Size
1.2 kB (1183 bytes)
Hash
b6d636e48904ab641a1721b2ae994d35
c5bdf9b054bac693c5e90ec55b84df23569a3d19
8dd8ddcd040e59d461d81afc78de2400a2aa42357c774a218dc8654c382c5edd

HTTP Headers

GET /wp-content/themes/xstore/css/modules/layout/header/parts/ajax-search.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:52 GMT
vary: Accept-Encoding
etag: W/"6368fcd4-1056"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1183
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-contact-form-7.min.css

63.250.43.137

200 OK

518 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-contact-form-7.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1639), with no line terminators
Size
518 B (518 bytes)
Hash
7dffac30b2849c9bba550b0cf2451b07
a1e68d396531adf0c97de2f44283eff9316f5275
70fed2b6d4435134b5e3e14db681ec3c00036597901937ef7150a9638f760fe2

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-contact-form-7.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-667"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 518
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js

63.250.43.137

200 OK

3.8 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Size
3.8 kB (3780 bytes)
Hash
2829d566a7b23618109b18588c49daf9
4ffec8708ef01c17c4dbbba9e1756fb60ad4f919
bf6d483efd7c83b2cad0f9663fa86a357926a03a31573de4c98b6f962f7c0d48

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 12:06:45 GMT
vary: Accept-Encoding
etag: W/"63401655-3a4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3780
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js

63.250.43.137

200 OK

5.7 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (21310), with no line terminators
Size
5.7 kB (5746 bytes)
Hash
8f2aecfb93b1dda3f598191dc8466255
59013842a76704302d8722de7845409ca01e1c42
7ad7f12b2707922f94cfffa5dbaa1b727ddb09b744e07f95990afac9cdeba7ce

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-533e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 5746
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js

63.250.43.137

200 OK

6.6 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (24951), with no line terminators
Size
6.6 kB (6627 bytes)
Hash
ea231e9884a26205743eca4cce2dc670
a3f05227909bea6364d2365529ff6d6c902b6bda
e651c602cda77da19ae3e603b6f172f4adbb4c14cbdcb3f4219e49ac81792114

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 12:06:45 GMT
vary: Accept-Encoding
etag: W/"63401655-6177"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 6627
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js

63.250.43.137

200 OK

2.9 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9937), with no line terminators
Size
2.9 kB (2937 bytes)
Hash
8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:51:15 GMT
vary: Accept-Encoding
etag: W/"635000d3-26d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2937
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js

63.250.43.137

200 OK

982 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1668)
Size
982 B (982 bytes)
Hash
e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-72a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 982
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js

63.250.43.137

200 OK

794 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2139), with no line terminators
Size
794 B (794 bytes)
Hash
29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-85b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 794
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/js/index.js

63.250.43.137

200 OK

4.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/contact-form-7/includes/js/index.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
4.0 kB (3957 bytes)
Hash
832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:51:15 GMT
vary: Accept-Encoding
etag: W/"635000d3-3016"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3957
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js

63.250.43.137

200 OK

3.5 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9115)
Size
3.5 kB (3499 bytes)
Hash
4eb090d1d9263b041ec90bac1a6e6e8f
0b0a01684ed1e07a41a9f6eb02423738a68f8b12
f621d8d1bdc2c1508699ef2510c1b35122fef1ee7da3ed10fe66a881a6d882b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-2525"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 3499
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/animations/animations.min.css

63.250.43.137

200 OK

2.6 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10019)
Size
2.6 kB (2592 bytes)
Hash
0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-4824"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2592
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-wc-add-to-cart.min.css

63.250.43.137

200 OK

288 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-wc-add-to-cart.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (831), with no line terminators
Size
288 B (288 bytes)
Hash
00d3869a2a295b0c17f49c4095123ef5
aa8a48ec413aba8bb3a72d3e9534cd23c2870462
9f362ecaca4572643e53d4a2b7b678ef8a6d0a883c067776a2385b2cc9bb6bf7

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-wc-add-to-cart.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-33f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 288
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/imagesLoaded.js

63.250.43.137

200 OK

1.8 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/imagesLoaded.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5477), with CRLF line terminators
Size
1.8 kB (1814 bytes)
Hash
f5e2c2fec902e06cca8a2ecf652aad7f
2717affe594a9d7eeb1e400a7e4f6a240d05719d
a6d9a28b7647db71d49b17e33550c3c56b8d71ef3523199e66223758a6f19739

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/libs/imagesLoaded.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-15e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1814
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/comment-reply.min.js

63.250.43.137

200 OK

1.4 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/comment-reply.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2946)
Size
1.4 kB (1351 bytes)
Hash
28214bc78b9edfcfbc9c7b651fb4f56c
fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:54 GMT
vary: Accept-Encoding
etag: W/"62a9d842-ba5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1351
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f1f5-1f1e6.svg

192.0.77.48

200 OK

38 kB

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f1f5-1f1e6.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (37288), with NEL line terminators
Size
38 kB (37780 bytes)
Hash
f26d4dbcdc6c10a3c2be14dc07a861b5
f4bebbcc057c7e10f6822949f0e09699ab2a61b6
528e0479422d79a877883a03e70809bc222254d898580d46b528f73973c8aaf2

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f1f5-1f1e6.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/woocommerce.min.js

63.250.43.137

200 OK

4.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/woocommerce.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15069), with no line terminators
Size
4.0 kB (3988 bytes)
Hash
c8654149683e29c1cf34927952c97b63
b092981eec55fd7c910cd233b39b25aa2338fa9f
50a96c326bf3c39aba8622d01134d311be0f0fc2fe23e8566f6a691aca9cb726

