Overview

URLgetuglysweaters.com/
IP 68.183.28.147 (United States)
ASN#14061 DIGITALOCEAN-ASN
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 07:25:55 UTC
StatusLoading report..
IDS alerts0
Blocklist alert59
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:53:26 UTC 34.117.237.239
player.vimeo.com (1) 1858 2013-09-26 03:16:08 UTC 2020-01-28 05:29:01 UTC 162.159.138.60
getuglysweaters.com (101) 0 No data No data 68.183.28.147 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-28 11:50:49 UTC 142.250.74.164
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-28 23:28:37 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.218.164.174
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-28 20:10:04 UTC 142.250.74.168
js.afterpay.com (1) 12271 2020-08-31 12:04:32 UTC 2022-11-29 00:31:57 UTC 104.18.80.2
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-28 16:39:41 UTC 142.250.74.10

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 getuglysweaters.com/ Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/inc/fonts/theme/Radnika-Bo (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/inc/fonts/theme/Radnika-Re (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/shopkeeper-extender/includes/gbt-blo (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/inc/fonts/theme/NeueEinste (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/inc/fonts/theme/NeueEinste (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/a (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/p (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/p (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-includes/css/classic-themes.min.css?ver=1 Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-c (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/hookmeup/publ (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/themes/shopkeeper/css (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper-child/style.css?ver=1.0 Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/themes/shopkeeper/inc (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/yith-woocomme (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/yith-custom-t (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/themes/shopkeeper/css (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/a (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/revslider/pub (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/shopkeeper-ex (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/shopkeeper-extender/includes/social- (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/wpforms/assets/css/wpforms-full.min. (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/yith-woocomme (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/themes/shopkeeper/inc (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/shopkeeper-extender/includes/gbt-blo (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/themes/shopkeeper/css (...) Phishing
2022-11-29 2 getuglysweaters.com/ Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/themes/shopkeeper/css (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/woocommerce/assets/js/frontend/wooco (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/woocommerce/assets/js/frontend/add-t (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/duracelltomi-google-tag-manager/js/g (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/cache/min/1/wp-content/themes/shopkeeper/css (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.c (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/inc/notifications/classic/ (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/duracelltomi-google-tag-manager/js/g (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-includes/js/wp-emoji-release.min.js?ver=e6f2a57e6f99 (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/wpforms/assets/js/utils.min.js?ver=1.7.8 Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-includes/js/wp-util.min.js?ver=e6f2a57e6f998a2341784 (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/woocommerce/assets/fonts/star.woff Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/duracelltomi-google-tag-manager/js/g (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/inc/search/assets/js/searc (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/style.css?ver=e6f2a57e6f99 (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/js/plugins/woo-swatches.js (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/yith-woocommerce-added-to-cart-popup (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/ (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/js_composer/assets/js/dist/js_compos (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/wpforms/assets/lib/punycode.min.js?v (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/yith-woocommerce-added-to-cart-popup (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/woocommerce/assets/js/frontend/cart- (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/js/vendor/fresco.min.js?ve (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-content/themes/shopkeeper/js/vendor/isotope.pkgd.min (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/shopkeeper-extender/includes/custom- (...) Phishing
2022-11-29 2 getuglysweaters.com/wp-includes/js/underscore.min.js?ver=1.13.4 Phishing
2022-11-29 2 getuglysweaters.com/wp-content/plugins/revslider/public/assets/js/rs6.min.j (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 68.183.28.147
Date UQ / IDS / BL URL IP
2022-11-29 07:25:55 +0000 0 - 0 - 59 getuglysweaters.com/ 68.183.28.147


Last 5 reports on ASN: DIGITALOCEAN-ASN
Date UQ / IDS / BL URL IP
2023-02-03 20:59:37 +0000 0 - 11 - 0 www.momsorangecounty.org/providers 159.89.241.124
2023-02-03 20:45:09 +0000 0 - 0 - 44 www.dailyfintch.com/ 167.71.138.240
2023-02-03 20:40:21 +0000 4 - 2 - 2 sfo3.digitaloceanspaces.com/cfgabxij10shnxkpa (...) 138.68.34.161
2023-02-03 20:35:35 +0000 0 - 0 - 3 g2glog.in/ 161.35.255.96
2023-02-03 20:22:32 +0000 0 - 1 - 0 s.amesecen-jp.icu/ 161.35.236.151


Last 2 reports on domain: getuglysweaters.com
Date UQ / IDS / BL URL IP
2022-11-29 07:25:55 +0000 0 - 0 - 59 getuglysweaters.com/ 68.183.28.147
2022-09-14 08:53:19 +0000 0 - 0 - 4 getuglysweaters.com/wp-content/resources/soli (...) 67.205.131.97


No other reports with similar screenshot

JavaScript

Executed Scripts (89)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (138)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2256
Expires: Tue, 29 Nov 2022 08:03:19 GMT
Date: Tue, 29 Nov 2022 07:25:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3593
Cache-Control: max-age=101131
Date: Tue, 29 Nov 2022 07:25:43 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:31:14 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7876
Expires: Tue, 29 Nov 2022 09:36:59 GMT
Date: Tue, 29 Nov 2022 07:25:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 07:19:36 GMT
cache-control: public,max-age=3600
age: 367
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: xxlgHIBy1PC/DgW5TyBFIXDmIxuF9Klb8NCd7zHYcM5nEWNum9fG9YEegW4HPVuVv6iQNO1h4VQ=
x-amz-request-id: NK2B1G59AYWKRSW4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 06:45:21 GMT
age: 2422
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 07:25:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 07:08:56 GMT
cache-control: public,max-age=3600
age: 1008
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5693
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 07:25:44 GMT
Last-Modified: Tue, 29 Nov 2022 05:50:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iFSVyet+NN9EXnEo5hXa6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.218.164.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PXiROgsSrBW4oNhFXaUy5OmLY0U=

