edinburghh3.com/
199.34.228.155301 Moved Permanently 235 B IP 199.34.228.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 528a11dfc4144d6b328bd94f6374d3a2
70d344a7747798f9e0ebdaa46906a451b312c2e9
e0f8a99df0aaceab772fdf5dc5e333d81f48c3cc81214e84b644c3c5196a90fe
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Feb 2023 12:50:00 GMT
Server: Apache
Location: http://www.edinburghh3.com/
Content-Length: 235
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 50ffd49bee3840941f9fc33baca23aad
2ff715abc76ea138eff267a64f26eb2dc6365b4a
ff8709095d9b5a7d90ff10b31a6a9d2e071b42e215641d30dce6de6a782bffd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF8709095D9B5A7D90FF10B31A6A9D2E071B42E215641D30DCE6DE6A782BFFD6"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15355
Expires: Sun, 19 Feb 2023 17:05:55 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 5539e12eac82ed8486057f67e18231d3
866778ccdac94dbeff9bc217d4a057079ee71b2a
d82a876ba46480f2caa20e2112941bfb461bdb03e882949b347abb9e8006705f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82A876BA46480F2CAA20E2112941BFB461BDB03E882949B347ABB9E8006705F"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11577
Expires: Sun, 19 Feb 2023 16:02:57 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LLj0x/AqmQ5eMins4e9Q776t65LecJhPFkDGGgZU9tnbAlEnxbU2jPbz0w0BEjlGJK+001dSFIc=
x-amz-request-id: DZEB00BZ9TNSC21B
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Feb 2023 12:21:55 GMT
age: 1685
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash a8eb9ef0e70ae4265bbf91de7e9dd715
2caab4ae5a9926f1759f181b9ddd796b7f8b3f48
8953e8a5e0fb0d772270a5790c8fbe4ca2d093515c7a96753afa6e0b05c09a10
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8953E8A5E0FB0D772270A5790C8FBE4CA2D093515C7A96753AFA6E0B05C09A10"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6779
Expires: Sun, 19 Feb 2023 14:42:59 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 43 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e57e84cbdbb69d8fccc093db570b2ee2
c29ac2fadf37e7796136e7c1d1610f721d06bf51
0d4611aea91685771ce1d859d09613bd43587654093748f87be236d6857ea479
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: 5q5RDA_wRk8RuVx2Iq4-n2yb1dZyRPu_t0_nQZ1taGKfKeaFtCjuOw==
content-encoding: gzip
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 12:44:13 GMT
age: 347
content-type: application/json
vary: Accept-Encoding
content-length: 43061
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Feb 2023 12:50:00 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 4229cfe19d214d22153fe5833a7b557a
2439958496306a257d266050b4313b9bac51c871
ddfa83afe45b77b508119ac50488a73c3c49a78fa7a64ad983bd4958e0c7a4f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDFA83AFE45B77B508119AC50488A73C3C49A78FA7A64AD983BD4958E0C7A4F9"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9234
Expires: Sun, 19 Feb 2023 15:23:54 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Feb 2023 12:37:55 GMT
content-type: application/json
age: 725
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.edinburghh3.com/
199.34.228.155301 Moved Permanently 358 B IP 199.34.228.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b99d74d48d3b448ea286d39f59955104
65e036ebd0f0cfa463a8988c272f3d72ee7e7d66
96df5094c4b10aec78f9b9c840fe1776b941dc205cbce8abcd96389ec669fd82
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Feb 2023 12:50:01 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.edinburghh3.com
Vary: X-W-SSL,User-Agent
Location: https://www.edinburghh3.com/
X-Host: blu81.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 358
Keep-Alive: timeout=10, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Feb 2023 12:20:33 GMT
age: 1768
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 6964eabceb8fea1d79acb5165e84a912
a271fb7984244fc5c1580a938b4bd21aae37f888
8685404068a6bbe7cb726b81f7ba84e6fbf4597dc99803d186280f94635663ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8685404068A6BBE7CB726B81F7BA84E6FBF4597DC99803D186280F94635663AB"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3191
Expires: Sun, 19 Feb 2023 13:43:12 GMT
Date: Sun, 19 Feb 2023 12:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 290adaef41676a2924639c25ecf49a7a
4a3aa093c5714fc59300f6c5cddcda17cb7210e1
e36ffc61756bd3db22cf45fa5efbfac0c1435f628a0d167e1bb933228a32b9d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E36FFC61756BD3DB22CF45FA5EFBFAC0C1435F628A0D167E1BB933228A32B9D3"
Last-Modified: Fri, 17 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 19 Feb 2023 18:50:01 GMT
Date: Sun, 19 Feb 2023 12:50:01 GMT
Connection: keep-alive
push.services.mozilla.com/
52.88.101.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.101.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kxr3+eCRdvLCCYR+wp7esw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: np4DpsNDEqZKmbYz2w+gnfbDkp8=
www.edinburghh3.com/
199.34.228.155200 OK 12 kB IP 199.34.228.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3723), with CRLF, LF line terminators
Hash acc63632e4572799faf87f8a2e3cf5cd
2527ba32f1248a81b2117c9fb66257028034d1c0
3b8f7192893f6aeb6be27938e0ced1ccce7899fdc6bd063e999fb12822100dde
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 12:50:01 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.edinburghh3.com
language=en; expires=Sun, 05-Mar-2023 12:50:01 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"9f53128696a0fb24b40c212f7ceea4fe-gzip"
Content-Encoding: gzip
X-Host: grn84.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11566
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/old/fancybox.css?1676659918
151.101.1.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1676659918
IP 151.101.1.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 17 Feb 2023 16:29:18 GMT
etag: "63efab5e-f47"
expires: Fri, 03 Mar 2023 18:55:00 GMT
cache-control: max-age=1209600
x-host: grn99.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10070-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 1
x-timer: S1676811002.124136,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1676659918
151.101.1.46200 OK 1.4 kB URL HTTP/2 cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1676659918
IP 151.101.1.46:0
File type ASCII text, with very long lines (3600), with no line terminators
Hash 121a5b9688d8e70ee7bb06cc79491f76
3a28220baa7d8879270c8311bed7dddefa7e43e9
181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
GET /js/site/footerSignup.js?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:29:35 GMT
etag: "63efab6f-e10"
expires: Fri, 03 Mar 2023 18:54:58 GMT
cache-control: max-age=1209600
x-host: blu113.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150903
x-served-by: cache-sjc10052-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 32, 430
x-timer: S1676811002.126433,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
151.101.1.46200 OK 9.7 kB URL HTTP/2 cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP 151.101.1.46:0
File type PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Hash 6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdujQNpHaXULXK5hWOudOsrFbrCOJBmkXkf6lNHnzHxB1q3PphW4yFVZQbxms7rfGEwEu0IdDaAyLbpAPqDN6NvCrqCgiKDD
cache-control: public, max-age=86400, s-maxage=259200
expires: Thu, 06 Oct 2022 22:59:09 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
content-type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
via: 1.1 varnish
age: 49354
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 14540
x-timer: S1676811002.126128,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1676659918
151.101.1.46200 OK 159 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1676659918
IP 151.101.1.46:0
File type ASCII text, with very long lines (32007)
Size 159 kB (158982 bytes)
Hash c21d75280f52dcc8183f032627fb619c
0512c8f160b0d0842c1ce9b020ade68ef8120a04
9e9fb70dc252c27c63ac4b0b99bea392abeb327cb6155e6b9fd27372be72e617
GET /js/site/main-customer-accounts-site.js?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:29:35 GMT
etag: "63efab6f-825b0"
expires: Fri, 03 Mar 2023 18:54:59 GMT
cache-control: max-age=1209600
x-host: grn66.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150903
x-served-by: cache-sjc10049-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 54, 2
x-timer: S1676811002.124712,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158982
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1676659918
151.101.1.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1676659918
IP 151.101.1.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 17 Feb 2023 16:29:12 GMT
etag: W/"63efab58-347ac"
expires: Fri, 03 Mar 2023 18:54:58 GMT
cache-control: max-age=1209600
x-host: blu106.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10063-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 42
x-timer: S1676811002.128506,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/jquery-1.8.3.min.js
151.101.1.46200 OK 34 kB URL HTTP/2 cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP 151.101.1.46:0
File type ASCII text, with very long lines (65483)
Hash 67a5a77f65f13559b3d723829f2e0108
5e861ec7c2993abffc3591d6132c47bc7cdc3e98
ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 20:25:25 GMT
etag: "63e2b3b5-16dc4"
expires: Tue, 21 Feb 2023 23:08:14 GMT
cache-control: max-age=1209600
x-host: grn38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 999708
x-served-by: cache-sjc10032-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 31, 7580
x-timer: S1676811002.127740,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1676659918
151.101.1.46200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1676659918
IP 151.101.1.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:29:35 GMT
etag: "63efab6f-74804"
expires: Fri, 03 Mar 2023 18:54:59 GMT
cache-control: max-age=1209600
x-host: grn39.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10077-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 29, 1
x-timer: S1676811002.131264,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash f32284b4b2dca4668235d9720aed7981
d65f02017124d524771258a8d185d0dcebc6d891
ae003d74ade364e87a8d00bd1a1ae30bb8863ddccdbc74fc69c1cf81809a2447
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8C6C0710E1F5C0E9BA4B0D8313517AE099CF6BB1"
Expires: Mon, 20 Feb 2023 00:00:00 GMT
Last-Modified: Sun, 19 Feb 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2643
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bf203bcc33b524-OSL
www.edinburghh3.com/files/templateArtifacts.js?1676727725
199.34.228.155200 OK 1.6 kB URL HTTP/1.1 www.edinburghh3.com/files/templateArtifacts.js?1676727725
IP 199.34.228.155:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Phishing
GET /files/templateArtifacts.js?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu14.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Sun, 19 Feb 2023 15:48:08 GMT
Date: Sun, 19 Feb 2023 12:50:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Sun, 19 Feb 2023 15:48:08 GMT
Date: Sun, 19 Feb 2023 12:50:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Sun, 19 Feb 2023 15:48:08 GMT
Date: Sun, 19 Feb 2023 12:50:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29708d8e10e6bc039586f2a8a10f637c
85cd9f0cae9cfdb20e3bbe25fe681c949c7faa8a
2b7188f98c0f97b9727cc787e4a97252eb17688b752d70a53c221a0b75827ff5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3760
x-amzn-requestid: 4223c443-c23b-4a5c-9cdd-2a3a70d149f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfVxHpvoAMF5sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145be-26c57127510e9aa344aa73f5;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3--2w0-nw89aSSay4r2vcTasKAjuVqB5GASQSekT_0Ex8tC1iOCAPw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:53:52 GMT
age: 53771
etag: "85cd9f0cae9cfdb20e3bbe25fe681c949c7faa8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K3teFfj79RPIRVaLUr5b2XMz3Jb5g8AeZCce6ZAAZmjOSJWr1QIsNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 15:50:17 GMT
age: 75586
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.edinburghh3.com/uploads/9/2/5/2/9252544/9045033.png
199.34.228.155200 OK 41 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/9045033.png
IP 199.34.228.155:0
File type PNG image data, 250 x 312, 8-bit/color RGBA, non-interlaced\012- data
Hash df064bc3d7c43793621027025cc353d4
c03c03e79c7a2ffce170df4e6919e3f70ba25417
c64fc2f746e60755e0cc68f0a0781edb5c1d26c3a44d520a16231940b6a7e888
GET /uploads/9/2/5/2/9252544/9045033.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: image/png
Content-Length: 41332
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:42:55 GMT
x-rgw-object-type: Normal
ETag: "df064bc3d7c43793621027025cc353d4"
x-amz-request-id: tx0000000000000734e9a4e-0063e93ac0-c67eadd-sfo1
X-Storage-Bucket: zc64f
X-Storage-Object: c64fc2f746e60755e0cc68f0a0781edb5c1d26c3a44d520a16231940b6a7e888
X-Host: grn137.sf2p.intern.weebly.net
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc871eb2d-7988-403d-be39-e2b0932eaede.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc871eb2d-7988-403d-be39-e2b0932eaede.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 725d5875c48c8b014d7f55324a6e894f
ebac057ff8a8ad7c097369f0aa2f8cacd8cae06b
103f91934102ac9deb0448de1b2044acba3fc3c1599e460c0f54920958e66f0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc871eb2d-7988-403d-be39-e2b0932eaede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11384
x-amzn-requestid: a8e08458-da0d-47f6-a521-358b36fe922b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfUjEt6IAMFsIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145b6-49a56fa82e5aadfa03b6e022;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OTuRrRbRrMyR4VZhRxS27f914iOjYOEwaw2CyEC7Aw3_a1qFkMM7xA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:53:52 GMT
etag: "ebac057ff8a8ad7c097369f0aa2f8cacd8cae06b"
content-type: image/jpeg
age: 53771
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b9d8b33f5612e1bf93f6736973766d8
220ce699083537964b1bb8859c4d94ee47f04213
a102991c1ecd60a483f083b72096dd4fccbdf68951f2c453fbf849954ebdc9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8118
x-amzn-requestid: 7a6bad9e-f7de-48ff-a7b6-812f265fe8af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjffAExyIAMF9DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145f9-4efc5e4622fb1d482f0c4663;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 579r7yXBoSk1W50bPxCF8A2r31obx025ohBk3ltpxb1i5eRYEEv-ug==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:56:12 GMT
age: 53631
etag: "220ce699083537964b1bb8859c4d94ee47f04213"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ffb72b6-613b-40fd-bb5b-fc19350878a6.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ffb72b6-613b-40fd-bb5b-fc19350878a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2fb5c797382364954ba2c843a9afbcc
6a10b383ffdd71cd4a870ef5e12368d5d0e7d4dd
8a04857636b850d671ae4c217af3ec1f68b76da33ccc10850cf16fa25bb17c5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ffb72b6-613b-40fd-bb5b-fc19350878a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7727
x-amzn-requestid: 91559a90-004c-4d39-b107-ad92870466ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AbHgkGRWIAMFSYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63edec69-63f5138a741d4a9f333bb7cc;Sampled=0
x-amzn-remapped-date: Thu, 16 Feb 2023 08:42:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N7gIJq2POAzQM7aNaH_xkv8Rfmg0_zwPk5CLTPAMuR8gi082W-Ak7A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 22:38:57 GMT
age: 51066
etag: "6a10b383ffdd71cd4a870ef5e12368d5d0e7d4dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef70c3e-4b67-4d2b-af6b-006893df8126.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef70c3e-4b67-4d2b-af6b-006893df8126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 766ccbe82a51d13658a0deb97b5c0ec0
435ab39e34a7359a9ed434c864d407fb33a3a6ef
4cab8d3bf8475812f4f7d499aed985bf8451a684a68a8e9407aeaa9a6696e931
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef70c3e-4b67-4d2b-af6b-006893df8126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8030
x-amzn-requestid: 9102300b-a9dc-4217-a6a1-e466fd6afa0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfeXE8kIAMFy2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145f5-4f768c4e77de2cc060c4976d;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b-QdxhlYT-VxgKf3fh-fKsah_6QsXFML4kSq-Q8wZYsGfZyDEMh93w==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:53:46 GMT
age: 53777
etag: "435ab39e34a7359a9ed434c864d407fb33a3a6ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 802dfa5c8d5d5fc162a3850bf53647c0
4b3b90d770557e9803de31d16e55ed8ee10cb75c
a0cbf6cdb36cb16f36d4e3b1652fa3a756a8b428519f736aec12cbe93b6184e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?_=1676811002982
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1676811002982
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 61528f87bc619dc1651c50dbe59bef65
da28ca3199ea9bbad3891014b80c2e9172fce73a
a0b5d93845a5c4077e9c6392002ed0e816e8e0e01f1b0bee485f419c6644aa06
GET /recaptcha/api.js?_=1676811002982 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 19 Feb 2023 12:50:03 GMT
date: Sun, 19 Feb 2023 12:50:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 652e0fa59c5baeae693cb48f05a866fa
7336989ad39144fcdee7397f40dcd4697134c1e5
6b7bb317df6b5abdb2803d133e63ee8b1383d30c6403eb8650e013255c6f0227
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edinburghh3.com/files/theme/container_top.gif?1676727725
199.34.228.155200 OK 2.3 kB URL HTTP/1.1 www.edinburghh3.com/files/theme/container_top.gif?1676727725
IP 199.34.228.155:0
File type GIF image data, version 89a, 979 x 68\012- data
Hash 766093383dee459539c8cd9ae5532570
54d2004b3fb0bec4b910a3746bafec730d530c57
d484be83dab00940c261851158e0ac90c5924c4c9e9cd30551ffcf2f23c3314d
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/container_top.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 2296
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:39 GMT
ETag: "766093383dee459539c8cd9ae5532570"
x-amz-request-id: tx000000000000001f54871-005eab18c1-1100fc6-las
X-Storage-Bucket: zd484
X-Storage-Object: d484be83dab00940c261851158e0ac90c5924c4c9e9cd30551ffcf2f23c3314d
X-Host: grn50.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/tnh23_orig.jpg
199.34.228.155200 OK 68 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/tnh23_orig.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 534x387, components 3\012- data
Hash 43856d11b3e9dd54e3a5b4589f96eb64
518c2371f619d27fdbb0e99872d302e9a743d5a7
b1a952c217283977cdf610ffa37ca3a0d0f5db4366b3c87617e69a6d4d8020f5
GET /uploads/9/2/5/2/9252544/tnh23_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: image/jpeg
Content-Length: 67787
Connection: keep-alive
Last-Modified: Wed, 13 Jul 2022 10:56:49 GMT
x-rgw-object-type: Normal
ETag: "43856d11b3e9dd54e3a5b4589f96eb64"
x-amz-request-id: tx000000000000073ce7cad-0063e8c780-c699baa-sfo1
X-Storage-Bucket: zb1a9
X-Storage-Object: b1a952c217283977cdf610ffa37ca3a0d0f5db4366b3c87617e69a6d4d8020f5
X-Host: grn24.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/published/shakes.jpg?1604496978
199.34.228.155200 OK 1.4 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/published/shakes.jpg?1604496978
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 157x43, components 3\012- data
Hash 8d228eb9c27ac957c448c8731129ac0d
762fdf6aacc359f086866ca381f0d09ea7292bf6
85cf57d5d3af1cc41250a1a89fc15b1fb4cb2871f0d80fc7fac85c805c13c19e
Analyzer Verdict Alert fortinet Phishing
GET /uploads/9/2/5/2/9252544/published/shakes.jpg?1604496978 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 1379
Connection: keep-alive
Last-Modified: Wed, 04 Nov 2020 13:36:18 GMT
x-rgw-object-type: Normal
ETag: "8d228eb9c27ac957c448c8731129ac0d"
x-amz-request-id: tx000000000000077da0746-0063ef3daf-c669cc6-sfo1
X-Storage-Bucket: z85cf
X-Storage-Object: 85cf57d5d3af1cc41250a1a89fc15b1fb4cb2871f0d80fc7fac85c805c13c19e
X-Host: blu41.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/files/theme/social-grey.png?1676727725
199.34.228.155200 OK 6.5 kB URL HTTP/1.1 www.edinburghh3.com/files/theme/social-grey.png?1676727725
IP 199.34.228.155:0
File type PNG image data, 253 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash ca3d7d40634d021212b2a4dbe024356b
d51f8ed2e1a54a92beedbd761ce95fc630f5b03a
99749b82a8923ef5e99244d5cae08dc5205e0a87ae3a9383230cf3c25461b290
GET /files/theme/social-grey.png?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png; charset=binary
Content-Length: 6530
Connection: keep-alive
Last-Modified: Tue, 29 Mar 2022 17:53:57 GMT
x-rgw-object-type: Normal
ETag: "ca3d7d40634d021212b2a4dbe024356b"
x-amz-request-id: tx000000000000002395206-006284f4c5-b9fbc63-sfo1
X-Storage-Bucket: z9974
X-Storage-Object: 99749b82a8923ef5e99244d5cae08dc5205e0a87ae3a9383230cf3c25461b290
X-Host: blu152.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/_8357901.gif
199.34.228.155200 OK 5.3 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/_8357901.gif
IP 199.34.228.155:0
File type GIF image data, version 89a, 76 x 122\012- data
Hash b20ea105468092108ae66a595171130d
18842f7307f4b8abad9aa89145f5abb1c8f69b33
1fd7131fd1b22ed0043482326c921c3b93989bb464efffd64657312a75e7060c
GET /uploads/9/2/5/2/9252544/_8357901.gif HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif
Content-Length: 5297
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:42:46 GMT
x-rgw-object-type: Normal
ETag: "b20ea105468092108ae66a595171130d"
x-amz-request-id: tx00000000000007670da7e-0063eefcfa-c6aed46-sfo1
X-Storage-Bucket: z1fd7
X-Storage-Object: 1fd7131fd1b22ed0043482326c921c3b93989bb464efffd64657312a75e7060c
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/_3512971_orig.png
199.34.228.155200 OK 3.7 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/_3512971_orig.png
IP 199.34.228.155:0
File type PNG image data, 207 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b4d3f1898310b49e43056b0528144dc
deefe60e1450ac21cf3a7b0cf53577039ba54028
7b98146cd8702de54239a729f164ecf041f586894d5614fea5fe6184eead94bb
GET /uploads/9/2/5/2/9252544/_3512971_orig.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png
Content-Length: 3745
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:43:08 GMT
x-rgw-object-type: Normal
ETag: "3b4d3f1898310b49e43056b0528144dc"
x-amz-request-id: tx000000000000077ecab4e-0063eefac2-c695612-sfo1
X-Storage-Bucket: z7b98
X-Storage-Object: 7b98146cd8702de54239a729f164ecf041f586894d5614fea5fe6184eead94bb
X-Host: blu147.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.155200 OK 348 B URL HTTP/1.1 www.edinburghh3.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.155:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.edinburghh3.com
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en; _snow_ses.b2ed=*; _snow_id.b2ed=48bba910-cff4-43b6-91ef-dc0c1e8c117e.1676811003.1.1676811003.1676811003.9343e9db-7d37-4565-b49c-df264ef17281
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 12:50:03 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu59.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: application/json
www.edinburghh3.com/files/theme/bg_fade.gif?1676727725
199.34.228.155200 OK 4.6 kB URL HTTP/1.1 www.edinburghh3.com/files/theme/bg_fade.gif?1676727725
IP 199.34.228.155:0
File type GIF image data, version 89a, 52 x 319\012- data
Hash de54920fd594dd8d5600891be77c7001
d628080a092f97cc63a1c6c04c28d11bad0d035d
fd7ebe25a6a68196eaad1e30bf8a4adabf30ec026762aaef2f96d54b9d8730e4
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/bg_fade.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 4618
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:37 GMT
x-rgw-object-type: Normal
ETag: "de54920fd594dd8d5600891be77c7001"
x-amz-request-id: tx0000000000000209ce600-0063582c0a-c6aed46-sfo1
X-Storage-Bucket: zfd7e
X-Storage-Object: fd7ebe25a6a68196eaad1e30bf8a4adabf30ec026762aaef2f96d54b9d8730e4
X-Host: blu122.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash ee8deb1af3e0fe7d76f85b7af0913d07
25c677985079f1d9038ca72328de44fbf9a5bf12
24a0c55548ec7c627d752b2fb0b945d5fec4469fe319b016d258e8afbf76dfd0
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 19 Feb 2023 12:50:03 GMT
Last-Modified: Sun, 19 Feb 2023 11:56:03 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4LiEfkEtVeJ_v64-EnmEY6dZnBT_agx416wZHEP3ItWEkL5MFDWmLw==
Age: 3240
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash ee8deb1af3e0fe7d76f85b7af0913d07
25c677985079f1d9038ca72328de44fbf9a5bf12
24a0c55548ec7c627d752b2fb0b945d5fec4469fe319b016d258e8afbf76dfd0
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 19 Feb 2023 12:50:03 GMT
Last-Modified: Sun, 19 Feb 2023 12:21:56 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vcheBUj-2MjY710oOWKhIsz73jmv9koWLXo3vHx3kvUxg0iDSK1tXQ==
Age: 1687
www.edinburghh3.com/files/theme/container_middle.gif?1676727725
199.34.228.155200 OK 1.8 kB URL HTTP/1.1 www.edinburghh3.com/files/theme/container_middle.gif?1676727725
IP 199.34.228.155:0
File type GIF image data, version 89a, 979 x 86\012- data
Hash 3c1d828e9e86610e35b10c8c21b282f7
31dc45f2f40540a60c67902211e8ab63a874eb71
399dcac0a20312508df73590f20d07c5140d3f45fb10bd6f18baa494b42612d0
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/container_middle.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 1797
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
ETag: "3c1d828e9e86610e35b10c8c21b282f7"
x-amz-request-id: tx000000000000001f945f4-005eab1a30-1100fc6-las
X-Storage-Bucket: z399d
X-Storage-Object: 399dcac0a20312508df73590f20d07c5140d3f45fb10bd6f18baa494b42612d0
X-Host: grn39.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/files/theme/container_fade.gif?1676727725
199.34.228.155200 OK 6.3 kB URL HTTP/1.1 www.edinburghh3.com/files/theme/container_fade.gif?1676727725
IP 199.34.228.155:0
File type GIF image data, version 89a, 979 x 298\012- data
Hash 6ac99572d55e85b65b906b066644b621
a32962bc899f8c2ec6a27ff1e35342b98087ac42
a9a3c0d7ed606f51a86958c6fc9f9935f7a3d33697860e4fc1480ec1f0114734
GET /files/theme/container_fade.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 6265
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
ETag: "6ac99572d55e85b65b906b066644b621"
x-amz-request-id: tx000000000000000dfe7a7-005ea3b248-10e20e2-las
X-Storage-Bucket: za9a3
X-Storage-Object: a9a3c0d7ed606f51a86958c6fc9f9935f7a3d33697860e4fc1480ec1f0114734
X-Host: grn24.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/files/theme/field.png?1676727725
199.34.228.155200 OK 149 B URL HTTP/1.1 www.edinburghh3.com/files/theme/field.png?1676727725
IP 199.34.228.155:0
File type PNG image data, 5 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash 75ca98a284650ab482c9256e5609e371
6325c898af731351d7aaf12124a720ac34349514
1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808
GET /files/theme/field.png?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png; charset=binary
Content-Length: 149
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 00:23:32 GMT
x-rgw-object-type: Normal
ETag: "75ca98a284650ab482c9256e5609e371"
x-amz-request-id: tx000000000000001b05a35-0062847d57-b9fbc77-sfo1
X-Storage-Bucket: z1f98
X-Storage-Object: 1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808
X-Host: grn137.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/files/theme/button.png?1676727725
199.34.228.155200 OK 2.0 kB URL HTTP/1.1 www.edinburghh3.com/files/theme/button.png?1676727725
IP 199.34.228.155:0
File type PNG image data, 400 x 209, 8-bit/color RGBA, non-interlaced\012- data
Hash b7a42ea7dba5c23c5479b3835b7456ac
35ea5c46ec312071d5e68ffabb04f486ecf2ffb6
3ebda7e0c961b23b337d356767ab277bcf1265305dca996acc6fc189d697d7ba
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/button.png?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png; charset=binary
Content-Length: 2030
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
x-rgw-object-type: Normal
ETag: "b7a42ea7dba5c23c5479b3835b7456ac"
x-amz-request-id: tx00000000000004c1ae06f-0063a07e47-c696eea-sfo1
X-Storage-Bucket: z3ebd
X-Storage-Object: 3ebda7e0c961b23b337d356767ab277bcf1265305dca996acc6fc189d697d7ba
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/nznh23_orig.jpg
199.34.228.155200 OK 57 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/nznh23_orig.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 887x800, components 3\012- data
Hash e7f36a33c5dd7cef910349d0da919a46
7dd7b842ce888e5aa03790e00dedbdeb35b018a0
20c2fd174868edea8e9cb3cae45ff63209b1d5c6d66db6f735fb37cb03963213
GET /uploads/9/2/5/2/9252544/nznh23_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 56994
Connection: keep-alive
Last-Modified: Fri, 19 Feb 2021 12:13:38 GMT
x-rgw-object-type: Normal
ETag: "e7f36a33c5dd7cef910349d0da919a46"
x-amz-request-id: tx000000000000053d5c9cd-0063b0267b-c696eea-sfo1
X-Storage-Bucket: z20c2
X-Storage-Object: 20c2fd174868edea8e9cb3cae45ff63209b1d5c6d66db6f735fb37cb03963213
X-Host: blu25.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/files/theme/container_bottom.gif?1676727725
199.34.228.155200 OK 2.8 kB URL HTTP/1.1 www.edinburghh3.com/files/theme/container_bottom.gif?1676727725
IP 199.34.228.155:0
File type GIF image data, version 89a, 979 x 31\012- data
Hash cc9eca9b17e3172d00c57c4303e7ff0a
b2efaa773f63bb2742812d8582c832e7d248cca3
181ff546dfac2a5fa99170c99582e674e5ece397717dbfce4dcec1503ad6bf05
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/container_bottom.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 2833
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
x-rgw-object-type: Normal
ETag: "cc9eca9b17e3172d00c57c4303e7ff0a"
x-amz-request-id: tx0000000000000253cc0b1-0062bc614b-b9fbc20-sfo1
X-Storage-Bucket: z181f
X-Storage-Object: 181ff546dfac2a5fa99170c99582e674e5ece397717dbfce4dcec1503ad6bf05
X-Host: blu142.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/6294829_orig.jpg
199.34.228.155200 OK 6.0 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/6294829_orig.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 180x180, components 3\012- data
Hash e80cdd2e3f16dcbe15b9ef2e81a32337
8b61a137dac366601d5583d25b88ebb406d158c1
0bbd10b9cda1d5cac0b2320d6501b51b0ce6e4b69a1dd25e4d4aed1dfffdbc6c
GET /uploads/9/2/5/2/9252544/6294829_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 6029
Connection: keep-alive
Last-Modified: Mon, 28 Jan 2019 09:48:03 GMT
x-rgw-object-type: Normal
ETag: "e80cdd2e3f16dcbe15b9ef2e81a32337"
x-amz-request-id: tx000000000000066996fb7-0063d101e8-c699baa-sfo1
X-Storage-Bucket: z0bbd
X-Storage-Object: 0bbd10b9cda1d5cac0b2320d6501b51b0ce6e4b69a1dd25e4d4aed1dfffdbc6c
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.208.136.5200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.208.136.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.edinburghh3.com/
Origin: https://www.edinburghh3.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Feb 2023 12:50:03 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.edinburghh3.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
www.edinburghh3.com/uploads/9/2/5/2/9252544/hc-logo_orig.jpg
199.34.228.155200 OK 26 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/hc-logo_orig.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x512, components 3\012- data
Hash 3c98461270888a0a18aae0a340f08e83
f926ab93ad1801eca42d17a8790f1289c64b2d31
e445e7e2834d88f94407ee4d2139019d863cb068425c2d220fdb0da8dfd3f590
GET /uploads/9/2/5/2/9252544/hc-logo_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 25805
Connection: keep-alive
Last-Modified: Wed, 13 Jul 2022 10:49:42 GMT
x-rgw-object-type: Normal
ETag: "3c98461270888a0a18aae0a340f08e83"
x-amz-request-id: tx0000000000000779685bc-0063ef3edc-c696eea-sfo1
X-Storage-Bucket: ze445
X-Storage-Object: e445e7e2834d88f94407ee4d2139019d863cb068425c2d220fdb0da8dfd3f590
X-Host: grn137.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.208.136.5200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.208.136.5:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1788
Origin: https://www.edinburghh3.com
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Feb 2023 12:50:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=66ee14ed-e430-4e4c-b3d4-49940a8b8b6c; Expires=Mon, 19 Feb 2024 12:50:03 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.edinburghh3.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.edinburghh3.com/uploads/9/2/5/2/9252544/yh3_orig.jpg
199.34.228.155200 OK 20 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/yh3_orig.jpg
IP 199.34.228.155:0
File type JPEG image data, progressive, precision 8, 251x320, components 3\012- data
Hash 223be09fae8e2db6f3100a91c44ca213
142dc56923ce07fe3f702f2844bf6f565f5b2320
7ff03a8b48cac28d5687158047107c889a2e6de5891668bc0c5228f7527f8a89
GET /uploads/9/2/5/2/9252544/yh3_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 19915
Connection: keep-alive
Last-Modified: Tue, 27 Aug 2019 12:49:36 GMT
x-rgw-object-type: Normal
ETag: "223be09fae8e2db6f3100a91c44ca213"
x-amz-request-id: tx000000000000076ff38bf-0063ee4f00-c699baa-sfo1
X-Storage-Bucket: z7ff0
X-Storage-Object: 7ff03a8b48cac28d5687158047107c889a2e6de5891668bc0c5228f7527f8a89
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/nz-2024_orig.jpg
199.34.228.155200 OK 28 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/nz-2024_orig.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 395x395, components 3\012- data
Hash a58e500cdcaa3307aa7f9c667fcbf726
8d7cca3f4babfdd6df969294ad1ac4b18a10c670
c521a5ebfa831482471cc5c18514fe5b3aa0e4ff9604935830ec94dea05fab74
GET /uploads/9/2/5/2/9252544/nz-2024_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 27526
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 10:58:57 GMT
x-rgw-object-type: Normal
ETag: "a58e500cdcaa3307aa7f9c667fcbf726"
x-amz-request-id: tx00000000000007744cbc1-0063eea1ae-c696eea-sfo1
X-Storage-Bucket: zc521
X-Storage-Object: c521a5ebfa831482471cc5c18514fe5b3aa0e4ff9604935830ec94dea05fab74
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/header_images/1334865204.jpg
199.34.228.155200 OK 144 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/header_images/1334865204.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 920x259, components 3\012- data
Size 144 kB (143855 bytes)
Hash 876f82f06c9f250fc34d583287953424
0c13943e692ee354ce0aeee98ac64430f2bccaa5
386fb65141392f1460f60cb1d21ca6a93489a187ec24a1666efc2a82d48a90db
GET /uploads/9/2/5/2/9252544/header_images/1334865204.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 143855
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:43:27 GMT
x-rgw-object-type: Normal
ETag: "876f82f06c9f250fc34d583287953424"
x-amz-request-id: tx000000000000073a61d6e-0063ea5c09-c6aed46-sfo1
X-Storage-Bucket: z386f
X-Storage-Object: 386fb65141392f1460f60cb1d21ca6a93489a187ec24a1666efc2a82d48a90db
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/_7803139.jpg
199.34.228.155200 OK 8.6 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/_7803139.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 159x164, components 3\012- data
Hash 20db15942d5d8e2511ca26b1b22bf7a7
550587fac0291a759dd47c7cfc0367dc2531b846
8753718b34df5e96c63a6ee3e61e32f529c26a3e2d05c1b06004651d677b9bfd
GET /uploads/9/2/5/2/9252544/_7803139.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/jpeg
Content-Length: 8613
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:45:04 GMT
x-rgw-object-type: Normal
ETag: "20db15942d5d8e2511ca26b1b22bf7a7"
x-amz-request-id: tx0000000000000766f01a9-0063eef998-c6aed46-sfo1
X-Storage-Bucket: z8753
X-Storage-Object: 8753718b34df5e96c63a6ee3e61e32f529c26a3e2d05c1b06004651d677b9bfd
X-Host: blu67.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/_7938246.jpg
199.34.228.155200 OK 1.6 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/_7938246.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 87x87, components 3\012- data
Hash b0f08fffd83fd826648ccc2435f97026
0ffb16842c39afa6ef9733f6a80277f77847b2c3
6f2b555edbbc0a2f28173970b86463d4087dd7e0a07cc488729a4e9f8c5310bf
GET /uploads/9/2/5/2/9252544/_7938246.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/jpeg
Content-Length: 1601
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:43:31 GMT
x-rgw-object-type: Normal
ETag: "b0f08fffd83fd826648ccc2435f97026"
x-amz-request-id: tx000000000000076d772c7-0063efc803-c6aed46-sfo1
X-Storage-Bucket: z6f2b
X-Storage-Object: 6f2b555edbbc0a2f28173970b86463d4087dd7e0a07cc488729a4e9f8c5310bf
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/uk-on-sec_orig.jpg
199.34.228.155200 OK 55 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/uk-on-sec_orig.jpg
IP 199.34.228.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1100x640, components 3\012- data
Hash 95083fa2fcb348b6d031826f4b19d21a
6b38e74b64b06866d080bf34206d72c6214bcd59
2f2d9d7839c316bc6e7edc6ff90e054438bf663b5cf20a8bbb4a92bf8e140656
GET /uploads/9/2/5/2/9252544/uk-on-sec_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 54643
Connection: keep-alive
Last-Modified: Thu, 29 Nov 2018 12:07:08 GMT
x-rgw-object-type: Normal
ETag: "95083fa2fcb348b6d031826f4b19d21a"
x-amz-request-id: tx0000000000000764d459d-0063ec9908-c669cc6-sfo1
X-Storage-Bucket: z2f2d
X-Storage-Object: 2f2d9d7839c316bc6e7edc6ff90e054438bf663b5cf20a8bbb4a92bf8e140656
X-Host: blu14.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/events3_orig.png
199.34.228.155200 OK 55 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/events3_orig.png
IP 199.34.228.155:0
File type PNG image data, 187 x 182, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bf86262972f2a770531ce9cd6a5f087
88db5271465ecfc86d56df47ca5fee2e008d4ecb
fd81efab1f3f84bc4caff5bc903cb17116e4647581987589f5eda4042f291c3a
GET /uploads/9/2/5/2/9252544/events3_orig.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png
Content-Length: 55012
Connection: keep-alive
Last-Modified: Wed, 30 Sep 2020 11:59:41 GMT
x-rgw-object-type: Normal
ETag: "3bf86262972f2a770531ce9cd6a5f087"
x-amz-request-id: tx0000000000000766f00c2-0063eef997-c6aed46-sfo1
X-Storage-Bucket: zfd81
X-Storage-Object: fd81efab1f3f84bc4caff5bc903cb17116e4647581987589f5eda4042f291c3a
X-Host: grn39.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/_5615539_orig.gif
199.34.228.155200 OK 5.1 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/_5615539_orig.gif
IP 199.34.228.155:0
File type GIF image data, version 89a, 220 x 220\012- data
Hash a1673c854474b2ed26820f42f4d0f13f
c2301081db55c21cb7f2e42cc69bc0198c035a06
1e53a20a8314eab49626949ec57052bc83d11bb310fc7dcbb8121f40e8d4779e
GET /uploads/9/2/5/2/9252544/_5615539_orig.gif HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/gif
Content-Length: 5132
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:42:46 GMT
x-rgw-object-type: Normal
ETag: "a1673c854474b2ed26820f42f4d0f13f"
x-amz-request-id: tx0000000000000772ea71b-0063ee1f58-c669cc6-sfo1
X-Storage-Bucket: z1e53
X-Storage-Object: 1e53a20a8314eab49626949ec57052bc83d11bb310fc7dcbb8121f40e8d4779e
X-Host: blu147.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a6e5d93e6ff78ff0040d571937410c78
ec1b36fe7fb5f6cc3b41d50bcddc3199dbac8969
f14addd83ab95ac7ad8b7340db9c82f4bc03f5fa9781ec9923485f17dbb101ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
216.58.211.8200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 216.58.211.8:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 19 Feb 2023 12:41:40 GMT
expires: Sun, 19 Feb 2023 14:41:40 GMT
cache-control: public, max-age=7200
age: 504
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (557)
Size 165 kB (164853 bytes)
Hash bde872ce764ca70494c65b6b34a1c88e
27e1b13cd255fac03519429a0efdd797671eacde
2fff53e7a1bb12f09930778b6f6c0142f048b1a03068cf775ceebaa28072898b
GET /recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.edinburghh3.com
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164853
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Feb 2023 07:26:32 GMT
expires: Mon, 19 Feb 2024 07:26:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 19412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a6e5d93e6ff78ff0040d571937410c78
ec1b36fe7fb5f6cc3b41d50bcddc3199dbac8969
f14addd83ab95ac7ad8b7340db9c82f4bc03f5fa9781ec9923485f17dbb101ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edinburghh3.com/favicon.ico
199.34.228.155200 OK 4.3 kB URL HTTP/1.1 www.edinburghh3.com/favicon.ico
IP 199.34.228.155:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
GET /favicon.ico HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en; _snow_ses.b2ed=*; _snow_id.b2ed=48bba910-cff4-43b6-91ef-dc0c1e8c117e.1676811003.1.1676811003.1676811003.9343e9db-7d37-4565-b49c-df264ef17281
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001ac862e-0062847767-b9fbc20-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu137.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.edinburghh3.com/uploads/9/2/5/2/9252544/logoeu2023_orig.png
199.34.228.155200 OK 226 kB URL HTTP/1.1 www.edinburghh3.com/uploads/9/2/5/2/9252544/logoeu2023_orig.png
IP 199.34.228.155:0
File type PNG image data, 494 x 449, 8-bit/color RGBA, non-interlaced\012- data
Size 226 kB (226444 bytes)
Hash decf4bd9fb262996f1f4fcc2d5fe1148
411821202fd62a66df52f10c1efe2c0dd490e743
3aa6d9e8577fff009a27291907cec0fa86a83f33003725a52595f328936ec5d2
GET /uploads/9/2/5/2/9252544/logoeu2023_orig.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png
Content-Length: 226444
Connection: keep-alive
Last-Modified: Sat, 25 Sep 2021 12:37:38 GMT
x-rgw-object-type: Normal
ETag: "decf4bd9fb262996f1f4fcc2d5fe1148"
x-amz-request-id: tx000000000000073fe3cb6-0063e9245e-c699baa-sfo1
X-Storage-Bucket: z3aa6
X-Storage-Object: 3aa6d9e8577fff009a27291907cec0fa86a83f33003725a52595f328936ec5d2
X-Host: blu41.sf2p.intern.weebly.net
Accept-Ranges: bytes
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1676659918&
151.101.1.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1676659918&
IP 151.101.1.46:0
GET /js/lang/en/stl.js?buildTime=1676659918& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:28:08 GMT
etag: "63efab18-2c2d4"
expires: Fri, 03 Mar 2023 18:54:58 GMT
cache-control: max-age=1209600
x-host: blu117.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10029-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 12
x-timer: S1676811002.130359,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32837
X-Firefox-Spdy: h2