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/woocommerce.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-3add"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 3988
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/jquery.lazyload.js

63.250.43.137

200 OK

2.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/libs/jquery.lazyload.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
2.2 kB (2216 bytes)
Hash
4f65eabe39327931b6ba2767c2fb6d6d
bfc292b340ce38a4dd1810b0a3e0c381727db59d
8b5d9e3f3e4f0cf6dd49f3b2c032240864221545e4e7c719d94df1e95e68b938

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/libs/jquery.lazyload.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-2906"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2216
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/tabs.min.js

63.250.43.137

200 OK

1.3 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/tabs.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4562), with no line terminators
Size
1.3 kB (1255 bytes)
Hash
cb5275c70966894d236e54e2cb8ad9c6
e81830225f445868423c902433bcf5ea6cd3c6aa
624cf851836ff10b0c0f6d5d74fdedae67b688c1dc66943ad6d69834398e0277

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/tabs.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-11d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 1255
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/swiper.min.js

63.250.43.137

200 OK

38 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/swiper.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38380 bytes)
Hash
a6a8c2425ded22c3ad586cb31ed79e2e
62204d533484fd07ea8eca3a75908cdb7fce75bb
fe1664ad18034ba4f6c8db16a51978d00238e93f7d75a80849cb259a640df71c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/swiper.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-23914"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 38380
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/fixedHeader.min.js

63.250.43.137

200 OK

692 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/fixedHeader.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1824), with no line terminators
Size
692 B (692 bytes)
Hash
11c09283fbcf821fdca5299ec42d061a
08e89321d3a1b5dc15ccb27120e2ce173429cbfb
3a50d9b3e3a56c51fd811345d72d464c17698dd93cd3bb57db74e22f61ad9182

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/fixedHeader.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-720"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 692
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/promoTextCarousel.min.js

63.250.43.137

200 OK

270 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/promoTextCarousel.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (470), with no line terminators
Size
270 B (270 bytes)
Hash
0bce2161f862f1d328bb2312ff848cc7
dfe58ac631917157ef3848e21b5eb283aad3a1cf
68751ee7682bd5ce97f1e9e90ec7a56eff849687a7ef5662f91e96960b13628a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/promoTextCarousel.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-1d6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 270
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js

63.250.43.137

200 OK

2.8 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (8014), with no line terminators
Size
2.8 kB (2832 bytes)
Hash
bb5b36b27b7ccdd4b6840227bc0a31c8
c883b2a2baa9ad7ee31c8918b5980c7faaa6d2f1
7f25c9c8519fe53dcf36e64e57a16426dae09034cccde8cb0ff0bcac60730cae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 11:48:01 GMT
vary: Accept-Encoding
etag: W/"635fb5f1-1f4e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 2832
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ajaxSearch.min.js

63.250.43.137

200 OK

6.6 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ajaxSearch.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (23875), with no line terminators
Size
6.6 kB (6607 bytes)
Hash
f3b7802458d2bc85ebe5dfc23c05fcf3
bf7a50c96eec9fb0da442392ef0f352bbb4d997d
87e00478ce1a1aa87150d16efcdd2ee27748222c5c157452f2347560ca6fffec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/ajaxSearch.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-5d43"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 6607
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/wishlist.min.js

63.250.43.137

200 OK

609 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/wishlist.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1398), with no line terminators
Size
609 B (609 bytes)
Hash
6c2c87629c570197edc8f3cfc26b0150
49aad80150076a45ac4698415da685945694694f
ca060f0d3143d7a4be84e0658069ee2dfdd14a183c24a034ca254ef9a3a542c7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/wishlist.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-576"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 609
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobileMenu.min.js

63.250.43.137

200 OK

469 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobileMenu.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1549), with no line terminators
Size
469 B (469 bytes)
Hash
aa2fdde5bb8e268f6d54a0260a4d1e54
89c6b55c6e252fd112e9c628abcf1ea1aadb3ce5
17b95adf507c0a67bfc9a0881014c5ef344267f6ef7df8368eaaa6b814cf6574

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/mobileMenu.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-60d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 469
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js

63.250.43.137

200 OK

1.7 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6085), with no line terminators
Size
1.7 kB (1681 bytes)
Hash
94b057dfa3a851bba635345dacebe4d6
153565d848b953bc14b6aa0328b51ca11b057e7e
d88087dce1345bda7a20e2fde0fea475ba952860fe3a401fcdafe8083debd868

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/ethemeAnimatedHeadline.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-17c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 1681
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js

63.250.43.137

200 OK

8.1 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (24410), with no line terminators
Size
8.1 kB (8112 bytes)
Hash
66c59590a323888f6194631b121fa6ef
a0d6cb88ca20987c8bd5848dd65c69ac2016053e
4c126d5382db385c67130b1759eae8696a8d8b99b53c12a35e5bfb66fdff63af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/ethemeParallaxFloatingEffect.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-5f5a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 8112
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js

63.250.43.137

200 OK

2.1 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6721), with no line terminators
Size
2.1 kB (2053 bytes)
Hash
c6e86440067eb89b1ab2a826be511520
41b2f913bddb3ac9dc6c643ce63460831b6232b9
2e20cda7c7d5bb1ba317aed974548caa1e3a821bbc63dbd9674f9028fa461903

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/ethemeElementorSlider.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-1a41"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2053
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobilePanel.min.js