                                        
                                            GET / HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         68.183.28.147
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 Nov 2022 07:25:43 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://getuglysweaters.com/
Cache-Control: max-age=0
Expires: Tue, 29 Nov 2022 07:25:43 GMT
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  data
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6407
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:25:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6407
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:25:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6407
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:25:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6407
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:25:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:43:20 GMT
age: 31345
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8402
x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYeaGbgoAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:18:26 GMT
age: 11239
etag: "47295f2cf1b039c4b85cbe463d7893671a563989"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8402
Md5:    faf3524970b0c3256eb5708f4ccf11ce
Sha1:   47295f2cf1b039c4b85cbe463d7893671a563989
Sha256: ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 85537
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mFiEmh1axlMNuIBb1YSzcciCdHzHGG7q0f3lQOuHJmjugWgdZKKiSg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:27:11 GMT
age: 71914
etag: "3348f081a3357490a704592d105d02e81886df89"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6037
Md5:    b5e2bc1651b37b8e0467c2a6cb860fb3
Sha1:   3348f081a3357490a704592d105d02e81886df89
Sha256: 751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
age: 34120
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8921
Md5:    823e92f62ff7b3c2093828817d7f2866
Sha1:   c501de9eaa581a10b0b5fce40b54bb10f57f7c29
Sha256: 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 34537
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            GET /wp-content/themes/shopkeeper/inc/fonts/theme/Radnika-Bold.woff2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: font/woff2
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 25547
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25524, version 1.786\012- data
Size:   25547
Md5:    c2750936a5cf61d3314c97f1d166d549
Sha1:   64478481ef131d478c5612816dc9c0d3cf594078
Sha256: bac58120fbffb0593d3154c02fb7affb016dd9265570b71db803389e9118f595

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/inc/fonts/theme/Radnika-Regular.woff2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: font/woff2
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 25311
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25288, version 1.786\012- data
Size:   25311
Md5:    e9d5bc166b296aacf08746fe5ded12a8
Sha1:   88cf210cfc2e98d080efccd5cbe811ba44d3e7f1
Sha256: 5077c15db5a1058632995073533995495020630b12d8b66ca5f1954c574207ea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/yith-woocommerce-affiliates-premium/assets/css/yith-wcaf.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1996
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9963), with no line terminators
Size:   1996
Md5:    1c49b8a8f50a18ce15a037c37a01d51c
Sha1:   bbe265fd4754fed4ccb690eb74f0670aba80825a
Sha256: 8210cd7247d081fd56390f776eb8ad932eb2293c9de51f3c1dbdfe4d145dc9ca
                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/gbt-blocks/posts_grid/assets/css/style.min.css?ver=1669039077 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 826
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5743), with no line terminators
Size:   826
Md5:    1ef73141b5a978c93bb68c0bc1116e98
Sha1:   520a95b7c9d6d1f63dcb9d58f56c7f7d7e85e6c0
Sha256: bfec76f8344668206b34890abde5356a24e3785c3202e0623daee32eb3513dfd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4123
Cache-Control: max-age=123257
Date: Tue, 29 Nov 2022 07:25:46 GMT
Etag: "6384e258-117"
Expires: Wed, 30 Nov 2022 17:40:03 GMT
Last-Modified: Mon, 28 Nov 2022 16:31:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/shopkeeper/inc/fonts/theme/NeueEinstellung-Regular.woff2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: font/woff2
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 21539
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21516, version 1.15073\012- data
Size:   21539
Md5:    26b44d4f5bbdae7d65aae53196e8be75
Sha1:   7821ceb62a3e63f10bc306ebc95345f9ac74ff1b
Sha256: f0d9d1271cb2d2c78f2427814134ca74c1e92e7a3cbb575e0389e6daf53402ce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/inc/fonts/theme/NeueEinstellung-Bold.woff2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: font/woff2
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 22331
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22308, version 1.15073\012- data
Size:   22331
Md5:    a0be9315cfd759137402387b0d4d6312
Sha1:   1f0ad5c8c430cb307b12102eeb7fc172bc9a920f
Sha256: 08b7f9deb455bb3f5d586722cc56671b72f0ddb6cfea40ce6d94637e784c8818

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/select2.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1882
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14615), with no line terminators
Size:   1882
Md5:    95c1fa8191d7051ed2c1f0807bbc57c8
Sha1:   3cae5698b4282de21449726177544fbc08e7dc35
Sha256: 89fe7813ce1348f6144aac84d5b5d1bff4fcf2333355c49c324f9ff80b8d1478

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/player.js?ver=1.0 HTTP/1.1 
Host: player.vimeo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.159.138.60
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Content-Length: 6272
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 29 Nov 2022 07:27:50 GMT
x-host: player-58577c84f5-mkk6x
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-0
x-backend-proxy: playproxy1
x-bapp-server: player-58577c84f5-mkk6x
Accept-Ranges: bytes
Age: 298
X-Served-By: cache-bma1625-BMA
X-Cache: HIT
X-Cache-Hits: 372
X-Timer: S1669706746.154841,VS0,VE0
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=UC_MR77VcYZq.JifUtEEtY1etUTenaY6n7eL_cnQcIk-1669706746-0-AUAKHuhX+0L8WoGIJwr7EcOb7TdNvpr2xj+DBiv6dK+BsuJTb1aK2/wFzX9XR6jVpqBF+hWxXLcVqHayrS0awf8=; path=/; expires=Tue, 29-Nov-22 07:55:46 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 77199c7b5d500b3d-OSL


