fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
157.245.41.2301 Moved Permanently 162 B URL HTTP/1.1 fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
fortinet Phishing
GET /frweb/0f0265b1ded7e3a/login.php HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 27 Jan 2023 00:37:22 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8845
Expires: Fri, 27 Jan 2023 03:04:47 GMT
Date: Fri, 27 Jan 2023 00:37:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10742
Expires: Fri, 27 Jan 2023 03:36:24 GMT
Date: Fri, 27 Jan 2023 00:37:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3535
Expires: Fri, 27 Jan 2023 01:36:17 GMT
Date: Fri, 27 Jan 2023 00:37:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 00:35:18 GMT
content-type: application/json
age: 124
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wzIJkTRHP45VFM1bHG6RY4RDXt0M3nJK/P1DVYyU79bA4hYpYcs6jOaKjA2Q6BBa1v47o/Fvcgw=
x-amz-request-id: A1JZB863XY9QSZK3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 00:20:19 GMT
age: 1023
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8e120c3beab307120a1b5bc06d0c9b8
5c480cc61835cca763cc918fa76e526839e06a0d
ae148453e42541c3becd5ef04a801ecd305de2a17b6b9b87254e60b295e078e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE148453E42541C3BECD5EF04A801ECD305DE2A17B6B9B87254E60B295E078E2"
Last-Modified: Wed, 25 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 27 Jan 2023 06:37:22 GMT
Date: Fri, 27 Jan 2023 00:37:22 GMT
Connection: keep-alive
fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
157.245.41.2200 OK 6.0 kB URL HTTP/2 fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2652), with CRLF line terminators
Hash eccc81c6f451df9f41ff202139995d30
0976922637c48248c703e79a72474bf60ccd6749
4936ac40522eddcf8c3290fae3fba54cf62ceef868e2785f6af271aeee5835f4
Analyzer Verdict Alert fortinet Phishing
GET /frweb/0f0265b1ded7e3a/login.php HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/html; charset=UTF-8
content-length: 5967
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct; path=/
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
x-powered-by: PHP/8.0.27, PleskLin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 23:41:40 GMT
age: 3343
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/footer-info.jpg
157.245.41.2200 OK 32 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/footer-info.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=30, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=792], baseline, precision 8, 792x30, components 3\012- data
Hash 394b5a01af02dff25a90ac176707bcf6
2e8a7538d82ac1454a32d30c609deb43d54d79e8
c5c5b655b194fc81bfa9b078c9b9295de4b5d329f409d41ea8c7b8fd77eb1bc4
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/footer-info.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 31730
last-modified: Tue, 05 May 2020 10:13:30 GMT
etag: "5eb13c4a-7bf2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/index-content.jpg
157.245.41.2200 OK 42 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/index-content.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:37:08], baseline, precision 8, 592x472, components 3\012- data
Hash feb028a0316d32290c21873cac0f970b
ca09c3c246c63ac372165d2fa0e07433d92fb4f8
dd484b04dac0726d23a6e91c32a5cb080ba9365c0988d72be39804ec5c9d6e13
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/index-content.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 41795
last-modified: Fri, 08 Nov 2019 21:37:08 GMT
etag: "5dc5e004-a343"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/footer-info2.jpg
157.245.41.2200 OK 38 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/footer-info2.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=187, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=456], baseline, precision 8, 456x187, components 3\012- data
Hash 100ac9adbdcc087c5e2dee7af8be4c42
00b98aa8777bb4cbf0efddadcda439ec28a30171
38d3911a697606e4bcd294fd4a0801d1c315654e047c35724f61169eacd03fe0
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/footer-info2.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 37933
last-modified: Tue, 05 May 2020 10:00:46 GMT
etag: "5eb1394e-942d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/remember.jpg
157.245.41.2200 OK 3.3 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/remember.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:41:22], baseline, precision 8, 232x26, components 3\012- data
Hash 749caf8b2ee7d53e19e9aefc264f1edd
6e47816ee429dce1b7bc90d3c4e7077f7717abef
523f01e171ebf63770e025487bdcfe986841d4ec2da50c1486d2632066eacd5f
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/remember.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 3349
last-modified: Fri, 08 Nov 2019 21:41:22 GMT
etag: "5dc5e102-d15"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/social.jpg
157.245.41.2200 OK 12 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/social.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=30, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=154], baseline, precision 8, 154x30, components 3\012- data
Hash 10baeb484a0fcae6c5cadca7f0b36bab
f49e3f831e00fe1a09ebbdbeaa8ce6eb8c68ce14
fb347baa43d515cc03ea6d5a590d8f5a71be43dc2c9ffbd112d85ff5c402ab08
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/social.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 11858
last-modified: Tue, 05 May 2020 10:01:38 GMT
etag: "5eb13982-2e52"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/footer-links2.jpg
157.245.41.2200 OK 10 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/footer-links2.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:09 03:07:52], baseline, precision 8, 145x194, components 3\012- data
Hash a80be8f527a404c7f8338a334827c1e4
041fe88b8c5197094952e0a8ae6605e09f18c5a1
ecfd67766f26a45c54b53340c22f3f25441a40434a559dde5b73f6d19901abbf
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/footer-links2.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 10348
last-modified: Sat, 09 Nov 2019 03:07:52 GMT
etag: "5dc62d88-286c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/logo.jpg
157.245.41.2200 OK 3.8 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/logo.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:35:13], baseline, precision 8, 160x33, components 3\012- data
Hash f85385da3d92ffbf4a5f706ec6f6b1fe
c6321ff15f1d136f6c04728b8c058d301ca66c3d
04690f1deb47cc41bcb7fbc072a9fdc7893c279a2857bea2d0fdfb90f5aebf17
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/logo.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 3772
last-modified: Fri, 08 Nov 2019 21:35:12 GMT
etag: "5dc5df90-ebc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Fri, 27 Jan 2023 02:03:40 GMT
Date: Fri, 27 Jan 2023 00:37:23 GMT
Connection: keep-alive
fadeologybarbersshops.com/frweb/assets/images/footer-links.jpg
157.245.41.2200 OK 8.4 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/footer-links.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:40:28], baseline, precision 8, 713x16, components 3\012- data
Hash 12962121b758a6679970b22c02e978a2
c8af650f6bcefbc374ea21ddf2e54ecd67c8811a
f6f7e0611ba3d6ba2268c51b20205b322d51d1cee76bdd6911b49f1d12b4f05a
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/footer-links.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 8378
last-modified: Fri, 08 Nov 2019 21:40:28 GMT
etag: "5dc5e0cc-20ba"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/index-content2.jpg
157.245.41.2200 OK 38 kB URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/index-content2.jpg
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:09 02:58:15], baseline, precision 8, 705x334, components 3\012- data
Hash ceb0e69d56f8fb313a1de01ebea0f30f
5f78b4db0ade197e62cc5fe54e78b21a3eb88af9
64183c0b220d6a5c70fe6db1b913f71f7169e74e8a792a55121941a1612b112e
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/index-content2.jpg HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/jpeg
content-length: 37745
last-modified: Sat, 09 Nov 2019 02:58:14 GMT
etag: "5dc62b46-9371"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/images/favicon.ico
157.245.41.2200 OK 318 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/images/favicon.ico
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Hash ca10c09aeaf43460d3760f50c608eb51
f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e
daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642
Analyzer Verdict Alert urlquery phishing Phishing - Societe Generale
urlquery phishing Phishing - Societe Generale
GET /frweb/assets/images/favicon.ico HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: image/vnd.microsoft.icon
content-length: 318
x-accel-version: 0.01
last-modified: Fri, 08 Nov 2019 21:44:16 GMT
etag: "13e-596dcaef7cc00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: juh2H+08a1ihK7ocj+7f0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GaEwjN8w3fEJT8f8/KzAo7opGiQ=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5437
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Fri, 27 Jan 2023 00:37:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5437
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Fri, 27 Jan 2023 00:37:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5437
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Fri, 27 Jan 2023 00:37:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: cc977ea9-c418-4a5a-a13b-c86e16bbe6ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRGPFGL5oAMFiSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d050c6-2d540cac5ca7d4e64cfdb8bc;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:42:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uZnA5gkRlZyqamh_n3992G9PlMJa4gJ-mjSOQEysII73dDKLXmeXsg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:26:22 GMT
age: 43862
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1695371c247eedad65b4cac82f01215d
50510052f0e22e23f747c761d57cdf72910ac533
aadde426229f04f6a489b87d6949a485b19d4fd035cb244b6094549efc08013f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6394
x-amzn-requestid: 859587bc-081f-4092-8fed-40e3f2bc8ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOjE6FJNIAMFz6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf4bb8-28848a07545a0e557f1250b1;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 03:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIQ-V8uU0HwYAPEfXMUw7T2IYlStHuZ0mwWdVFUNf46i6ugVGZm-Bw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 11:50:55 GMT
age: 45989
etag: "50510052f0e22e23f747c761d57cdf72910ac533"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d2506ac511dfbea29e29ab14ba10f85
b2e2972ffa82b103c62ffde0fca99454e12d95e6
fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 11602
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06130c82b0c12aabc0cc9f920114e1c5
c2137e969f6eb3790923e1bc30d4288105fd1296
70b50dc9f7e76372b557da8d5188e86b4307e3d855619c5974d7830ab187cec1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11689
x-amzn-requestid: c72f71e2-e235-4611-826b-94b55c1a6a17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1YDGl8oAMF2Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c33-3e8a69900c1267e102d2c2bc;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tVR_sITOzOjgI7rbEZtkZxix7ndnSvWOM86XQWgT4mbLyjP_5cY0BQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 03:52:59 GMT
age: 74665
etag: "c2137e969f6eb3790923e1bc30d4288105fd1296"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 869cdfba2637cc932ce387317a3c485e
51d87a5223d87c959bf27b2a825dce0a28f52ada
6dc4247dd3110836195f9962463bd8265be89633e9e589bf19955991751c26fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5669
x-amzn-requestid: 17f6235c-d495-4813-9453-407331e0dcad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZSH4fIAMFxeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3b-67ff5c7f416727670e7c3b21;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zH3wYMLXCFCcoop-xy3r_wXiY2g684Ei-o6BVntyzqjNeX1UuvQsxA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 04:25:48 GMT
age: 72696
etag: "51d87a5223d87c959bf27b2a825dce0a28f52ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 5762
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/css/bootstrap.min.css
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/css/bootstrap.min.css
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
GET /frweb/assets/css/bootstrap.min.css HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/css
last-modified: Wed, 13 Feb 2019 08:01:40 GMT
etag: W/"5c63cee4-2606e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/css/fonts.css
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/css/fonts.css
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
GET /frweb/assets/css/fonts.css HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/css
last-modified: Sun, 03 Nov 2019 21:14:52 GMT
etag: W/"5dbf434c-e92"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/js/fontawesome.min.js
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/js/fontawesome.min.js
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /frweb/assets/js/fontawesome.min.js HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/javascript
last-modified: Sun, 25 Nov 2018 23:03:18 GMT
etag: W/"5bfb2a36-10314e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/js/main.js
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/js/main.js
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /frweb/assets/js/main.js HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/javascript
last-modified: Thu, 19 Dec 2019 21:00:48 GMT
etag: W/"5dfbe500-1180"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/js/jquery.min.js
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/js/jquery.min.js
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /frweb/assets/js/jquery.min.js HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/javascript
last-modified: Wed, 11 Sep 2019 20:52:54 GMT
etag: W/"5d795ea6-15851"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/css/helpers.css
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/css/helpers.css
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
GET /frweb/assets/css/helpers.css HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/css
last-modified: Tue, 27 Nov 2018 00:16:08 GMT
etag: W/"5bfc8cc8-a318"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/js/bootstrap.min.js
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/js/bootstrap.min.js
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /frweb/assets/js/bootstrap.min.js HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/javascript
last-modified: Sat, 09 Nov 2019 21:29:12 GMT
etag: W/"5dc72fa8-e414"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/js/popper.min.js
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/js/popper.min.js
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /frweb/assets/js/popper.min.js HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/javascript
last-modified: Sun, 25 Nov 2018 20:02:46 GMT
etag: W/"5bfaffe6-4f74"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fadeologybarbersshops.com/frweb/assets/css/main.css
157.245.41.2200 OK 0 B URL HTTP/2 fadeologybarbersshops.com/frweb/assets/css/main.css
IP 157.245.41.2:0
ASN #14061 DIGITALOCEAN-ASN
GET /frweb/assets/css/main.css HTTP/1.1
Host: fadeologybarbersshops.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fadeologybarbersshops.com/frweb/0f0265b1ded7e3a/login.php
Cookie: PHPSESSID=pb1vvbld9ug0anu0gdtpchnkct
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 00:37:23 GMT
content-type: text/css
last-modified: Tue, 05 May 2020 10:09:34 GMT
etag: W/"5eb13b5e-b84"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2