63.250.43.137

200 OK

607 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/mobilePanel.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1650), with no line terminators
Size
607 B (607 bytes)
Hash
7dc994b7b2a42eff840aa499cf9ef52d
bbd4325b668e8580916009e7f4845dd1a232d517
95d46bd108011bb62c1b90e14ed717fc1a003b07c90a09b66d3d477a5d0c5a4a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/mobilePanel.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-672"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 607
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/back-top.min.js

63.250.43.137

200 OK

397 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/back-top.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (715), with no line terminators
Size
397 B (397 bytes)
Hash
5d1d9d7fbd5bd52c865098901f0e5750
069e90f2c46a8e5cb7fca5b5b8d0fea8ec11221e
1158a0432a6f6c230adba0f467861f05740412e479e28923ffec17b11e0d9b61

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/back-top.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-2cb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 397
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js

63.250.43.137

200 OK

2.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4918)
Size
2.2 kB (2194 bytes)
Hash
878b66f1c31be4c5c0b3fa63361827f5
fa1b9d0b21ef0a5fed2b68d89b7302072eb0609b
3680b910f920304310fbdfd6577855911fe7e860e66a0db4f1d445d3490385fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-135d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2194
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend-modules.min.js

63.250.43.137

200 OK

11 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (32907)
Size
11 kB (10751 bytes)
Hash
1f79db22d77613a3447dcd5981cb5b88
5f4e6dd187422f1d403efb17e43db35e303b6631
b1e8df3a6403b556715234783a78faeb545f54dd3c65601165c97c7d7063ed9d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-80b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 10751
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js

63.250.43.137

200 OK

3.0 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.0 kB (2995 bytes)
Hash
4a8bd9ec5e8683ca461354b56882d3e2
993bc0c343abdd5e5f555b8ade72320ae7f59502
97cb584c6d8b9e884e58afdfe9aa8204940cb39047f2bf84d19b96db01ee8de5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-2fa6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 2995
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/ui/core.min.js

63.250.43.137

200 OK

7.1 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/jquery/ui/core.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
7.1 kB (7098 bytes)
Hash
4e91f3bde34bcef7ac5a2e1553ec4b7e
398cc0b8fa5795ad41a1490b42b974621e5c3529
8ad8783c45440f481056ff5d7b9cad3e3d52bb043b9ec40260daa62feec0ea18

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-53c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 7098
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/underscore.min.js

63.250.43.137

200 OK

7.3 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/underscore.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (18798)
Size
7.3 kB (7311 bytes)
Hash
3f92fc0fb188799b432341421df6cfde
09041f63af89e1164a53dec66eb7b2ac1dc58ba6
6b09e750d7ecaac14315f7c7e09b6de17f8d1f790b4acdc094b74832402aee31

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/underscore.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-4991"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
content-length: 7311
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-util.min.js

63.250.43.137

200 OK

756 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-includes/js/wp-util.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1391)
Size
756 B (756 bytes)
Hash
838aa5f64f258023c2f4ced3125cc12e
0f9ba4eee7038506d01a6e741b16324ffb347fda
8212000a2ae7888dec134e6a079a16c19d71f6bcd0924384abb16027325ed218

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-util.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:38:53 GMT
vary: Accept-Encoding
etag: W/"63628f0d-592"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 756
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js

63.250.43.137

200 OK

374 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (754), with no line terminators
Size
374 B (374 bytes)
Hash
ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 12:35:36 GMT
vary: Accept-Encoding
etag: W/"634d4c18-2f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
content-length: 374
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js

63.250.43.137

200 OK

1.6 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
1.6 kB (1589 bytes)
Hash
f0e4fc8e1c8f940a2b19eab99770ef10
568bedaabbf57e26ce315eb1f974fd940839bd8f
6dbe324f09cf563fcf337294450dec02271b05a3c4aff8bb88a036d046d52348

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-bdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5489
Expires: Thu, 10 Nov 2022 17:16:50 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5489
Expires: Thu, 10 Nov 2022 17:16:50 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/cart-widget.min.css

63.250.43.137

200 OK

15 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/woocommerce/cart-widget.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
15 kB (14627 bytes)
Hash
e9d0d5dc1966eecb3cf6c65b6f0774ec
f7d14e5c93917f25b7379198c6e884540c17b554
a3ad174ddb57955b97b3801a57ffd686b4f1f409e562989453b5d8d636370d2a

HTTP Headers

GET /wp-content/themes/xstore/css/modules/woocommerce/cart-widget.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-2a03"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8242 bytes)
Hash
feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 64931
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7723 bytes)
Hash
8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 62961
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3445 bytes)
Hash
178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:01 GMT
age: 64520
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8875 bytes)
Hash
2917b487c605eb7f53d20ff3b4fbfef0
5dd8989fb1129638361c16ad2a1fde93a4c4aafd
aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NPKM_A-uSrNtoT6ScKmBXTdMNsunt3d6UAWSzhLPsSPewThG_a0N8Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 64931
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9283 bytes)
Hash
a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2SqQjq27y6Vrwzl9a_ho6sOPImE7Fpbyxie8_fuPGa6bf8fn-yX0Jw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:13:45 GMT
age: 63096
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abc1b6dead712b3905b9b0c0c8b63b56
e63b4c3f61604e313af85d9577866b98f75faa2a
fe7ff7563830e4fd0ab0af0eb929ca26e7a59d6ac147115d127a9585867d139a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=896098490&t=pageview&_s=1&dl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ul=en-us&de=UTF-8&dt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAAABEAAAACAAsi~&jid=1601610567&gjid=1276515684&cid=97460034.1668095117&tid=G-5G4RZ87WQ9&_gid=2122813859.1668095117&_r=1&_slc=1&z=1182993545