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (21087)
Size:   6272
Md5:    be35514553399a516ec9a8a782341d76
Sha1:   cc471c8a2ad4a645656f72e0833a3cd1a9131b63
Sha256: ab060007b859a933f8fb7bbc505c9c0a06eef5813ab909d9f09f9656c2d53505
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:29:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 12518
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   12518
Md5:    8fa87dd23394a22621248ec378d2af59
Sha1:   9305bc637a89b1700d7f56a19a80bd32b0feb2f7
Sha256: c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1962
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10435), with no line terminators
Size:   1962
Md5:    38b1f483d4bf6b1548990385c8673746
Sha1:   1668edb02c5170be308368292a4c12033d0a42f4
Sha256: 98138d83d7cb12e99802ba034b400a67e0d7b6e378d8bcd1b4d9f4fe44ce1111

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3965
Cache-Control: max-age=113686
Date: Tue, 29 Nov 2022 07:25:46 GMT
Etag: "6384bd94-117"
Expires: Wed, 30 Nov 2022 15:00:32 GMT
Last-Modified: Mon, 28 Nov 2022 13:54:28 GMT
Server: ECS (amb/6BC7)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 24471
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size:   24471
Md5:    8eeba8ba71bd7412ed43bb3143f2594e
Sha1:   0c2b4e60543d5f9b8981a9f8b452e2e280522b67
Sha256: 9ec4cd55eda476bc3dc093eeab4b5f517bedbf6876a65db2d4672ccbe8612727

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/gbt-blocks/banner/assets/css/style.min.css?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 642
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2704), with no line terminators
Size:   642
Md5:    861be063764641dbbac8e81c29c2111c
Sha1:   5d9d817cc3ea16ddc821cc495de72eaa575f8824
Sha256: 3ebc04f9b292ff671a2ac9c8c93a65df0f34dc2d4b369676d7e38d8cb799b82c
                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/gbt-blocks/slider/assets/css/frontend/style.min.css?ver=1669039077 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1125
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5772), with no line terminators
Size:   1125
Md5:    c1e79fe138155d7d7e67db8795a1bec4
Sha1:   60eea50e2415fc9e405bb0dd0fed01b0454e406c
Sha256: ea5743fe0b02e480f5df3217f6c3c855a19b55966f1c2db6ddf7ca5210812cb5
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Wed, 02 Nov 2022 01:59:12 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   189
Md5:    5a18e16eb01cbaa862eb32e6b77bedb2
Sha1:   3abf9b913cc9f558f02cba7c9b822f8d1812cb96
Sha256: d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /recaptcha/api.js?render=6Lf_d4UUAAAAACBR0viCuFAoF2JQtQ6Lt-CxFGE_&ver=3.0 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 29 Nov 2022 07:25:46 GMT
date: Tue, 29 Nov 2022 07:25:46 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   584
Md5:    c27658c20812d98bc0ebb7cac370f22e
Sha1:   d952e21742d95128e6c09eb0bfa349b264dfe0e0
Sha256: edef7f291c059cccda711ae5ebe5d4199ace64bdfdf7c25f256a723463b92079
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/woocommerce-colororimage-variation-select/css/slick.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 490
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1332), with no line terminators
Size:   490
Md5:    1fe9999de88a410dddd8d4083c4173d1
Sha1:   bbbaf820aba5306adedfd26e3062aff372862961
Sha256: ebe54c08895112a9b98cd009a6861ea1476ec62d1cf5a49c41ec8955f6dd3a3c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/hookmeup/public/assets/css/hmu-public.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 176
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   176
Md5:    073b21fd781bdf3948933f9b51dfd2a7
Sha1:   1f93a8ea8d41d2ce9e1d5d9b83bf9bf743697a4a
Sha256: 20d732ff0b92282b012f756b635dfa9bd54e0274f2fad7d46bad048b60e9bffb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/css/vendor/easyzoom.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 341
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (736), with no line terminators
Size:   341
Md5:    4a7e089d8964da8385d0506a6fda94a0
Sha1:   eeb0e456cd74b921466f92d28d41cc8d510b2c63
Sha256: 895d10442fa911dc6d24364329a71b5de8ae7763be2595b5f8106bcc8639502b
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/css/plugins/woo-swatches.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1065
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5086), with no line terminators
Size:   1065
Md5:    54b214f5dbf5ef96dfc1ddbf0e99f5fd
Sha1:   0bbb9a385688718e579531b0a923b45dc78e1ede
Sha256: bff8b85ef628a14ba91120a041a2a13c51f01b3e36d66a7dbe3b34dec9e818fa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper-child/style.css?ver=1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Wed, 18 Nov 2020 17:57:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 216
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   216
Md5:    6d363be9c06954dcd650fcc470f42f81
Sha1:   ac74a0d28f9a6d9d6a4795a4a80e3862e393f269
Sha256: 58d8ffd1eab25461558f85a734e8487c518e787e533cc0dfe8b907ff0ab41cd2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/inc/notifications/classic/assets/css/style.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 330
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1469), with no line terminators
Size:   330
Md5:    5d5a0d33cae3dcf2a28690e999f0e4d2
Sha1:   9edb0ffa6821d6cec1385a1733d6b16e752b53d5
Sha256: 9cbbf5c76d1bf26bdff2cb43dd2ba7782844c4f85439760011d1c8c8ee706e95

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/yith-woocommerce-added-to-cart-popup-premium/assets/css/wacp-frontend.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2499
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13787), with no line terminators
Size:   2499
Md5:    f9f7df4d6143c111b4bcfe7209ea75f9
Sha1:   3410d831e79a8a5c9dbb0281dbd03712e2f7d886
Sha256: 3fbe13838acc2953b6f03e5f5ef00f5e0c029cf0839e0eca7b8b18ecf7a8a44c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2554
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17809), with no line terminators
Size:   2554
Md5:    d45c9e0b4109fd68bc2eaae40d01f61a
Sha1:   f0fd80fcb3e8b7a9d95782d0f0c79ddc19b2fa96
Sha256: 072aa95bd2ad493914030593b84c611b2dfcc39444f726ddab52751f4b4bf926
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/yith-custom-thankyou-page-for-woocommerce.premium/assets/css/style.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1414
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5810), with no line terminators
Size:   1414
Md5:    c7a4deb2e934c6265ed1a3b123e4e8e5
Sha1:   0cc6be6b8168f5f791c1c1d43c6ea4d7c9cfee53
Sha256: f812621543e4533bdc41f551e66b827c0c6d9ec2c86bdf801547eee6b90917d3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/css/vendor/fresco/fresco.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4015
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28844), with no line terminators
Size:   4015
Md5:    5250bb35f7a89ae5236e0c2e85dad9d3
Sha1:   a6b9851e0add2ff36a550938568ec2a7d559ca37
Sha256: 7e3614f078d9883bbab8aedf44d3a30e7cecb3e071c7bc5ef43fa29bc8bac01b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4169
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 8956
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (63777), with no line terminators
Size:   8956
Md5:    cb74c782ffd84fa0794e1945982c4f0f
Sha1:   4e6a1e3cb943dc3f2a7cdedb70c8d66b15234049
Sha256: 2f70c90ef9a6de526926fff7b74f82a7d9053d791964603743cea0997f8b696b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:29:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 30995
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30995
Md5:    1b5264c989379b828aff60f65a518a24
Sha1:   98641237f14ccb33ac114f54329a33bd0aa17eb7
Sha256: 6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 9558
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50510), with no line terminators
Size:   9558
Md5:    7b17ba388eacc2f4c37f1a675bc6c975
Sha1:   c8f7915da8237d39d200d03389092b3c5872c6c0
Sha256: 44c1af8268d0e8edaba7810699ab49453c970fd3e33c3715bc580f3868b51d29

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/shopkeeper-extender/includes/custom-menu/assets/css/custom-menu.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 262
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (702), with no line terminators
Size:   262
Md5:    135621748695679cceccc8f19792eaa1
Sha1:   8af8ab64cbb59ba10e73a59934e8b111fcc3ed15
Sha256: aacd89cfe06e7b99f376081951a1d3a638285eb3fdc4cca47de9968dd7e39159

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/social-sharing/assets/css/social-sharing.min.css?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 609
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2337), with no line terminators
Size:   609
Md5:    4dc9b747fa60d6a8ecc6bfa5036b8316
Sha1:   6462752b84e1f5ac5d40d7cffc9c6a79e6eb82c2
Sha256: 3e1131026652be16689413a0771f70c25a96cd9c54773d93da5b58d69408c491
                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/social-media/assets/css/social-media.min.css?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 565
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2415), with no line terminators
Size:   565
Md5:    7fed2d635220b2cefbc35b2a036667ce
Sha1:   7c762b274f95573e74b3e56944bb2feade9256e1
Sha256: e985d9a6ef958bf7468e1f8889350ce6ad93978913fb651537469c4f4680f9a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wpforms/assets/css/wpforms-full.min.css?ver=1.7.8 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Thu, 10 Nov 2022 19:58:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5671
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40956)
Size:   5671
Md5:    7b0f75e14a87c8fddaaa418be52e3801
Sha1:   0abb9690ea8e8afd2b04051854312dc5460a5798
Sha256: a0214322fb4fb48fbb113a1c6c9d2b8649867bca6e3045b735af76f848157cc8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/css/plugins/misc.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 111
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   111
Md5:    6b30251508d375ac815ea0450f10b26e
Sha1:   670f146450236ebb56ad56611a5f304962843c66
Sha256: b9fbed6e8f204c4da60fc7e0453e8b23e7b12d813c1ec4f267bbba70f8cdbefe
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/yith-woocommerce-added-to-cart-popup-premium/assets/css/perfect-scrollbar.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 470
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1669), with no line terminators
Size:   470
Md5:    d24daca49f76eaf7f4fc9772537d9ecc
Sha1:   6b0291e6c744e8bb0110aceb8698a808b7f8423f
Sha256: 8ab16d5381b54b07c1aed50cadd15551e48742086343f38e66824c811da982ee

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/inc/fonts/shopkeeper-icon-font/style.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 688
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2438), with no line terminators
Size:   688
Md5:    994d436a5be203877393660d43c99698
Sha1:   d1d660b83861e909fb551007dc1d84c2fa65fe49
Sha256: e419bd3a56a6ebf69da60046d33ab9ccbad1e7942faaff57ab8b80d364d669a4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Nov 2022 13:59:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 369
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   369
Md5:    dbcd09a3eec932ec409e4ec8fbffa7b6
Sha1:   f724362a7bdb90c1cf61345f62d850a36c8f5f89
Sha256: 68f6368451e1d8425b5ae218adae92a05128177bb6b5eb380e4c05179184fb99
                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/gbt-blocks/slider/assets/js/slider.min.js?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (587), with no line terminators
Size:   358
Md5:    fa9f5c652f7fcf132147340b6cb41458
Sha1:   0cb7930816c00fc5532b8a2d220a830154a4efef
Sha256: 040ee7fdf64ea78fd7926e2cd29f3122c183060ed4d39b9e38338683b6e688a5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/woocommerce-colororimage-variation-select/js/slick.js?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Fri, 14 Oct 2022 16:28:43 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 11308
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (53179), with no line terminators
Size:   11308
Md5:    027ed570802c3aee4d2219005206210f
Sha1:   3840c7c16de7279c21b232e71500ecb3c944219f
Sha256: d199dc58cd645c7fa10dd41b0752a539c563ecf5e0b29919da1271b8ecb76b59
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/css/plugins/elementor.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
content-length: 49
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   49
Md5:    4454ec684be920fa618fca2aad20313b
Sha1:   b4b782ebb00a2c0e4ea3fb321255cbba6df9c49b
Sha256: 241d8f1f85b1afed2e82f5a84691b9fefdd944daadde2a9ef308a15ce14053cd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 28 Nov 2022 17:16:32 GMT
cache-control: max-age=0
expires: Tue, 29 Nov 2022 07:25:45 GMT
date: Tue, 29 Nov 2022 07:25:45 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (28987)
Size:   65827
Md5:    1ca1222b3f71a6749ea8711245ef749f
Sha1:   ebfb36ee0707b1d29eae413eaa2b9a34a7bba2c4
Sha256: 9220eca9cfdfa78ce5b831896b54c01de05e7bda3c5d5e2e55ace96749cebd70

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-woocommerce-enhanced.js?ver=1.16.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Nov 2022 13:59:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7134
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   7134
Md5:    6b64cd5075e4ad3530ebc81d1623f76d
Sha1:   f4d6ad81d1f30dbf73cbcf5199f3bb9bb8918b57
Sha256: 247a71fb47949653a23be91620f17a856c94e3c1b7cdc0e751e6ecedee56a099
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/css/vendor/animate.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4573
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47988), with no line terminators
Size:   4573
Md5:    f502cc6cf6d0f4d9576a5d51cc089a33
Sha1:   bd1297d779a45e22bd706b2f0809842f30c0b33b
Sha256: fbe8b9abdd25e67716da3340f7b53a2499bac1bc716e89c95541416b704be961

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /gtm.js?id=GTM-5ZN8CZH HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
expires: Tue, 29 Nov 2022 07:25:46 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10574)
Size:   80358
Md5:    908fc4f534ab7363159f7ed0c04ff73e
Sha1:   e36435728b62208a03c53d31bd129148ab3f8ecb
Sha256: d5a847b27c68d36ca98747bac4223ba346f6cf850c4eeaeb19cc845d0c82a14d
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 794
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2139), with no line terminators
Size:   794
Md5:    29307e8dec33cf3411ca4e1f2c84e9d0
Sha1:   484402289464d7ffb1475827f3438329d520bfc6
Sha256: a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/custom-menu/assets/js/custom-menu.js?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1113
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C++ source, ASCII text
Size:   1113
Md5:    31728f09b6c3b2e1817b04878d6842d2
Sha1:   ddc9d34111f47a3dfb96623953500360395d5f1d
Sha256: 0bbcb9242ba603fba6469b99264c6f912a7d2839df7f03d8f173c3d7e0fb1b57
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1088
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (3029), with no line terminators
Size:   1088
Md5:    3fffd1b8f00bf4175aaf1831974a4e4c
Sha1:   7f16ab9253c92a528f1f8cb20bee07128ce67048
Sha256: 3eeb166e786db324c70ef63628846f825951748a76d0de97c719189a0ab555c3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-woocommerce-classic.js?ver=1.16.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Nov 2022 13:59:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 526
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   526
Md5:    32606ef8c2063d1c971c6a3601e78c7d
Sha1:   8f6227e3e4c22a5fb1a61c7dffa40382cd797f7f
Sha256: 5f302499371486e704fdf5d0bfa916422e1a2c532ebc2fc3a409df996d775493

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.10.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:06:08 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2368
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16016)
Size:   2368
Md5:    668a0d412baa9b4670ee4fbbcf0a983e
Sha1:   ab523a90c606851247a770ac2f1ddc40bd5719c5
Sha256: 1607581656028837dfe98f88a6629a72033041c8e4f1651635d0a37a1fed87e2
                                        
                                            GET /wp-content/cache/min/1/wp-content/themes/shopkeeper/css/vendor/swiper.min.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4394
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17905), with no line terminators
Size:   4394
Md5:    80c7955d3e9d884c056a9e24000fa0f6
Sha1:   409dd8d62b174eda1b32e46116efba8d15762eba
Sha256: 194b8f8e7a86be224ce27c9901ecdb32b435e9e8095894324f0f9269ac64e4f3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/cache/min/1/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=1669044650 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:30:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 44283
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65359)
Size:   44283
Md5:    f3ebedada8a7ae91027afb791b512eb4
Sha1:   414016e1b40d80a4ff02962701d083d4e7f1cf55
Sha256: 738f0b74f9a5b2309a2ee5c7c7a10a718777d3a0b3cc17f9a8ad8fb855b2dbda
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.10.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:06:08 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 374
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   374
Md5:    99f478aea66ce928c3dda9ab3a0dbbb3
Sha1:   29bb3e5ccb81defba6cf1749768f4c57533e261a
Sha256: 44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 982
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1668)
Size:   982
Md5:    e66463f2023b738680c9bdefece69a37
Sha1:   315dc8e6ebdfb18c662851244ee33e2758ad3c83
Sha256: fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/inc/notifications/classic/assets/js/classic-notifications.js?ver=2.9.98 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 711
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   711
Md5:    93e0ec301182ed13bd49892c9be3d8f8
Sha1:   8fdb431985f1b72560bdce66d77007e4cbbc0df8
Sha256: 33841675c6178641f9e2e41d695d72a9c437980079b65ce79518cc764618b2c3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-contact-form-7-tracker.js?ver=1.16.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Nov 2022 13:59:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 614
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   614
Md5:    66bf6d26dedc8be6096cbf6747792f75
Sha1:   9c9748e1049bac0d6f24d1aff453d066689ae6ec
Sha256: d8fae577bc988634ffd7358ff663c72fa847dd54c3cb2291ee2cc51cc2adbac9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:29:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5009
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5009
Md5:    e6624e0b978e6ddba476be41aaaa82df
Sha1:   822e920d8233072110ed7c8a7f379e5b13209b18
Sha256: dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:29:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7097
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   7097
Md5:    fc922a895f5f92269c928556b67564f6
Sha1:   8759e1f16a826dd6dd73f4161a65a79a049c4d6f
Sha256: d7445c88608e9da487d81ef5167866c42ff1099b5f48efda4b5f5ac41aa7d9b8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-vimeo.js?ver=1.16.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Nov 2022 13:59:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1153
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1153
Md5:    78f5966353bdcc9e89d82d8a33d8309b
Sha1:   1a52aaaae350447a5a5d28dbce03149f2a210eab
Sha256: c7a9ebe84550c34ba8c983e17f488e1caaa253279447d23372a5c14e925ac432
                                        
                                            GET /wp-content/plugins/wpforms/assets/js/utils.min.js?ver=1.7.8 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 10 Nov 2022 19:58:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 150
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   150
Md5:    14e97c0bd8b30f6184d7b9b0de3b62dc
Sha1:   052e2d09afda94db181e7b410ef3c49567350896
Sha256: cf50cfaa42eabf7e33d6b7214e8965573e33b17b60420352789410639c9c80aa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3496
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9111)
Size:   3496
Md5:    f6004c12128ba678a6ab8fafb9cb1d61
Sha1:   a023d537a3273176524815baca3f2c42cc601a3c
Sha256: e516f66f227db9eb26f5bec7605f4647680979c10c9bb61ac1654ccbf7e348af

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getuglysweaters.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 494294
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=7.1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 21596
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64041)
Size:   21596
Md5:    4d607fb51f48bbaf54e728d279cfb528
Sha1:   4e84fb4d975336c83ab60d7e63ab94a7a368ac47
Sha256: c1ab3103facb42a01127016f188b3624d74ca28dd6adfd2c0fe72a7b9dc9e278
                                        
                                            GET /wp-includes/js/wp-util.min.js?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:29:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 756
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391)
Size:   756
Md5:    838aa5f64f258023c2f4ced3125cc12e
Sha1:   0f9ba4eee7038506d01a6e741b16324ffb347fda
Sha256: 8212000a2ae7888dec134e6a079a16c19d71f6bcd0924384abb16027325ed218

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getuglysweaters.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16696
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:32:15 GMT
expires: Tue, 28 Nov 2023 19:32:15 GMT
cache-control: public, max-age=31536000
age: 42811
last-modified: Mon, 15 Aug 2022 18:16:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16696, version 1.0\012- data
Size:   16696
Md5:    851255bc75bbde5522202bc66bca47ad
Sha1:   aa7ef04a80507e95574269c293361d9c89d76dc1
Sha256: e7cba74abd33c24cef9652915738c63c891c517e3f407d0894f11a7aec9c015e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/woocommerce/assets/fonts/star.woff HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://getuglysweaters.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=1669044650
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: font/woff
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
content-length: 1304
cache-control: max-age=10368000
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, CFF, length 1304, version 1.0\012- data
Size:   1304
Md5:    335cbf607c55aa32fd06809d1f9eb127
Sha1:   e70dd0cd93614997e251f26477ea815435981e19
Sha256: d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.16.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Nov 2022 13:59:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1499
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1499
Md5:    889b2fdb287d37761000d6b536b4d4d9
Sha1:   8ddd49b99a0fbf7e616f1c2555885c737031b5c5
Sha256: 8709f6c47fbafd5398b20f6f6b4041abffbc0596dffce3d7df5e35c6c339a838

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/inc/search/assets/js/search.js?ver=2.9.98 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6743
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   6743
Md5:    89f61b1ad0e68f468cc87eab3d2192aa
Sha1:   9ec70f9c2e825fce513f5c29162763e253719f5b
Sha256: fe39eaf4e76bc64f6f2afbe5e0bb4192c87f87f37fc81207d07a1a140ce6d1c3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/js/vendor/velocity.min.js?ver=1.0.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 17672
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48504)
Size:   17672
Md5:    f79fff4cba9ef88c363be897a11c92e3
Sha1:   eaebca14bde248f512988d5d406d16950fd0f2db
Sha256: b338aa52896314801441a76c70bc6c629401f03b56f67c4b29d9749092868b6b
                                        
                                            GET /wp-content/themes/shopkeeper/style.css?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 504
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (416)
Size:   504
Md5:    dbb1b53dbb1c9ccbe810c4546d834aa9
Sha1:   38647d40a7ad348aef001e610da6ca648b2f652d
Sha256: 319dd720d3c187563ba8b0d7c78e8f7fd57b4416b329a2fef29eebd4be57b22b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/js/plugins/woo-swatches.js?ver=2.9.98 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 160
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   160
Md5:    cf83476bfaf3951232a64c3242457eff
Sha1:   e3b6b76f555ee0b6eef4ad8126d1bcf721e3788e
Sha256: e3b1f2154803115b66fc7f7d13caea632a490aa0e3a5857d5325718e959716f5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/yith-woocommerce-added-to-cart-popup-premium/assets/js/wacp-frontend.min.js?ver=1.8.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 18 Oct 2021 14:37:28 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2492
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7715), with no line terminators
Size:   2492
Md5:    c5aecd1a437de7f2b9efd28d23524894
Sha1:   7f2f8a2a265097cbe8ef61e12c8e5c240310de4d
Sha256: 8e3f0951cc7e8dd442cc2a58de1d9ce3323460e000066c4100c6a13b618f9e33

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/js/vendor/easyzoom.min.js?ver=2.5.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1510
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3958)
Size:   1510
Md5:    3efb79fcf5aec206bfdf9c21e71579fa
Sha1:   6e6cdd8824bbbd17df3830c04fe52805c3ebaef1
Sha256: ddef60748364a1233ff04edb065be1f989e5aae525ae1bc780b7d7c7899eddc4
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3648
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13880), with no line terminators
Size:   3648
Md5:    7bd9ac0901226327e38d4ba6f9184327
Sha1:   d570c9be7f18ef2819614243c21151c19a0c6ceb
Sha256: 7418b1b9031fc621c84efcccc3606814b2c4f0070a736dbb8d3cb6096aae37db
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.10.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:06:08 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2813
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8853)
Size:   2813
Md5:    bfbdca93ba95323d2d8a1420298f8429
Sha1:   5838f907c4898a5b092f4edd88190b2798f1a3c8
Sha256: 8a10fc2a3464e3c3a6d0015197004d70ebcb22c493bab35ac0bd23f5aa415722

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/js/vendor/jquery.touchSwipe.min.js?ver=1.6.18 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5047
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19969)
Size:   5047
Md5:    a2dfa17efbc41f00192ac5eb5b18e3eb
Sha1:   419d826c86f3fe9bbd6a975b5ae524583f23fb68
Sha256: 5dfc974784a2f743d969d70ceff88933759b34df2aeadc55427bfd0fd4c095e0
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:06:08 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5640
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19831)
Size:   5640
Md5:    794f45f20ef660275855f7a871029731
Sha1:   31a6df4ab0a36748c70fe457fa9a644c6f723912
Sha256: e07cab2b3d7e05d157f35afc6218f59cf8f95d6bdd2b08e216dddf6d7726b611

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wpforms/assets/js/wpforms.min.js?ver=1.7.8 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 10 Nov 2022 19:58:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 9728
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32390), with no line terminators
Size:   9728
Md5:    d83832699472c6cc74d71d8e4bc1895e
Sha1:   1e26a69a4a0b6611cb653257224c7143026fea17
Sha256: 212f7cdd80c9f154dfa7b24f78b17991f90c83207657b1ff71b613212a500ba9
                                        
                                            GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:29:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 10894
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (36548)
Size:   10894
Md5:    24a3c154c4525d9ee113368f9d371cae
Sha1:   e1d30defe9efd5dd186b93a53e649ece31f31d44
Sha256: 624e56b58253e82aad5449eeb077e0f9938c23544d38dc5c7c48f19ea5c02773
                                        
                                            GET /wp-content/plugins/wpforms/assets/lib/punycode.min.js?ver=1.0.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 10 Nov 2022 19:58:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 872
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1713), with no line terminators
Size:   872
Md5:    4adc658d402a2c0976b369c9e943e55c
Sha1:   e02f490b57aab672851608efa137014391b2c04e
Sha256: 1eeb3ac5f14869f7f7a8c29512b20fd07d85c873fc45ea6f2999148f52f8d9d0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wpforms/assets/lib/mailcheck.min.js?ver=1.1.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 10 Nov 2022 19:58:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1682
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (4014), with no line terminators
Size:   1682
Md5:    378928a458b9a32d539470fb4bcaf34e
Sha1:   e9a05c4b7e7e2b0d73263fde1293d4d35322b3d7
Sha256: 2bb2847ddf8e0657812fb17dc13b557139710483131d346c5b543876558b1e68
                                        
                                            GET /wp-content/plugins/yith-woocommerce-added-to-cart-popup-premium/assets/js/perfect-scrollbar.min.js?ver=1.8.2 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 18 Oct 2021 14:37:28 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5276
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17749)
Size:   5276
Md5:    bd24ca4cb6dc81ee7c10c03134371d6d
Sha1:   4f4311a39a997b013b15f45677f212942b490e7c
Sha256: ab366d29ac6ffa290ff1ee957855177b9a0ed1e0dab56c3ec74da6624249c6a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wpforms/assets/lib/jquery.validate.min.js?ver=1.19.5 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 10 Nov 2022 19:58:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7919
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24463)
Size:   7919
Md5:    7686bf7d0d4280692ea650de370e069d
Sha1:   d4a3ba958ef791331a26fd5944933e5a1a26c796
Sha256: 02e5f01fedb060b7659a0501e59884f0d396f45ad192f7e974da119ee6f0850a
                                        
                                            GET /wp-content/uploads/2016/01/GUS-4-3.jpg HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 10 Nov 2020 23:11:00 GMT
accept-ranges: bytes
content-length: 71451
cache-control: max-age=10368000, public
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 350x435, components 3\012- data
Size:   71451
Md5:    9b8248729bd3fa478d137257f67ff0d4
Sha1:   de2d41248a9fc1f87bbec0b77a504d13e327e534
Sha256: bf378196d1dd5fa146d6273e88afd889d80d8cc40a2e847b78fb082890a4591f
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 08 Nov 2022 22:24:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1039
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2938), with no line terminators
Size:   1039
Md5:    45db3d2887c26700a51bf469e3bb3aa1
Sha1:   d070b5fb53d2fbb66964bbfd482270b855d0ee96
Sha256: 1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/shopkeeper/js/vendor/fresco.min.js?ver=2.3.0 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 16260
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65351)
Size:   16260
Md5:    cf5ed77240a904c6ea12207d06e6cb96
Sha1:   197fa772859fde9d17b3ba6f923d122ec9c5831e
Sha256: 597f5cbeec94d0ed567e0cd7ce0ff1ed00db4ec461cb0d7db1969f4e0dba82a5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2017/10/GUS-12-3.jpg HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 10 Nov 2020 22:33:11 GMT
accept-ranges: bytes
content-length: 113788
cache-control: max-age=10368000, public
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 350x435, components 3\012- data
Size:   113788
Md5:    d1e4671cfecd973e7e685e5e120761ed
Sha1:   a5db91b736a43e27e56896c097b795865e3b82ee
Sha256: ef48d7dc18b16aa672e27f8339e6b8da14c8435064b6e263b3a327973f210462
                                        
                                            GET /wp-content/uploads/2017/10/GUS-13-1.jpg HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 10 Nov 2020 22:36:04 GMT
accept-ranges: bytes
content-length: 94696
cache-control: max-age=10368000, public
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 350x435, components 3\012- data
Size:   94696
Md5:    9ddf0da9dce9f60089b708daf3345293
Sha1:   70b05a6776c52179f0a602d5d6502d5a115aaa74
Sha256: 055020aa2903d61309a71f26a117d6f5b6440e5b44861ea9b3f6f65ba1dab2aa
                                        
                                            GET /wp-content/uploads/2017/05/GUS-3-6.jpg HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 10 Nov 2020 23:09:21 GMT
accept-ranges: bytes
content-length: 91588
cache-control: max-age=10368000, public
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 350x435, components 3\012- data
Size:   91588
Md5:    b7fc8c93578661e667484b7b94e1c78c
Sha1:   9727bbbaeb4435a6661adf1ee6702e74c962882f
Sha256: 21ff6ed5620aa76454ab7d3b90290ff49c83cf7469350e0b53a948c0429ddc05
                                        
                                            GET /afterpay-1.x.js?ver=3.5.0 HTTP/1.1 
Host: js.afterpay.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.80.2
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 07:25:46 GMT
x-amz-id-2: q/0XBXqgoR7PMo/IZSrz8fxBs3WRoaIgcgfk/I3DPO94nDg9laPIDl1Jhcu0XbkdWeet8prCR2s=
x-amz-request-id: X9DTX1RA8J73MTBC
last-modified: Tue, 18 Oct 2022 00:55:15 GMT
etag: W/"2a6827247769d1d1362ce03cb7f2476a"
cf-cache-status: HIT
age: 501
expires: Tue, 29 Nov 2022 08:25:46 GMT
cache-control: public, max-age=3600
set-cookie: __cf_bm=S3zuwMTMmoA_fafm1i7w2K3tTjeVz32rvNq7nVMjxwc-1669706746-0-ASS62Y381STMkrwjilN4HK491ZMu1lyXq67vWdNQT4ePIW99aUbP5KvI64Hw0Y5/z16BExX2cuiaHwCH/CRm/YoKxxoxrIpE43CaiFWPcwom; path=/; expires=Tue, 29-Nov-22 07:55:46 GMT; domain=.afterpay.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77199c7bb97eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65463)
Size:   168548
Md5:    de529b4f19f710b46e47a1ecda32f47c
Sha1:   301d406e56bf9bf6bf80567060333e41b3dc994a
Sha256: 265fa60f1858492afdfaea0963c622859139fbcd73f5c0bb8ffc6ad00acf336e
                                        
                                            GET /wp-content/uploads/2017/11/GUS-7-3.jpg HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 10 Nov 2020 21:48:50 GMT
accept-ranges: bytes
content-length: 113345
cache-control: max-age=10368000, public
expires: Wed, 29 Mar 2023 07:25:46 GMT
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 350x435, components 3\012- data
Size:   113345
Md5:    49025b8d883771efc42844fdce31034b
Sha1:   3fefaffd2f58af15c5f76d52cb3cd503584b82de
Sha256: 7707a2a8c960c2541e5c7b8c4b9c205a01e7f2106ff4d1e8a60ee5e03fe8b382
                                        
                                            GET /wp-content/themes/shopkeeper/js/scripts.js?ver=2.9.98 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 12301
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12301
Md5:    c182e8f05f72e17fcf4cdef563b4c6b3
Sha1:   22e7b496ed8cf344e48cecc51ec4382e3ef4014f
Sha256: 468c792f347735214cb7acf2416ea30463b3801584095238e02cc4f8281931cc
                                        
                                            GET /wp-content/themes/shopkeeper/js/vendor/isotope.pkgd.min.js?ver=v3.0.6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:54:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 9847
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019)
Size:   9847
Md5:    f23be9b893032a9a3beeb61008b659d6
Sha1:   0ae8ca6e11fa6299c409f7155c39a6fbefa3dd0b
Sha256: c343a4923a7dfc3451f05434f6061f4f46f14774867a9dfbd7d0965ff54236c4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/yith-woocommerce-affiliates-premium/assets/js/yith-wcaf.min.js?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 18 Oct 2021 14:37:38 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2452
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8122), with no line terminators
Size:   2452
Md5:    8ba292b014791da76fbf1272dab07176
Sha1:   b5f9b5ff0165fc7f0faa825387f6d4b7d36a4a0b
Sha256: c101c7eb449aa1ed4c709fda171e2007867dcf74341a3bf89b3ed366f88b6d51
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1834
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1834
Md5:    951ae46ca55ec7b0e401e2074bdf8b54
Sha1:   64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
Sha256: fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/shopkeeper-extender/includes/custom-menu/assets/js/TweenMax.min.js?ver=e6f2a57e6f998a234178495e5b39e7f6 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 13:57:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 39642
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32043)
Size:   39642
Md5:    1d9aca623f46a9ef961cdc350d8c4e46
Sha1:   b8ac188d7c264009e56e44953e222e20ce862633
Sha256: 60a4f4751af6c5fc785b003238ec1e1f6de66594b73ce11ea14ac700c284869f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1 
Host: getuglysweaters.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getuglysweaters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.183.28.147
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 21 Nov 2022 15:29:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 29 Nov 2023 07:25:46 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7311
date: Tue, 29 Nov 2022 07:25:46 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18798)
Size:   7311
Md5:    3f92fc0fb188799b432341421df6cfde
Sha1:   09041f63af89e1164a53dec66eb7b2ac1dc58ba6
Sha256: