r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18618
Expires: Sun, 18 Sep 2022 15:57:33 GMT
Date: Sun, 18 Sep 2022 10:47:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 10:12:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zGOCT9bR3Fsn42Nw7sd_D0OQnJ_81X2rR8wJszlvHpPm-poQ9UsqLQ==
Age: 2111
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UMQMO-dqAozqbwuyAnP0o0HTeR1ZZbncwwL0io8P5QoSCCJKu8GA9g==
age: 26192
X-Firefox-Spdy: h2
beautynbeauty.store/
198.187.29.149301 Moved Permanently 707 B IP 198.187.29.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 18 Sep 2022 10:47:15 GMT
server: LiteSpeed
location: https://beautynbeauty.store/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:47:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 10:00:54 GMT
Expires: Sun, 18 Sep 2022 10:57:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lNJXFnZBmU3TugnOcYEx9K9t51fn1LKNkFZUgrU62Rdc_ieEUxKpuw==
Age: 2782
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8bc90e06c23d38e3597895c4fda1c1ed
66ed1868bb626e6e184dead8f528abc60983f994
fad817874ebcaad2d221488fb3b85d73b7d9077a1521346fdce7427aa54dad08
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:47:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 08:11:16 GMT
Expires: Thu, 22 Sep 2022 08:11:15 GMT
Etag: "66ed1868bb626e6e184dead8f528abc60983f994"
Cache-Control: max-age=335638,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74c980a78b420b02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2436
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:47:16 GMT
Last-Modified: Sun, 18 Sep 2022 10:06:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +2wInT5A9pd1uX7MMhLzzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: daqZlh8022FPbDN0PW6wGIFsfbo=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:47:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:47:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beautynbeauty.store/
198.187.29.149200 OK 75 kB IP 198.187.29.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23985)
Hash 91eea35b01752cd7a1bab7ddcad005fc
bfc00ac501fff214720e3e710912cbe799d3f354
1da385f8fdb8bc56aa62811e55cb719c1389813354745ce0c5bff6f42980c196
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://beautynbeauty.store/wp-json/>; rel="https://api.w.org/"
etag: "765-1663444003;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 75220
date: Sun, 18 Sep 2022 10:47:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/css/admin-bar.min.css?ver=6.0.2
198.187.29.149200 OK 3.6 kB URL HTTP/2 beautynbeauty.store/wp-includes/css/admin-bar.min.css?ver=6.0.2
IP 198.187.29.149:0
File type ASCII text, with very long lines (20247)
Hash 60124a7542cbb0e84fece33e91d6c804
f65593de8e826a1fb4d1d7eb7c58dd1c4560eb96
bac54d067c01ebe0e6f81815285d62574051ed65fc75c4766834c24c6be818cc
GET /wp-includes/css/admin-bar.min.css?ver=6.0.2 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Fri, 04 Feb 2022 23:26:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3627
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
198.187.29.149200 OK 11 kB URL HTTP/2 beautynbeauty.store/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 198.187.29.149:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 21:40:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=10.4.0
198.187.29.149200 OK 241 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (727), with no line terminators
Hash 1e8c4c8e0ce02b39a1bdc5bd6bb05151
466c9afb7c6a5ee3c58cec82ad63502f286416fa
d312d83655542c80506dbcef72f735795e9a9cd940251b81b9b728585cf2fe14
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Sun, 12 Dec 2021 23:00:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 241
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/css/dashicons.min.css?ver=6.0.2
198.187.29.149200 OK 35 kB URL HTTP/2 beautynbeauty.store/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 198.187.29.149:0
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Thu, 04 Mar 2021 07:46:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=10.4.0
198.187.29.149200 OK 501 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (1898), with no line terminators
Hash b0cb35d8ecd0f8b95d780a5fd85dd202
d869d617311afa3b9eb701274d63d681a8a64de9
4c0192fc0ee8e7f8f4d9d83140e01d07cd299b2f7673ef58e7b40e1fd02171dd
GET /wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Sat, 17 Oct 2020 01:57:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 501
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=10.4.0
198.187.29.149200 OK 733 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (3917), with no line terminators
Hash 21d9b1b3e338c59d95e8b456f0a98004
361d84a11f301467fabbed8bf9d6895601cc653b
e080cc117fbe98fff205c0aa6a9c3e43fff3e8cee12cee9725f97252a06013af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Sun, 12 Dec 2021 23:00:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 733
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=10.4.0
198.187.29.149200 OK 180 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (621), with no line terminators
Hash 2bc885e249478ab94adf29c888dfe70e
f7f245007afd137bf3d1e6c8365aa6564f9ca21e
06775b922ad05357e57d6b53efe1158582d3ba3af1165f29d4d5fd96c8e9ee1b
GET /wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Fri, 16 Jul 2021 00:34:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 180
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=10.4.0
198.187.29.149200 OK 436 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (1877), with no line terminators
Hash 29f4b9bc4bbf82783c51b618a7286c99
8e47a7ef1bf5a3c100d76ae2fc4ab1528aa36a53
95c8b1f57c3d7021b686e3b0f588e1824a167c227c203e261bb015c7ab209aa0
GET /wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Fri, 16 Jul 2021 00:34:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 436
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-friends/css/blocks/friends.min.css?ver=10.4.0
198.187.29.149200 OK 180 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-friends/css/blocks/friends.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (621), with no line terminators
Hash 2bc885e249478ab94adf29c888dfe70e
f7f245007afd137bf3d1e6c8365aa6564f9ca21e
06775b922ad05357e57d6b53efe1158582d3ba3af1165f29d4d5fd96c8e9ee1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-friends/css/blocks/friends.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Fri, 16 Jul 2021 00:34:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 180
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-core/css/admin-bar.min.css?ver=10.4.0
198.187.29.149200 OK 371 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-core/css/admin-bar.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (1523), with no line terminators
Hash 28bc246b7e4692c3afdbc3140bbf959e
2657c00efa26def4444f09cded7722766c340936
27c00fb3cfea6f4eb9ffe3ef4fffea32918432ec480878d5a1c4938f88c0bed4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/css/admin-bar.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Fri, 30 Apr 2021 03:09:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 371
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=10.4.0
198.187.29.149200 OK 15 kB URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bff098a277c91d3f2ab83934cbd4c40e
45620695a0cbe9a2bd8c8d856cbce4f695fc2bd0
08d402bfeaf5b0ee4ae97864c3a29764f7f8f97f3af3bf385df269779e599e50
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 01:31:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15312
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
198.187.29.149200 OK 30 kB URL HTTP/2 beautynbeauty.store/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/themes/woostify/style.css?ver=2.1.4
198.187.29.149200 OK 39 kB URL HTTP/2 beautynbeauty.store/wp-content/themes/woostify/style.css?ver=2.1.4
IP 198.187.29.149:0
File type ASCII text, with very long lines (668)
Hash 8ab9a3665c5e894a32e662ebe1bfbfef
54f13962239613b677258782c7aa62a13bfb6439
589372c1d9c56817afb0eb9e0ec0ab508ec6bae04258b63494474ff87122941f
GET /wp-content/themes/woostify/style.css?ver=2.1.4 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: text/css
last-modified: Fri, 19 Aug 2022 15:07:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 39240
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=10.4.0
198.187.29.149200 OK 419 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (1198), with no line terminators
Hash e85083e0f9b403f9afca0978496bb283
b2cbad6eb9d6f49d2136e128dacef617632c0b65
7d8089cb98e4b1f55a575078391fef1a1441f770002630635e00a7f2bd5f16be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Fri, 30 Apr 2021 03:09:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 419
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=10.4.0
198.187.29.149200 OK 1.1 kB URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (2273), with no line terminators
Hash 7c13936e58ea493d0e65b1d8fe717b7c
127c52eb3bbbbec2000d75883b5e6d6af6b2b262
b9fe21c5df50cfaacbba573cc1c83b16571c8393db1e3c39b9d22d313425b098
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Thu, 20 May 2021 23:50:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1094
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=10.4.0
198.187.29.149200 OK 596 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (1229), with no line terminators
Hash ea0ceadf04bafc9880dea1b23ee510ef
1921d90ea22b572374c90ace5f8a5a3fe5181358
5ddf9074c12d30238da31ad384f3ecab42a1b1e937ef0bb81064f0c72b509458
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Fri, 30 Apr 2021 03:09:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 596
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=10.4.0
198.187.29.149200 OK 115 B URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with no line terminators
Hash f33bbdcf433832b8ba5af56d3c9b7d26
a5fe6b89985f2ddb5ba0dcf6805ec269decbe027
378e73954beac5377d9314b7db8969f25d5aaa7546abdf3d09cfd8131e63ba70
GET /wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Fri, 30 Apr 2021 03:09:42 GMT
accept-ranges: bytes
content-length: 115
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.187.29.149200 OK 4.0 kB URL HTTP/2 beautynbeauty.store/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.187.29.149:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/js/admin-bar.min.js?ver=6.0.2
198.187.29.149200 OK 1.3 kB URL HTTP/2 beautynbeauty.store/wp-includes/js/admin-bar.min.js?ver=6.0.2
IP 198.187.29.149:0
File type ASCII text, with very long lines (3513)
Hash 7bd53c39e56f79290efb4d45f280eb4e
45fd52663e060cafd2d680ce85c5d2d7debd466b
5baa3e63652d2905d77a085d430bb0560714e2d81401b9d0dcd0235aadbcbd32
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/admin-bar.min.js?ver=6.0.2 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1265
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/js/hoverintent-js.min.js?ver=2.2.1
198.187.29.149200 OK 665 B URL HTTP/2 beautynbeauty.store/wp-includes/js/hoverintent-js.min.js?ver=2.2.1
IP 198.187.29.149:0
File type ASCII text, with very long lines (1682)
Hash 576bfd8c64e576107caee8eefbaabd58
59981fabdd40673af61d50bf27e124922f41873c
416035bc02de97cd3851d2c0ef7d7df3a8b354b5b356333218c5bb8e6c8a75b8
GET /wp-includes/js/hoverintent-js.min.js?ver=2.2.1 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2019 11:33:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 665
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
198.187.29.149200 OK 4.6 kB URL HTTP/2 beautynbeauty.store/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 198.187.29.149:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/plugins/buddypress/bp-templates/bp-nouveau/js/buddypress-nouveau.min.js?ver=10.4.0
198.187.29.149200 OK 3.5 kB URL HTTP/2 beautynbeauty.store/wp-content/plugins/buddypress/bp-templates/bp-nouveau/js/buddypress-nouveau.min.js?ver=10.4.0
IP 198.187.29.149:0
File type ASCII text, with very long lines (12260), with no line terminators
Hash 2eca1146c0167cfeff8973c26844450f
b57183df61632b478b00f7104dedb4d5576865a0
213b6131e9d47b58404346cf0af751554ccdaafd50b1b81ff549157644676edf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-templates/bp-nouveau/js/buddypress-nouveau.min.js?ver=10.4.0 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Fri, 24 Dec 2021 03:08:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3486
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/themes/woostify/assets/js/general.min.js?ver=2.1.4
198.187.29.149200 OK 1.3 kB URL HTTP/2 beautynbeauty.store/wp-content/themes/woostify/assets/js/general.min.js?ver=2.1.4
IP 198.187.29.149:0
File type ASCII text, with very long lines (4230), with no line terminators
Hash 05dc3471fb3ab9a8e0e59fec42325ec3
a394e9e47ee3337e5b4806c56c4962c83a39817c
7cdcad1bd0abe4606d846ffbc02c3c0825870767c7527fa995938bd20f9876e7
GET /wp-content/themes/woostify/assets/js/general.min.js?ver=2.1.4 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Fri, 19 Aug 2022 15:07:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1296
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beautynbeauty.store/wp-content/themes/woostify/assets/js/navigation.min.js?ver=2.1.4
198.187.29.149200 OK 699 B URL HTTP/2 beautynbeauty.store/wp-content/themes/woostify/assets/js/navigation.min.js?ver=2.1.4
IP 198.187.29.149:0
File type ASCII text, with very long lines (2010), with no line terminators
Hash ffa45e8565637226dd204802cd50a70c
c44391a77474cfb0de422cd7a765c30a384bafc0
a73b869e212e4d5951512c40c18602845305c57981df1f6293c2e9e2aeefc9b5
GET /wp-content/themes/woostify/assets/js/navigation.min.js?ver=2.1.4 HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:47:17 GMT
content-type: application/javascript
last-modified: Fri, 19 Aug 2022 15:07:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 699
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:47:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beautynbeauty.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:32:09 GMT
expires: Thu, 14 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 314108
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:47:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beautynbeauty.store/favicon.ico
198.187.29.149404 Not Found 1.2 kB URL HTTP/2 beautynbeauty.store/favicon.ico
IP 198.187.29.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: beautynbeauty.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 18 Sep 2022 10:47:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2407
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:47:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2407
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:47:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2407
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:47:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 17893
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 12663
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BLfMTudduK95E9WeV9h987RYPa2RjQTtcl6jkjAZxgSWmCfUTnxU4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:43:11 GMT
age: 47047
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37262c30eae5fbad1c94dad74fafb802
be5af1c71574128a2e8a7ed2a71c16e22e4c3df3
1a3ea1fbf9379db8e4c76299359bfd7a8b4a4d6b742cb9a46cea59ba6e008b62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7908
x-amzn-requestid: 6aeb2a22-5a83-4738-85d5-5531bab6a0f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tkHO6IAMFuQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-6e32c6ee146890770e01f6fc;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kng5fgl5ypss37KBsDqDsBhkJ_ZUr2FxyJ7E3jyC9Xhnfjfo_8Ji0A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:10:23 GMT
age: 45415
etag: "be5af1c71574128a2e8a7ed2a71c16e22e4c3df3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JKenU-KwXFVEu-tZnc_yoDis5Lt-2tY0RcjH7ZT592hqp0tIUF25Lg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
age: 46697
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 354c71e744d302c316f492a8fb7642dc
cdf6caf4cd953e7b58bbb5f9a1512a4e3e06b792
f084331bd667f56556170c595391d888391284dbb7c18794d5033d5db1f07715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e47c10c-5801-4548-a632-1dcfbd043a60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7401
x-amzn-requestid: c59249dd-f9cb-4750-8287-65789c57fd77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6J-FaAoAMFZQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d72-6a68d771099a6006717a547f;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gOh04gufveW2WFtszuiJPyX8mDykbsFMpBh8KWSRxQnPSRcZ2fMnHg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:45:30 GMT
age: 46908
etag: "cdf6caf4cd953e7b58bbb5f9a1512a4e3e06b792"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins&display=fallback&ver=2.1.4
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins&display=fallback&ver=2.1.4
IP 142.250.74.10:0
GET /css?family=Poppins&display=fallback&ver=2.1.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beautynbeauty.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 10:47:17 GMT
date: Sun, 18 Sep 2022 10:47:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2