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=896098490&t=pageview&_s=1&dl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ul=en-us&de=UTF-8&dt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAAABEAAAACAAsi~&jid=1601610567&gjid=1276515684&cid=97460034.1668095117&tid=G-5G4RZ87WQ9&_gid=2122813859.1668095117&_r=1&_slc=1&z=1182993545
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

HTTP Headers

POST /j/collect?v=1&_v=j98&aip=1&a=896098490&t=pageview&_s=1&dl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ul=en-us&de=UTF-8&dt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAAABEAAAACAAsi~&jid=1601610567&gjid=1276515684&cid=97460034.1668095117&tid=G-5G4RZ87WQ9&_gid=2122813859.1668095117&_r=1&_slc=1&z=1182993545 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: text/plain
Content-Length: 0
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
date: Thu, 10 Nov 2022 15:45:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f602.svg

192.0.77.48

200 OK

764 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f602.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1668), with no line terminators
Size
764 B (764 bytes)
Hash
85e0459ab18fdc3fafe7e82319bb0ff3
33813a1851c6845983cfb8cf9fd6dab96394f2df
309cad5fdb7a59c23c28e897b8ca74a60990298679921f95d1a66dedaec2237f

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f602.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abc1b6dead712b3905b9b0c0c8b63b56
e63b4c3f61604e313af85d9577866b98f75faa2a
fe7ff7563830e4fd0ab0af0eb929ca26e7a59d6ac147115d127a9585867d139a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--9bd086b

52.19.157.131

400 Bad Request

35 B

URL HTTP/2
designer-api.hu-manity.co/api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--9bd086b
IP
52.19.157.131:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
2d39949deb304165581d64923c5bfe94
762dea1e4984a788bc63b813b665eb996eed8e81
5aa5c91708b518a5f6ee1c3d7133f9a7f0b72788899a2183469bda49cf7a3355

HTTP Headers

GET /api/designer/user-design-live?AppID=spencer-ecom-bbc16dingress--9bd086b HTTP/1.1
Host: designer-api.hu-manity.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/json; charset=utf-8
x-api-key: hudft60djisdusdjwek
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 400 Bad Request
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: application/json; charset=utf-8
content-length: 35
server: nginx/1.20.0
x-powered-by: Express
x-request-id: 428963c0-f1f1-4631-b7ae-9fe2eccb1989
access-control-allow-origin: *
etag: W/"23-di3qHkmEp4i8Y7gTtmXrmW7tjoE"
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
ecddc66d7f0b76b7e92f1a92433e08e2
b7e7ff14a92a0924bc8782be57b513e661f7a973
438bdfcec1f983fbfdbef1cf93d068a7096e3b06e7d0afebbfe26781a51f83b6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "438BDFCEC1F983FBFDBEF1CF93D068A7096E3B06E7D0AFEBBFE26781A51F83B6"
Last-Modified: Wed, 09 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15322
Expires: Thu, 10 Nov 2022 20:00:43 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xstore.8theme.com/elementor/demos/minimal-electronics/wp-content/uploads/sites/71/2022/02/07_Review-min.jpeg

104.26.11.74

200 OK

5.4 kB

URL HTTP/2
xstore.8theme.com/elementor/demos/minimal-electronics/wp-content/uploads/sites/71/2022/02/07_Review-min.jpeg
IP
104.26.11.74:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x568, components 3\012- data
Size
5.4 kB (5380 bytes)
Hash
c9c4a9d8c0b800947db02086ca76df5a
c05c4778017dcb32a03deea4ae3856b7ee6de667
cb8bc3452e7594b1f682e7605fbf847f11c0f2db0a901338438cf82ebc63a34c

HTTP Headers

GET /elementor/demos/minimal-electronics/wp-content/uploads/sites/71/2022/02/07_Review-min.jpeg HTTP/1.1
Host: xstore.8theme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: image/jpeg
content-length: 5380
cache-control: max-age=31536000
cf-bgj: h2pri
etag: "6208cd38-1504"
expires: Mon, 08 May 2023 20:16:41 GMT
last-modified: Sun, 13 Feb 2022 09:19:52 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22288
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTJmVYFZzVVNzgWq0%2FaSZn0965%2BvvU8T%2Bzg84rnGZ9pGJL8QdVcxFmJZbJkXfdUbxbWI2zaC3pK3s9AEE0aLyMbJ9JZ2jM2KzSn27MUV9eSFlppWOoTvyosD3OcEJFi3IfAy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767fea2ebd7bb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 92269
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2

216.58.207.195

200 OK

26 kB

URL HTTP/2
fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 26304, version 1.0\012- data
Size
26 kB (26304 bytes)
Hash
29404b5009a74d47f2a7923da5741fd5
c8c7a68af3f7e4f92d932203efda0c38e4d170ab
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

HTTP Headers

GET /s/jost/v14/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 08:22:03 GMT
expires: Thu, 09 Nov 2023 08:22:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
content-type: font/woff2
age: 112998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

216.58.207.195

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Size
18 kB (18096 bytes)
Hash
f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

HTTP Headers

GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 20:33:08 GMT
expires: Fri, 03 Nov 2023 20:33:08 GMT
cache-control: public, max-age=31536000
age: 587533
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:56:18 GMT
expires: Thu, 09 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 74943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 15:45:09 GMT
expires: Fri, 10 Nov 2023 15:45:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 75092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/images/drag.png

63.250.43.137

200 OK

358 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/images/drag.png
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 18, 8-bit colormap, non-interlaced\012- data
Size
358 B (358 bytes)
Hash
778591fc00cc3a820b03a74d73392ce0
c62cab9c2c5a46db32919f0a22c8938de86ab675
e934dcbb43671ccceb743e8ede2eb9ab38846a2836e07cf0d88d93aef510dab1

HTTP Headers

GET /wp-content/themes/xstore/images/drag.png HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/xstore.min.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/png
content-length: 358
last-modified: Mon, 07 Nov 2022 12:40:50 GMT
etag: "6368fcd2-166"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
ecddc66d7f0b76b7e92f1a92433e08e2
b7e7ff14a92a0924bc8782be57b513e661f7a973
438bdfcec1f983fbfdbef1cf93d068a7096e3b06e7d0afebbfe26781a51f83b6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "438BDFCEC1F983FBFDBEF1CF93D068A7096E3B06E7D0AFEBBFE26781A51F83B6"
Last-Modified: Wed, 09 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15322
Expires: Thu, 10 Nov 2022 20:00:43 GMT
Date: Thu, 10 Nov 2022 15:45:21 GMT
Connection: keep-alive

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/09/Image-4-min.jpeg

63.250.43.137

200 OK

88 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/09/Image-4-min.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x580, components 3\012- data
Size
88 kB (88062 bytes)
Hash
78af4fd706f1a2cb10b4d9fcfb6720bb
8c85e1e3aff4e8329cf0c552c72bdb559e46d65d
8d5f30a728b81f5c269086bb66026751ddeb412267b52f1fdcf71e317dd387e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/09/Image-4-min.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:25 GMT
content-type: image/jpeg
content-length: 88062
last-modified: Wed, 28 Sep 2022 01:10:22 GMT
etag: "63339efe-157fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10555
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/10/banner-min.jpeg

63.250.43.137

200 OK

23 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/10/banner-min.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x383, components 3\012- data
Size
23 kB (22583 bytes)
Hash
30fa65dd00ec1867a5985e8e1a6df57d
d62e705ba64a893ea9ffe19c955a996655cca77d
9d89400913dc2ff0f958a1ffef7d71a450d57ec16444487327b56aade2e3deeb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/10/banner-min.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/elementor/css/post-20.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:30 GMT
content-type: image/jpeg
content-length: 22583
last-modified: Mon, 17 Oct 2022 23:01:45 GMT
etag: "634dded9-5837"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10551
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

63.250.43.137

200 OK

78 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:27 GMT
content-type: font/woff2
content-length: 78196
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
etag: "635f3bd2-13174"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?v=ext&blog=211063143&post=20&tz=-5&srv=spencer-ecom-bbc16d.ingress-florina.ewp.live&j=1%3A11.5.1&host=spencer-ecom-bbc16d.ingress-florina.ewp.live&ref=&fcp=2832&rand=0.6695709030543171

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=211063143&post=20&tz=-5&srv=spencer-ecom-bbc16d.ingress-florina.ewp.live&j=1%3A11.5.1&host=spencer-ecom-bbc16d.ingress-florina.ewp.live&ref=&fcp=2832&rand=0.6695709030543171
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=211063143&post=20&tz=-5&srv=spencer-ecom-bbc16d.ingress-florina.ewp.live&j=1%3A11.5.1&host=spencer-ecom-bbc16d.ingress-florina.ewp.live&ref=&fcp=2832&rand=0.6695709030543171 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/1123.jpeg

63.250.43.137

200 OK

42 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/1123.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 785x445, components 3\012- data
Size
42 kB (41977 bytes)
Hash
d5c8384eacce76e909518b40d8864974
1f5b6b54302683546af223b9d6475af54e66cab5
c23da716922275b3f869d93a68c70074c57b2961af3fcdcbcfab26c515bdb36a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/02/1123.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:42 GMT
content-type: image/jpeg
content-length: 41977
last-modified: Thu, 22 Sep 2022 23:06:03 GMT
etag: "632cea5b-a3f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10539
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/234.jpeg

63.250.43.137

200 OK

36 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/234.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 785x445, components 3\012- data
Size
36 kB (35696 bytes)
Hash
d9e89fdceadd5a8b11482cca635351d8
073fb4daa40d15317a8a85dc2f0ac0a664bf7dc8
79b1375bb5ab6724199c2085aeff477f0130ab0b04f44040135364f5bad4b15c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/02/234.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:42 GMT
content-type: image/jpeg
content-length: 35696
last-modified: Thu, 22 Sep 2022 23:06:04 GMT
etag: "632cea5c-8b70"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10539
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/

63.250.43.137

200 OK

20 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST / HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: multipart/form-data; boundary=---------------------------318293393035590424221898392428
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Content-Length: 184
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 20
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
537aa7c2d1d8b67db93e232c7a9ab923
a4a1d61c77923b71f5ba25de5602309b6af51eb7
f687556a931dc10c3b2304c619b6e5a901e48a5bb241f6d3a3ba6eaa29f92bf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5318
Cache-Control: max-age=126162
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:21 GMT
Etag: "636c519d-1d7"
Expires: Sat, 12 Nov 2022 02:48:03 GMT
Last-Modified: Thu, 10 Nov 2022 01:19:25 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

63.250.43.137

200 OK

77 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:27 GMT
content-type: font/woff2
content-length: 77160
last-modified: Fri, 07 Oct 2022 12:06:44 GMT
etag: "63401654-12d68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10554
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Image2-300x300.jpeg

63.250.43.137

200 OK

5.6 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Image2-300x300.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
5.6 kB (5643 bytes)
Hash
fcbcea23c1a0c1e87070e094ede8bc13
4a6d61c8e3a0c92cfd84e104d50444d32e0d47be
77a6147398fe08063c32b36c4881d12cb6ef56196c047964548811d477b7e56f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/02/Image2-300x300.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 14:08:41 GMT
content-type: image/jpeg
content-length: 5643
last-modified: Thu, 22 Sep 2022 23:28:50 GMT
etag: "632cefb2-160b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 5800
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/favicon.ico

63.250.43.137

204 No Content

0 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/favicon.ico
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 10 Nov 2022 12:40:06 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 11116
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

63.250.43.137

200 OK

664 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1320)
Size
664 B (664 bytes)
Hash
b002c6faba654c12af3af0acbf594d71
db46fedc93faad97dd4bd84631494d53163a1815
9db9782e2d582bb2144adeb7b7b0b0ee6075d9ebbb4cd28e580a046495362779

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:45:39 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-54f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10783
x-cache: HIT
accept-ranges: bytes
content-length: 664
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

63.250.43.137

200 OK

36 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65280)
Size
36 kB (35516 bytes)
Hash
a46e6555153bd32db46b588f92468fec
00f81e8c63664516d3fae2ad5585688b964b6b5d
ced01af673936a3d52321dfecb776d9da4c53cc28ffedc691ab7a24892f720e5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:45:39 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 03:06:58 GMT
vary: Accept-Encoding
etag: W/"635f3bd2-21f91"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 10783
x-cache: HIT
accept-ranges: bytes
content-length: 35516
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js

63.250.43.137

200 OK

150 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
150 kB (150171 bytes)
Hash
7b051c1e383e4ae9b56304b9e8dcd51d
16e050d061e1c6dea4fdcd0e7d00efdbfecb337f
3d2350e733ad6ac3d0e77bca89636fcc3ae703a8a4162cbe3522a65e5c26643a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:40:23 GMT
vary: Accept-Encoding
etag: W/"63628f67-b7a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

www.paypal.com/tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false

151.101.193.21

200 OK

4.3 kB

URL HTTP/2
www.paypal.com/tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false
IP
151.101.193.21:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (12084), with no line terminators
Size
4.3 kB (4299 bytes)
Hash
da1b94bdea2eb1769e74df6fbd2c1a2e
4c7f6b5318ffd3d36b6b431f4bd113b55d8f14a7
45cc4e008a654e4ef3f3b3eb0ca92f52ade64445039059b5395b11734b033be4

HTTP Headers

GET /tagmanager/pptm.js?id=spencer-ecom-bbc16d.ingress-florina.ewp.live&t=xo&v=5.0.342&source=payments_sdk&client_id=AYO5mAHK0oyDZNlGFubUJN_x8oHrtuOYNNsZUuCzPkEimRdzH406XXqkq1Iug0V2zVs9qId3871CyFDW&comp=buttons,funding-eligibility,messages&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hVFRt4KmE5l7k5zEqs6T3ofGJ8m3e6CxYysoN5SKL9nm/D6P' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
paypal-debug-id: f2643650a2374
traceparent: 00-0000000000000000000f2643650a2374-c8ca3ad30477d882-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:45:22 GMT
age: 5797
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4043-HHN, cache-bma1683-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1668095123.773594,VS0,VE22
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f2643650a2374-73415d7a04ee7f96-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4299
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-1-2.jpeg

63.250.43.137

200 OK

5.2 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-1-2.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 85x85, components 3\012- data
Size
5.2 kB (5213 bytes)
Hash
3aabbb97a60aa61dc08c80777fe96101
54412fcad49b556644010fe72ada86a9b4aebdb8
4e10b6fdd43123f3b898dd5fa623eaf72f7928241b52783f7f743110364c8c1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/02/Avatar-1-2.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 14:08:42 GMT
content-type: image/jpeg
content-length: 5213
last-modified: Thu, 22 Sep 2022 23:06:06 GMT
etag: "632cea5e-145d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 5800
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-4.jpeg

63.250.43.137

200 OK

6.3 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/uploads/2022/02/Avatar-4.jpeg
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 85x85, components 3\012- data
Size
6.3 kB (6312 bytes)
Hash
770976a1ae14a2e19ac22b0c1069d035
0020f9926f6eb61b5895b9d6e181f2d92e3f17e0
548ac63c57735938e80d38b22ee9c03edad9eccc95825fe4255fb17411cb86bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2022/02/Avatar-4.jpeg HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:49:43 GMT
content-type: image/jpeg
content-length: 6312
last-modified: Thu, 22 Sep 2022 23:06:06 GMT
etag: "632cea5e-18a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 10538
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1668095118900&g=0&completeurl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ru=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

151.101.65.35

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1668095118900&g=0&completeurl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ru=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
IP
151.101.65.35:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Spencer%20Ecom%20%E2%80%93%20Gadgets%20%C2%B7%20Gizmos%20%C2%B7%20Gifts%20-%20Spencer%20Ecom&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1668095118900&g=0&completeurl=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&ru=https%3A%2F%2Fspencer-ecom-bbc16d.ingress-florina.ewp.live%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Thu, 10 Nov 2022 15:45:22 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 8e3c86ca330ff
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1762789522%26vteXpYrS%3D1668096922%26vr%3D62379e011840a62446f2bc99ffffffff%26vt%3D62379e011840a62446f2bc99fffffffe; Expires=Mon, 10 Nov 2025 15:45:22 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D62379e011840a62446f2bc99ffffffff%26vt%3D62379e011840a62446f2bc99fffffffe; Expires=Mon, 10 Nov 2025 15:45:22 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-00000000000000000008e3c86ca330ff-ce92411dbf506cdc-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Thu, 10 Nov 2022 15:45:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4062-HHN, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1668095123.843583,VS0,VE193
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
7ea7fa14a34c843c488cadc5417db82e
b721ce005c30a61896453ac69e1e63cde4cd704b
9550bb5efdc9dccdf02744d85a7f413fc7986b1f663bf53a8b57c2da8842342b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6279
Cache-Control: max-age=123476
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:23 GMT
Etag: "636c4360-118"
Expires: Sat, 12 Nov 2022 02:03:19 GMT
Last-Modified: Thu, 10 Nov 2022 00:18:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff?v=8.3.6

63.250.43.137

200 OK

40 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff?v=8.3.6
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 40440, version 1.3\012- data
Size
40 kB (40440 bytes)
Hash
0b4e0d278a57341289c20163a3c491cc
6845c29ad7bd32a037e32b1ae734715ad0c19a0f
916bde7a76e3ec7996fed734382f2ac14368a18deb386abce07321e2608ccf3f

HTTP Headers

GET /wp-content/themes/xstore/fonts/xstore-icons-bold.woff?v=8.3.6 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
X-Moz: prefetch
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:39:31 GMT
content-type: font/woff
content-length: 40440
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
etag: "6368fcd3-9df8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 11152
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff2?v=8.3.6

63.250.43.137

200 OK

20 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/fonts/xstore-icons-bold.woff2?v=8.3.6
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 20332, version 1.0\012- data
Size
20 kB (20332 bytes)
Hash
dfa27e570eaff49db401e9e83e3c4e5b
3de6baa444573bb6093ac867fabda93c287a3566
ab0dd8f775f772701c82ae2572d1be2ed9c253efb67afc18f8cb9a8edcdc4be2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/fonts/xstore-icons-bold.woff2?v=8.3.6 HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
X-Moz: prefetch
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 12:39:31 GMT
content-type: font/woff2
content-length: 20332
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
etag: "6368fcd3-4f6c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 11152
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a887e9a9a6189021401a51796d885ac0
165db0063a528982cbafc51cd0f1fb52e86e89c5
f9496ec42b6079d3753388ee26b6876a63f3a3f77b292f89a87acb6a4d95c997

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2288
Cache-Control: max-age=128523
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:45:23 GMT
Etag: "636c66ae-116"
Expires: Sat, 12 Nov 2022 03:27:26 GMT
Last-Modified: Thu, 10 Nov 2022 02:49:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-product-grid.min.css

63.250.43.137

200 OK

9.5 kB

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/css/modules/builders/elementor/etheme-product-grid.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
9.5 kB (9491 bytes)
Hash
5f8c62a699eeab305f8a3b8a13a57e96
b8401650a1776f3ab07f52ce4a7fa6c8b6d8e857
179148fa5947619899643f8ddf6e5e6241e3e7eaf4cef69858ecf636d6f4980e

HTTP Headers

GET /wp-content/themes/xstore/css/modules/builders/elementor/etheme-product-grid.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 07 Nov 2022 12:40:51 GMT
vary: Accept-Encoding
etag: W/"6368fcd3-3015"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/?wc-ajax=get_refreshed_fragments

63.250.43.137

200 OK

754 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/?wc-ajax=get_refreshed_fragments
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2646), with no line terminators
Size
754 B (754 bytes)
Hash
89ff578944460447c64c175343cacdb8
f6a66c00a0fad4f2d96d1256af25c2a1411d8869
4da375cba6e5299a56f88f09570dcf9bc650226546edd293e07baad6cb2345c6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:23 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-methods: GET
x-nitro-cache: MISS
x-nitro-disabled-reason: ajax
x-nitro-disabled: 1
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 754
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
45bdc1e31c1a32bab3d7fc7717ca4036
cd09c85d350e5189bf59f5445a56c5021e41daa0
ae932036d89191e253cee9a182ff4465ccab21c9e8f7112c0f2293eedf54a6aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158615
Date: Thu, 10 Nov 2022 15:45:23 GMT
Etag: "636cd2e6-1d7"
Expires: Sat, 12 Nov 2022 11:48:58 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:02 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RyCKdvA6bROW5xQ0I74zT6qelqP_EXOwtuFBHmVx73MIcSDZNqnFlA==
Age: 4676

socket.tidio.co/socket.io/?ppk=pigjsqocuy5e5m0h5xtldz5rrjkvmmqr&device=desktop&EIO=3&transport=websocket

34.242.42.20

101 Switching Protocols

0 B

URL HTTP/1.1
socket.tidio.co/socket.io/?ppk=pigjsqocuy5e5m0h5xtldz5rrjkvmmqr&device=desktop&EIO=3&transport=websocket
IP
34.242.42.20:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?ppk=pigjsqocuy5e5m0h5xtldz5rrjkvmmqr&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mjB8vTP4ldHc9EDQRSaHpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 10 Nov 2022 15:45:24 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2SaXxlDXGlyOR3+knbzr74OAY8A=
Sec-WebSocket-Extensions: permessage-deflate

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/contact-form-7/v1/contact-forms/1859/refill

63.250.43.137

200 OK

22 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/contact-form-7/v1/contact-forms/1859/refill
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-json/contact-form-7/v1/contact-forms/1859/refill HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Cookie: caosLocalGa=GA1.4.97460034.1668095117; caosLocalGa_gid=GA1.4.2122813859.1668095117; _gat=1; nitroCachedPage=0; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:25 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: no-cache, public
x-robots-tag: noindex
link: <https://spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 0
x-cache: MISS
accept-ranges: bytes
content-length: 22
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f449.svg

192.0.77.48

200 OK

0 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f449.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f449.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:21 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

code.tidio.co/pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js

104.26.9.183

302 Found

0 B

URL HTTP/2
code.tidio.co/pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js
IP
104.26.9.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pigjsqocuy5e5m0h5xtldz5rrjkvmmqr.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 10 Nov 2022 15:45:23 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_125_0/static/js/render.2bd6da4447adf86836c4.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoDk5SI6PtK%2FIV5gZK5CJprPnVo%2B7%2BDtNnEeHOqzuUcF9uL5FrVBnQeRWigwUXM9WDFt9Aep80mEceMwt%2BxOyO8M1s4FgRXZFkp2fQjcJPljbLTY0yggXnDO7Nitrkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767fea37c92db511-OSL
X-Firefox-Spdy: h2

stats.wp.com/e-202245.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/e-202245.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e-202245.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 29 Oct 2023 22:44:48 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

www.paypal.com/xoplatform/logger/api/logger

151.101.193.21

200 OK

0 B

URL HTTP/2
www.paypal.com/xoplatform/logger/api/logger
IP
151.101.193.21:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
content-type: application/json
Content-Length: 1616
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/W/"3f7-XqQhBpkA8ON6csi6eF1S+t+aD0s"
paypal-debug-id: f8168527b5975
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 10 Nov 2023 15:45:23 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 11 Nov 2022 00:31:19 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Sun, 13 Nov 2022 15:45:22 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2ODA5NTEyMzYxMCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Thu, 10 Nov 2022 16:15:23 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1762789523%26vteXpYrS%3D1668096923%26vr%3D6237a06d1840a78852ded4b6ffba163f%26vt%3D6237a06d1840a78852ded4b6ffba163e%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; HttpOnly; Secure
ts_c=vr%3D6237a06d1840a78852ded4b6ffba163f%26vt%3D6237a06d1840a78852ded4b6ffba163e; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; Secure
traceparent: 00-0000000000000000000f8168527b5975-9558262c7026b335-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Thu, 10 Nov 2022 15:45:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4071-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1668095123.474772,VS0,VE229
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

widget-v4.tidiochat.com/1_125_0/static/js/render.2bd6da4447adf86836c4.js

104.26.9.139

200 OK

0 B

URL HTTP/2
widget-v4.tidiochat.com/1_125_0/static/js/render.2bd6da4447adf86836c4.js
IP
104.26.9.139:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1_125_0/static/js/render.2bd6da4447adf86836c4.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:45:23 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 08:15:52 GMT
vary: Accept-Encoding
etag: W/"6368beb8-4315"
cache-control: max-age=691200
cf-cache-status: HIT
age: 5268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx05Q%2BroPcL9PocfK4XIwJxA%2Fway5qi7KgzVfYKqoQg8PYKbG5Egf0zspZo4%2BQ8YwNMiX3g77kmAuCGqFyX1kfu3KSDzyRxjtnlHI4qrmq6Khna7MXsZkB4Zoc0cCk8ms7K3%2FhgA7LXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767fea393dedfab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.paypal.com/xoplatform/logger/api/logger

151.101.193.21

200 OK

0 B

URL HTTP/2
www.paypal.com/xoplatform/logger/api/logger
IP
151.101.193.21:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://spencer-ecom-bbc16d.ingress-florina.ewp.live
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f816852f25ccd
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 11 Nov 2022 00:31:19 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 10 Nov 2023 15:45:23 GMT; Secure
x-pp-s=eyJ0IjoiMTY2ODA5NTEyMzM3MCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Sun, 13 Nov 2022 15:45:23 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Thu, 10 Nov 2022 16:15:23 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1762789523%26vteXpYrS%3D1668096923%26vr%3D62379f751840ad04bb3280ffffc5e268%26vt%3D62379f751840ad04bb3280ffffc5e267%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; HttpOnly; Secure
ts_c=vr%3D62379f751840ad04bb3280ffffc5e268%26vt%3D62379f751840ad04bb3280ffffc5e267; Path=/; Domain=paypal.com; Expires=Sun, 09 Nov 2025 15:45:23 GMT; Secure
traceparent: 00-0000000000000000000f816852f25ccd-11024ca476b166bb-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Thu, 10 Nov 2022 15:45:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4041-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1668095123.227929,VS0,VE237
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css

63.250.43.137

200 OK

0 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 11:48:01 GMT
vary: Accept-Encoding
etag: W/"635fb5f1-d69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 15:45:20 GMT
date: Thu, 10 Nov 2022 15:45:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/cartProgressBar.min.js

63.250.43.137

200 OK

0 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/themes/xstore/js/modules/cartProgressBar.min.js
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/xstore/js/modules/cartProgressBar.min.js HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 12:40:49 GMT
vary: Accept-Encoding
etag: W/"6368fcd1-59d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css

63.250.43.137

200 OK

0 B

URL HTTP/2
spencer-ecom-bbc16d.ingress-florina.ewp.live/wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css
IP
63.250.43.137:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css HTTP/1.1
Host: spencer-ecom-bbc16d.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: text/css
last-modified: Fri, 21 Oct 2022 14:15:19 GMT
vary: Accept-Encoding
etag: W/"6352a977-1168"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

stats.wp.com/s-202245.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/s-202245.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s-202245.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spencer-ecom-bbc16d.ingress-florina.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:45:20 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 06 Nov 2023 21:27:18 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (77)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations