Report - edinburghh3.com/

Report Overview

Submitted URL
edinburghh3.com/
IP
199.34.228.155
ASN
#27647 WEEBLY
Submitted
2023-02-19 12:50:11
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.33.119.10
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.edinburghh3.com	unknown	2014-12-12T21:37:07Z	2023-02-24T18:24:40Z	14 kB	810 kB	199.34.228.155
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.20.226
ssl.google-analytics.com	275	2012-10-02T06:58:30Z	2023-03-13T08:41:35Z	369 B	18 kB	216.58.211.8
cdn2.editmysite.com	11564	2012-10-02T20:27:39Z	2023-03-13T08:33:25Z	3.3 kB	386 kB	151.101.1.46
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	449 B	166 kB	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.88.101.41
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	52 kB	34.120.237.76
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	386 B	1.1 kB	142.250.74.132
ec.editmysite.com	12806	2017-01-29T22:50:35Z	2023-03-13T08:33:26Z	1.0 kB	747 B	34.208.136.5
edinburghh3.com	unknown			347 B	481 B	199.34.228.155
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-13T08:02:38Z	435 B	44 kB	34.120.5.221
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	142.250.74.131
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-13T08:10:39Z	700 B	1.9 kB	54.230.80.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-19	medium	edinburghh3.com/	Phishing
2023-02-19	medium	www.edinburghh3.com/	Phishing
2023-02-19	medium	www.edinburghh3.com/	Phishing
2023-02-19	medium	www.edinburghh3.com/files/templateArtifacts.js?1676727725	Phishing
2023-02-19	medium	www.edinburghh3.com/files/theme/container_top.gif?1676727725	Phishing
2023-02-19	medium	www.edinburghh3.com/uploads/9/2/5/2/9252544/published/shakes.jpg?1604496978	Phishing
2023-02-19	medium	www.edinburghh3.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]	Phishing
2023-02-19	medium	www.edinburghh3.com/files/theme/bg_fade.gif?1676727725	Phishing
2023-02-19	medium	www.edinburghh3.com/files/theme/container_middle.gif?1676727725	Phishing
2023-02-19	medium	www.edinburghh3.com/files/theme/button.png?1676727725	Phishing
2023-02-19	medium	www.edinburghh3.com/files/theme/container_bottom.gif?1676727725	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1676659918	3.6 kB	2023-03-07	2024-04-26
Pretty URL cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1676659918 IP 151.101.1.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 00:51:07 Times Seen4348 Hash 40b81b2d52ba9d2e2c64c31ff6a24cd7 6b5689250661646ecbb841f2475f1556a113373c e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96 Loading...

	cdn2.editmysite.com/js/jquery-1.8.3.min.js	94 kB	2023-03-07	2024-04-26
Pretty URL cdn2.editmysite.com/js/jquery-1.8.3.min.js IP 151.101.1.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-26 03:48:55 Times Seen16290 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

	cdn2.editmysite.com/js/site/main.js?buildTime=1676659918	477 kB	2023-03-07	2023-11-21
Pretty URL cdn2.editmysite.com/js/site/main.js?buildTime=1676659918 IP 151.101.1.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:53 Last Seen2023-11-21 08:41:00 Times Seen899 Hash f88ad9fb085a6c0dc219e8aa282ce47b 28d40d567859f99251bdc3337bafa088224da780 ba97504b136b447bea2ecc59111ba5a63200d2662f92936d0f7c206492b989d8 Loading...

	www.edinburghh3.com/	55 B	2023-03-14	2023-03-14
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:14:06 Last Seen2023-03-14 04:14:06 Times Seen1 Hash e2369f2e5adfb6884821ae173fd7c949 757d9aede7e107e55e4099793216477c095b2bca 517844ef18732e64fe91c3ac69221de80c9139c3563f68d4e3d37d8f51d93903 Loading...

	www.edinburghh3.com/	35 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 00:48:47 Times Seen2946 Hash 13385ea3f3e6184de3bfa80f08fe938b 6f859a2fd4b7e15ed74990516d97a52e7b4eeb20 5e87d85ec57af5d97b6c0d4c6e766afd2b53d077102827d19625a37d8cd11c2d Loading...

	www.edinburghh3.com/	32 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 00:48:47 Times Seen2955 Hash 1bca01edca83d94091a2bb38d7ef8183 d05117e4ab3b3461be3855e95813a5c607e3ca95 fcf1cbf5cfad6d605868f42d38a0a937f5e6eaa91b05dcfbbbc95e4c3e23e528 Loading...

	www.edinburghh3.com/	22 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 00:48:47 Times Seen2277 Hash 9a33cbad7c996ea8903a3eb3332a125c 8efed109b301f8aa0f3768dcd824d669d0129741 5d3b8f4578ca89904a46d014a8433346ca2773e8691f6cc9d09b2b30f0802dbc Loading...

	www.edinburghh3.com/	2.8 kB	2023-03-14	2023-03-14
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:14:06 Last Seen2023-03-14 04:14:06 Times Seen1 Hash d4d388795fd3bca33dfd034e5b8abde9 5918c4ebf3750f02dcb0ae267d646f59cd048bc0 6bb404485c3c8d9cb95a008fc74b38cf09b0e8a0d74296f720fedc92a6e24007 Loading...

	www.edinburghh3.com/	2.3 kB	2023-03-14	2023-03-14
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:14:06 Last Seen2023-03-14 04:14:06 Times Seen1 Hash 5c7b93bfc55e00e772d4f75e3ff7f38d 122815596a9e1bf2ac7f41fceead41f652f4e30c 31b7e3f6a540af332b9118308c956ef8593da2d6bb78cb6edeb8538facc68189 Loading...

	www.edinburghh3.com/	62 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 00:51:06 Times Seen2705 Hash 1afa8234115c6f382672d91917a6fb26 e96957cb655865327588927ebc34d1ae376e9e64 45988af53e17c3bc8103bbe22bd47dd6d2d03d4a90c4116dc0621ab24ff87258 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 04:55:41 Times Seen37083496 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.edinburghh3.com/	398 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 00:51:06 Times Seen79 Hash f3248e4c4191204900f8bc59f9f008c6 8375059f4843cb30c0bd3d17faaf5bfa41a88210 966050198c27c6cc3c6cad0d9726f3e66d72c4288197a29d1ebe0f94372613c0 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 216.58.211.8 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	www.edinburghh3.com/	264 B	2023-03-14	2023-03-14
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:14:06 Last Seen2023-03-14 04:14:06 Times Seen1 Hash 2afab2c5492e9bd01eeb50b8e7a21606 a432d094314f3cf76aee398ca28c89d263ec8cc1 6440adf286282b13695c08b454a01408a79e8acbc80ed93c0d2ac5b32c6b58c9 Loading...

	www.edinburghh3.com/	1.2 kB	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 00:51:06 Times Seen2907 Hash 24449345e209b8641a813eaef44a5244 21617897e4d35717e2e41b766501fbd883a8f16d 3e72636c6cf854c8657ccbf9e03f7af05bd4836066c329417a4f8251bb5d18c1 Loading...

	www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js	414 kB	2023-03-14	2023-03-26
Pretty URL www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:26:15 Last Seen2023-03-26 00:36:11 Times Seen3 Hash 1274e9f1dd81048ddb831ff32e17f520 199d64e872374a95d5b15f6ca701284b13669cba 0ea3ffab2197a506f50340ec177c79ce2c6ebc5d52d683d3b9147be4c3b7252f Loading...

	cdn2.editmysite.com/js/wsnbn/snowday262.js	75 kB	2023-03-07	2024-04-26
Pretty URL cdn2.editmysite.com/js/wsnbn/snowday262.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-26 00:51:07 Times Seen28680 Hash 99bbe560926e583b8e99036251deb783 8d81b73ae06f664f9d9e53dd5829a799bf434491 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3 Loading...

	www.edinburghh3.com/files/templateArtifacts.js?1676727725	7.2 kB	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/files/templateArtifacts.js?1676727725 IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-26 00:48:47 Times Seen3739 Hash ae81ab7069097a055829fb9919258138 7dc529f16fb595bbbfc5937adfe1d0a5cf563f8a 5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af Loading...

	www.edinburghh3.com/	117 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 00:48:47 Times Seen2932 Hash ef142665f07ac27f698aa34d471c4439 b9e0d81f97054a9a0a68f57096d992ba58f33184 fbfd3b11452dce82b76e405100aece37dcfe12df4c71fb8f2bc2fe2166e9f07f Loading...

	www.edinburghh3.com/	1.8 kB	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 00:48:47 Times Seen2929 Hash 563cec0ace2baea4e867b491f66cd6b0 fc4451f8fa76c5d1e3714e9008510633cffaa4f7 e4538493fc4f43f93806d0239acac9b38b0453c8440dc5ba4fcb47eae6ab2556 Loading...

	cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1676659918&	181 kB	2023-03-13	2023-09-17
Pretty URL cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1676659918& IP 151.101.1.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:25:47 Last Seen2023-09-17 22:58:20 Times Seen13 Hash 9206bfdc35931ab8bcc08337bf02d999 eaa628989aad8fe22f39666836356bd500f2e689 457aabd2dda7270dbe54d70d2c4fd97af83c4999158af95392ac7b6746f7ddc0 Loading...

	www.edinburghh3.com/	62 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 00:48:47 Times Seen2941 Hash 461bd236ddeca3b8b6e3cca8599ccb43 73c74d3281452e483c11f944d798738afc7f5b89 aebd4ac1ead5b4987d8b975cafa889ca1a6831175bc206ca9552863e390bc0f1 Loading...

	www.edinburghh3.com/	263 B	2023-03-14	2023-03-14
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:46:18 Last Seen2023-03-14 07:09:28 Times Seen1 Hash dc63208cd5d12be4aae668f0d52ee1ff 50d2537fda230fba50b13610ae3347334c8baa28 67fef5e16f460da8ceaa33ae5f33e31788cad2f701782a085ff9a5344c0cd40f Loading...

	www.edinburghh3.com/	664 B	2023-03-07	2024-04-26
Pretty URL www.edinburghh3.com/ IP 199.34.228.155 ASN #27647 WEEBLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 00:51:06 Times Seen2901 Hash fdd0b895b9cf69a9a4f4817533aa51f5 afc67ab62c3c91df626260407845fc41bf5d895e a50f8a487c23d76460681440220a85a28cdb09912ef451d59aa2b4f47c32aea0 Loading...

	www.google.com/recaptcha/api.js?_=1676811002982	850 B	2023-03-14	2023-03-14
Pretty URL www.google.com/recaptcha/api.js?_=1676811002982 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:32:44 Last Seen2023-03-14 08:19:13 Times Seen1 Hash fa3371959ecba456c6c71a3ceaae9b57 22e6e61149a85dca66606f6dde9153acb207f4b1 b1008ecac0a6329b19971b37be1dd208b600c767b90ae2a8934e80f739c70350 Loading...

HTTP Transactions (74)

URL IP Response Size

edinburghh3.com/

199.34.228.155

301 Moved Permanently

235 B

URL HTTP/1.1
edinburghh3.com/
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
235 B (235 bytes)
Hash
528a11dfc4144d6b328bd94f6374d3a2
70d344a7747798f9e0ebdaa46906a451b312c2e9
e0f8a99df0aaceab772fdf5dc5e333d81f48c3cc81214e84b644c3c5196a90fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Feb 2023 12:50:00 GMT
Server: Apache
Location: http://www.edinburghh3.com/
Content-Length: 235
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
50ffd49bee3840941f9fc33baca23aad
2ff715abc76ea138eff267a64f26eb2dc6365b4a
ff8709095d9b5a7d90ff10b31a6a9d2e071b42e215641d30dce6de6a782bffd6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF8709095D9B5A7D90FF10B31A6A9D2E071B42E215641D30DCE6DE6A782BFFD6"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15355
Expires: Sun, 19 Feb 2023 17:05:55 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5539e12eac82ed8486057f67e18231d3
866778ccdac94dbeff9bc217d4a057079ee71b2a
d82a876ba46480f2caa20e2112941bfb461bdb03e882949b347abb9e8006705f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82A876BA46480F2CAA20E2112941BFB461BDB03E882949B347ABB9E8006705F"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11577
Expires: Sun, 19 Feb 2023 16:02:57 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: LLj0x/AqmQ5eMins4e9Q776t65LecJhPFkDGGgZU9tnbAlEnxbU2jPbz0w0BEjlGJK+001dSFIc=
x-amz-request-id: DZEB00BZ9TNSC21B
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Feb 2023 12:21:55 GMT
age: 1685
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8eb9ef0e70ae4265bbf91de7e9dd715
2caab4ae5a9926f1759f181b9ddd796b7f8b3f48
8953e8a5e0fb0d772270a5790c8fbe4ca2d093515c7a96753afa6e0b05c09a10

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8953E8A5E0FB0D772270A5790C8FBE4CA2D093515C7A96753AFA6E0B05C09A10"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6779
Expires: Sun, 19 Feb 2023 14:42:59 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

43 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (43061 bytes)
Hash
e57e84cbdbb69d8fccc093db570b2ee2
c29ac2fadf37e7796136e7c1d1610f721d06bf51
0d4611aea91685771ce1d859d09613bd43587654093748f87be236d6857ea479

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: 5q5RDA_wRk8RuVx2Iq4-n2yb1dZyRPu_t0_nQZ1taGKfKeaFtCjuOw==
content-encoding: gzip
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 12:44:13 GMT
age: 347
content-type: application/json
vary: Accept-Encoding
content-length: 43061
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 19 Feb 2023 12:50:00 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4229cfe19d214d22153fe5833a7b557a
2439958496306a257d266050b4313b9bac51c871
ddfa83afe45b77b508119ac50488a73c3c49a78fa7a64ad983bd4958e0c7a4f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDFA83AFE45B77B508119AC50488A73C3C49A78FA7A64AD983BD4958E0C7A4F9"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9234
Expires: Sun, 19 Feb 2023 15:23:54 GMT
Date: Sun, 19 Feb 2023 12:50:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Feb 2023 12:37:55 GMT
content-type: application/json
age: 725
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.edinburghh3.com/

199.34.228.155

301 Moved Permanently

358 B

URL HTTP/1.1
www.edinburghh3.com/
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
358 B (358 bytes)
Hash
b99d74d48d3b448ea286d39f59955104
65e036ebd0f0cfa463a8988c272f3d72ee7e7d66
96df5094c4b10aec78f9b9c840fe1776b941dc205cbce8abcd96389ec669fd82

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Feb 2023 12:50:01 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.edinburghh3.com
Vary: X-W-SSL,User-Agent
Location: https://www.edinburghh3.com/
X-Host: blu81.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 358
Keep-Alive: timeout=10, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Feb 2023 12:20:33 GMT
age: 1768
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6964eabceb8fea1d79acb5165e84a912
a271fb7984244fc5c1580a938b4bd21aae37f888
8685404068a6bbe7cb726b81f7ba84e6fbf4597dc99803d186280f94635663ab

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8685404068A6BBE7CB726B81F7BA84E6FBF4597DC99803D186280F94635663AB"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3191
Expires: Sun, 19 Feb 2023 13:43:12 GMT
Date: Sun, 19 Feb 2023 12:50:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
290adaef41676a2924639c25ecf49a7a
4a3aa093c5714fc59300f6c5cddcda17cb7210e1
e36ffc61756bd3db22cf45fa5efbfac0c1435f628a0d167e1bb933228a32b9d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E36FFC61756BD3DB22CF45FA5EFBFAC0C1435F628A0D167E1BB933228A32B9D3"
Last-Modified: Fri, 17 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 19 Feb 2023 18:50:01 GMT
Date: Sun, 19 Feb 2023 12:50:01 GMT
Connection: keep-alive

push.services.mozilla.com/

52.88.101.41

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.101.41:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kxr3+eCRdvLCCYR+wp7esw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: np4DpsNDEqZKmbYz2w+gnfbDkp8=

www.edinburghh3.com/

199.34.228.155

200 OK

12 kB

URL HTTP/1.1
www.edinburghh3.com/
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3723), with CRLF, LF line terminators
Size
12 kB (11566 bytes)
Hash
acc63632e4572799faf87f8a2e3cf5cd
2527ba32f1248a81b2117c9fb66257028034d1c0
3b8f7192893f6aeb6be27938e0ced1ccce7899fdc6bd063e999fb12822100dde

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 12:50:01 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.edinburghh3.com
language=en; expires=Sun, 05-Mar-2023 12:50:01 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"9f53128696a0fb24b40c212f7ceea4fe-gzip"
Content-Encoding: gzip
X-Host: grn84.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11566
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cdn2.editmysite.com/css/old/fancybox.css?1676659918

151.101.1.46

200 OK

1.2 kB

URL HTTP/2
cdn2.editmysite.com/css/old/fancybox.css?1676659918
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3910)
Size
1.2 kB (1218 bytes)
Hash
b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907

HTTP Headers

GET /css/old/fancybox.css?1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 17 Feb 2023 16:29:18 GMT
etag: "63efab5e-f47"
expires: Fri, 03 Mar 2023 18:55:00 GMT
cache-control: max-age=1209600
x-host: grn99.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10070-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 1
x-timer: S1676811002.124136,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1676659918

151.101.1.46

200 OK

1.4 kB

URL HTTP/2
cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1676659918
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3600), with no line terminators
Size
1.4 kB (1372 bytes)
Hash
121a5b9688d8e70ee7bb06cc79491f76
3a28220baa7d8879270c8311bed7dddefa7e43e9
181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40

HTTP Headers

GET /js/site/footerSignup.js?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:29:35 GMT
etag: "63efab6f-e10"
expires: Fri, 03 Mar 2023 18:54:58 GMT
cache-control: max-age=1209600
x-host: blu113.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150903
x-served-by: cache-sjc10052-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 32, 430
x-timer: S1676811002.126433,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
X-Firefox-Spdy: h2

cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png

151.101.1.46

200 OK

9.7 kB

URL HTTP/2
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type
PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Size
9.7 kB (9677 bytes)
Hash
6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

HTTP Headers

GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdujQNpHaXULXK5hWOudOsrFbrCOJBmkXkf6lNHnzHxB1q3PphW4yFVZQbxms7rfGEwEu0IdDaAyLbpAPqDN6NvCrqCgiKDD
cache-control: public, max-age=86400, s-maxage=259200
expires: Thu, 06 Oct 2022 22:59:09 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
content-type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
via: 1.1 varnish
age: 49354
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 14540
x-timer: S1676811002.126128,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1676659918

151.101.1.46

200 OK

159 kB

URL HTTP/2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1676659918
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32007)
Size
159 kB (158982 bytes)
Hash
c21d75280f52dcc8183f032627fb619c
0512c8f160b0d0842c1ce9b020ade68ef8120a04
9e9fb70dc252c27c63ac4b0b99bea392abeb327cb6155e6b9fd27372be72e617

HTTP Headers

GET /js/site/main-customer-accounts-site.js?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:29:35 GMT
etag: "63efab6f-825b0"
expires: Fri, 03 Mar 2023 18:54:59 GMT
cache-control: max-age=1209600
x-host: grn66.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150903
x-served-by: cache-sjc10049-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 54, 2
x-timer: S1676811002.124712,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158982
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/sites.css?buildTime=1676659918

151.101.1.46

200 OK

30 kB

URL HTTP/2
cdn2.editmysite.com/css/sites.css?buildTime=1676659918
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29746 bytes)
Hash
d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e

HTTP Headers

GET /css/sites.css?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 17 Feb 2023 16:29:12 GMT
etag: W/"63efab58-347ac"
expires: Fri, 03 Mar 2023 18:54:58 GMT
cache-control: max-age=1209600
x-host: blu106.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10063-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 42
x-timer: S1676811002.128506,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/jquery-1.8.3.min.js

151.101.1.46

200 OK

34 kB

URL HTTP/2
cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65483)
Size
34 kB (33467 bytes)
Hash
67a5a77f65f13559b3d723829f2e0108
5e861ec7c2993abffc3591d6132c47bc7cdc3e98
ac4ffabaed7382810a3829d812e1a45c77984a1dbfaf7d172c8bc19b3cf68ca6

HTTP Headers

GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 20:25:25 GMT
etag: "63e2b3b5-16dc4"
expires: Tue, 21 Feb 2023 23:08:14 GMT
cache-control: max-age=1209600
x-host: grn38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 999708
x-served-by: cache-sjc10032-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 31, 7580
x-timer: S1676811002.127740,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main.js?buildTime=1676659918

151.101.1.46

200 OK

146 kB

URL HTTP/2
cdn2.editmysite.com/js/site/main.js?buildTime=1676659918
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32147)
Size
146 kB (146400 bytes)
Hash
81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40

HTTP Headers

GET /js/site/main.js?buildTime=1676659918 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:29:35 GMT
etag: "63efab6f-74804"
expires: Fri, 03 Mar 2023 18:54:59 GMT
cache-control: max-age=1209600
x-host: grn39.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10077-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 29, 1
x-timer: S1676811002.131264,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
f32284b4b2dca4668235d9720aed7981
d65f02017124d524771258a8d185d0dcebc6d891
ae003d74ade364e87a8d00bd1a1ae30bb8863ddccdbc74fc69c1cf81809a2447

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8C6C0710E1F5C0E9BA4B0D8313517AE099CF6BB1"
Expires: Mon, 20 Feb 2023 00:00:00 GMT
Last-Modified: Sun, 19 Feb 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2643
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bf203bcc33b524-OSL

www.edinburghh3.com/files/templateArtifacts.js?1676727725

199.34.228.155

200 OK

1.6 kB

URL HTTP/1.1
www.edinburghh3.com/files/templateArtifacts.js?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
exported SGML document, ASCII text, with very long lines (1630)
Size
1.6 kB (1632 bytes)
Hash
e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/templateArtifacts.js?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu14.sf2p.intern.weebly.net
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Sun, 19 Feb 2023 15:48:08 GMT
Date: Sun, 19 Feb 2023 12:50:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Sun, 19 Feb 2023 15:48:08 GMT
Date: Sun, 19 Feb 2023 12:50:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Sun, 19 Feb 2023 15:48:08 GMT
Date: Sun, 19 Feb 2023 12:50:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3760 bytes)
Hash
29708d8e10e6bc039586f2a8a10f637c
85cd9f0cae9cfdb20e3bbe25fe681c949c7faa8a
2b7188f98c0f97b9727cc787e4a97252eb17688b752d70a53c221a0b75827ff5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3760
x-amzn-requestid: 4223c443-c23b-4a5c-9cdd-2a3a70d149f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfVxHpvoAMF5sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145be-26c57127510e9aa344aa73f5;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3--2w0-nw89aSSay4r2vcTasKAjuVqB5GASQSekT_0Ex8tC1iOCAPw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:53:52 GMT
age: 53771
etag: "85cd9f0cae9cfdb20e3bbe25fe681c949c7faa8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6879 bytes)
Hash
9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K3teFfj79RPIRVaLUr5b2XMz3Jb5g8AeZCce6ZAAZmjOSJWr1QIsNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 15:50:17 GMT
age: 75586
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.edinburghh3.com/uploads/9/2/5/2/9252544/9045033.png

199.34.228.155

200 OK

41 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/9045033.png
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
PNG image data, 250 x 312, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (41332 bytes)
Hash
df064bc3d7c43793621027025cc353d4
c03c03e79c7a2ffce170df4e6919e3f70ba25417
c64fc2f746e60755e0cc68f0a0781edb5c1d26c3a44d520a16231940b6a7e888

HTTP Headers

GET /uploads/9/2/5/2/9252544/9045033.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: image/png
Content-Length: 41332
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:42:55 GMT
x-rgw-object-type: Normal
ETag: "df064bc3d7c43793621027025cc353d4"
x-amz-request-id: tx0000000000000734e9a4e-0063e93ac0-c67eadd-sfo1
X-Storage-Bucket: zc64f
X-Storage-Object: c64fc2f746e60755e0cc68f0a0781edb5c1d26c3a44d520a16231940b6a7e888
X-Host: grn137.sf2p.intern.weebly.net
Accept-Ranges: bytes

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc871eb2d-7988-403d-be39-e2b0932eaede.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11384 bytes)
Hash
725d5875c48c8b014d7f55324a6e894f
ebac057ff8a8ad7c097369f0aa2f8cacd8cae06b
103f91934102ac9deb0448de1b2044acba3fc3c1599e460c0f54920958e66f0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc871eb2d-7988-403d-be39-e2b0932eaede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11384
x-amzn-requestid: a8e08458-da0d-47f6-a521-358b36fe922b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfUjEt6IAMFsIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145b6-49a56fa82e5aadfa03b6e022;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OTuRrRbRrMyR4VZhRxS27f914iOjYOEwaw2CyEC7Aw3_a1qFkMM7xA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:53:52 GMT
etag: "ebac057ff8a8ad7c097369f0aa2f8cacd8cae06b"
content-type: image/jpeg
age: 53771
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8118 bytes)
Hash
4b9d8b33f5612e1bf93f6736973766d8
220ce699083537964b1bb8859c4d94ee47f04213
a102991c1ecd60a483f083b72096dd4fccbdf68951f2c453fbf849954ebdc9d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F934fc9eb-b4a6-4fbb-bd6e-d7b9db298c89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8118
x-amzn-requestid: 7a6bad9e-f7de-48ff-a7b6-812f265fe8af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjffAExyIAMF9DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145f9-4efc5e4622fb1d482f0c4663;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 579r7yXBoSk1W50bPxCF8A2r31obx025ohBk3ltpxb1i5eRYEEv-ug==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:56:12 GMT
age: 53631
etag: "220ce699083537964b1bb8859c4d94ee47f04213"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ffb72b6-613b-40fd-bb5b-fc19350878a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7727 bytes)
Hash
a2fb5c797382364954ba2c843a9afbcc
6a10b383ffdd71cd4a870ef5e12368d5d0e7d4dd
8a04857636b850d671ae4c217af3ec1f68b76da33ccc10850cf16fa25bb17c5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ffb72b6-613b-40fd-bb5b-fc19350878a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7727
x-amzn-requestid: 91559a90-004c-4d39-b107-ad92870466ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AbHgkGRWIAMFSYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63edec69-63f5138a741d4a9f333bb7cc;Sampled=0
x-amzn-remapped-date: Thu, 16 Feb 2023 08:42:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N7gIJq2POAzQM7aNaH_xkv8Rfmg0_zwPk5CLTPAMuR8gi082W-Ak7A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 22:38:57 GMT
age: 51066
etag: "6a10b383ffdd71cd4a870ef5e12368d5d0e7d4dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef70c3e-4b67-4d2b-af6b-006893df8126.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8030 bytes)
Hash
766ccbe82a51d13658a0deb97b5c0ec0
435ab39e34a7359a9ed434c864d407fb33a3a6ef
4cab8d3bf8475812f4f7d499aed985bf8451a684a68a8e9407aeaa9a6696e931

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef70c3e-4b67-4d2b-af6b-006893df8126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8030
x-amzn-requestid: 9102300b-a9dc-4217-a6a1-e466fd6afa0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfeXE8kIAMFy2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145f5-4f768c4e77de2cc060c4976d;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b-QdxhlYT-VxgKf3fh-fKsah_6QsXFML4kSq-Q8wZYsGfZyDEMh93w==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:53:46 GMT
age: 53777
etag: "435ab39e34a7359a9ed434c864d407fb33a3a6ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
802dfa5c8d5d5fc162a3850bf53647c0
4b3b90d770557e9803de31d16e55ed8ee10cb75c
a0cbf6cdb36cb16f36d4e3b1652fa3a756a8b428519f736aec12cbe93b6184e9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?_=1676811002982

142.250.74.132

200 OK

553 B

URL HTTP/2
www.google.com/recaptcha/api.js?_=1676811002982
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
553 B (553 bytes)
Hash
61528f87bc619dc1651c50dbe59bef65
da28ca3199ea9bbad3891014b80c2e9172fce73a
a0b5d93845a5c4077e9c6392002ed0e816e8e0e01f1b0bee485f419c6644aa06

HTTP Headers

GET /recaptcha/api.js?_=1676811002982 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 19 Feb 2023 12:50:03 GMT
date: Sun, 19 Feb 2023 12:50:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
652e0fa59c5baeae693cb48f05a866fa
7336989ad39144fcdee7397f40dcd4697134c1e5
6b7bb317df6b5abdb2803d133e63ee8b1383d30c6403eb8650e013255c6f0227

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.edinburghh3.com/files/theme/container_top.gif?1676727725

199.34.228.155

200 OK

2.3 kB

URL HTTP/1.1
www.edinburghh3.com/files/theme/container_top.gif?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
GIF image data, version 89a, 979 x 68\012- data
Size
2.3 kB (2296 bytes)
Hash
766093383dee459539c8cd9ae5532570
54d2004b3fb0bec4b910a3746bafec730d530c57
d484be83dab00940c261851158e0ac90c5924c4c9e9cd30551ffcf2f23c3314d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/theme/container_top.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 2296
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:39 GMT
ETag: "766093383dee459539c8cd9ae5532570"
x-amz-request-id: tx000000000000001f54871-005eab18c1-1100fc6-las
X-Storage-Bucket: zd484
X-Storage-Object: d484be83dab00940c261851158e0ac90c5924c4c9e9cd30551ffcf2f23c3314d
X-Host: grn50.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/tnh23_orig.jpg

199.34.228.155

200 OK

68 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/tnh23_orig.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 534x387, components 3\012- data
Size
68 kB (67787 bytes)
Hash
43856d11b3e9dd54e3a5b4589f96eb64
518c2371f619d27fdbb0e99872d302e9a743d5a7
b1a952c217283977cdf610ffa37ca3a0d0f5db4366b3c87617e69a6d4d8020f5

HTTP Headers

GET /uploads/9/2/5/2/9252544/tnh23_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:02 GMT
Content-Type: image/jpeg
Content-Length: 67787
Connection: keep-alive
Last-Modified: Wed, 13 Jul 2022 10:56:49 GMT
x-rgw-object-type: Normal
ETag: "43856d11b3e9dd54e3a5b4589f96eb64"
x-amz-request-id: tx000000000000073ce7cad-0063e8c780-c699baa-sfo1
X-Storage-Bucket: zb1a9
X-Storage-Object: b1a952c217283977cdf610ffa37ca3a0d0f5db4366b3c87617e69a6d4d8020f5
X-Host: grn24.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/published/shakes.jpg?1604496978

199.34.228.155

200 OK

1.4 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/published/shakes.jpg?1604496978
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 157x43, components 3\012- data
Size
1.4 kB (1379 bytes)
Hash
8d228eb9c27ac957c448c8731129ac0d
762fdf6aacc359f086866ca381f0d09ea7292bf6
85cf57d5d3af1cc41250a1a89fc15b1fb4cb2871f0d80fc7fac85c805c13c19e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/9/2/5/2/9252544/published/shakes.jpg?1604496978 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 1379
Connection: keep-alive
Last-Modified: Wed, 04 Nov 2020 13:36:18 GMT
x-rgw-object-type: Normal
ETag: "8d228eb9c27ac957c448c8731129ac0d"
x-amz-request-id: tx000000000000077da0746-0063ef3daf-c669cc6-sfo1
X-Storage-Bucket: z85cf
X-Storage-Object: 85cf57d5d3af1cc41250a1a89fc15b1fb4cb2871f0d80fc7fac85c805c13c19e
X-Host: blu41.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/files/theme/social-grey.png?1676727725

199.34.228.155

200 OK

6.5 kB

URL HTTP/1.1
www.edinburghh3.com/files/theme/social-grey.png?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
PNG image data, 253 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6530 bytes)
Hash
ca3d7d40634d021212b2a4dbe024356b
d51f8ed2e1a54a92beedbd761ce95fc630f5b03a
99749b82a8923ef5e99244d5cae08dc5205e0a87ae3a9383230cf3c25461b290

HTTP Headers

GET /files/theme/social-grey.png?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png; charset=binary
Content-Length: 6530
Connection: keep-alive
Last-Modified: Tue, 29 Mar 2022 17:53:57 GMT
x-rgw-object-type: Normal
ETag: "ca3d7d40634d021212b2a4dbe024356b"
x-amz-request-id: tx000000000000002395206-006284f4c5-b9fbc63-sfo1
X-Storage-Bucket: z9974
X-Storage-Object: 99749b82a8923ef5e99244d5cae08dc5205e0a87ae3a9383230cf3c25461b290
X-Host: blu152.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/_8357901.gif

199.34.228.155

200 OK

5.3 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/_8357901.gif
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
GIF image data, version 89a, 76 x 122\012- data
Size
5.3 kB (5297 bytes)
Hash
b20ea105468092108ae66a595171130d
18842f7307f4b8abad9aa89145f5abb1c8f69b33
1fd7131fd1b22ed0043482326c921c3b93989bb464efffd64657312a75e7060c

HTTP Headers

GET /uploads/9/2/5/2/9252544/_8357901.gif HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif
Content-Length: 5297
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:42:46 GMT
x-rgw-object-type: Normal
ETag: "b20ea105468092108ae66a595171130d"
x-amz-request-id: tx00000000000007670da7e-0063eefcfa-c6aed46-sfo1
X-Storage-Bucket: z1fd7
X-Storage-Object: 1fd7131fd1b22ed0043482326c921c3b93989bb464efffd64657312a75e7060c
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/_3512971_orig.png

199.34.228.155

200 OK

3.7 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/_3512971_orig.png
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
PNG image data, 207 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
3.7 kB (3745 bytes)
Hash
3b4d3f1898310b49e43056b0528144dc
deefe60e1450ac21cf3a7b0cf53577039ba54028
7b98146cd8702de54239a729f164ecf041f586894d5614fea5fe6184eead94bb

HTTP Headers

GET /uploads/9/2/5/2/9252544/_3512971_orig.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png
Content-Length: 3745
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:43:08 GMT
x-rgw-object-type: Normal
ETag: "3b4d3f1898310b49e43056b0528144dc"
x-amz-request-id: tx000000000000077ecab4e-0063eefac2-c695612-sfo1
X-Storage-Bucket: z7b98
X-Storage-Object: 7b98146cd8702de54239a729f164ecf041f586894d5614fea5fe6184eead94bb
X-Host: blu147.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]

199.34.228.155

200 OK

348 B

URL HTTP/1.1
www.edinburghh3.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size
348 B (348 bytes)
Hash
a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.edinburghh3.com
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en; _snow_ses.b2ed=*; _snow_id.b2ed=48bba910-cff4-43b6-91ef-dc0c1e8c117e.1676811003.1.1676811003.1676811003.9343e9db-7d37-4565-b49c-df264ef17281
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 12:50:03 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu59.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: application/json

www.edinburghh3.com/files/theme/bg_fade.gif?1676727725

199.34.228.155

200 OK

4.6 kB

URL HTTP/1.1
www.edinburghh3.com/files/theme/bg_fade.gif?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
GIF image data, version 89a, 52 x 319\012- data
Size
4.6 kB (4618 bytes)
Hash
de54920fd594dd8d5600891be77c7001
d628080a092f97cc63a1c6c04c28d11bad0d035d
fd7ebe25a6a68196eaad1e30bf8a4adabf30ec026762aaef2f96d54b9d8730e4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/theme/bg_fade.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 4618
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:37 GMT
x-rgw-object-type: Normal
ETag: "de54920fd594dd8d5600891be77c7001"
x-amz-request-id: tx0000000000000209ce600-0063582c0a-c6aed46-sfo1
X-Storage-Bucket: zfd7e
X-Storage-Object: fd7ebe25a6a68196eaad1e30bf8a4adabf30ec026762aaef2f96d54b9d8730e4
X-Host: blu122.sf2p.intern.weebly.net
Accept-Ranges: bytes

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ee8deb1af3e0fe7d76f85b7af0913d07
25c677985079f1d9038ca72328de44fbf9a5bf12
24a0c55548ec7c627d752b2fb0b945d5fec4469fe319b016d258e8afbf76dfd0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 19 Feb 2023 12:50:03 GMT
Last-Modified: Sun, 19 Feb 2023 11:56:03 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4LiEfkEtVeJ_v64-EnmEY6dZnBT_agx416wZHEP3ItWEkL5MFDWmLw==
Age: 3240

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ee8deb1af3e0fe7d76f85b7af0913d07
25c677985079f1d9038ca72328de44fbf9a5bf12
24a0c55548ec7c627d752b2fb0b945d5fec4469fe319b016d258e8afbf76dfd0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 19 Feb 2023 12:50:03 GMT
Last-Modified: Sun, 19 Feb 2023 12:21:56 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vcheBUj-2MjY710oOWKhIsz73jmv9koWLXo3vHx3kvUxg0iDSK1tXQ==
Age: 1687

www.edinburghh3.com/files/theme/container_middle.gif?1676727725

199.34.228.155

200 OK

1.8 kB

URL HTTP/1.1
www.edinburghh3.com/files/theme/container_middle.gif?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
GIF image data, version 89a, 979 x 86\012- data
Size
1.8 kB (1797 bytes)
Hash
3c1d828e9e86610e35b10c8c21b282f7
31dc45f2f40540a60c67902211e8ab63a874eb71
399dcac0a20312508df73590f20d07c5140d3f45fb10bd6f18baa494b42612d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/theme/container_middle.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 1797
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
ETag: "3c1d828e9e86610e35b10c8c21b282f7"
x-amz-request-id: tx000000000000001f945f4-005eab1a30-1100fc6-las
X-Storage-Bucket: z399d
X-Storage-Object: 399dcac0a20312508df73590f20d07c5140d3f45fb10bd6f18baa494b42612d0
X-Host: grn39.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/files/theme/container_fade.gif?1676727725

199.34.228.155

200 OK

6.3 kB

URL HTTP/1.1
www.edinburghh3.com/files/theme/container_fade.gif?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
GIF image data, version 89a, 979 x 298\012- data
Size
6.3 kB (6265 bytes)
Hash
6ac99572d55e85b65b906b066644b621
a32962bc899f8c2ec6a27ff1e35342b98087ac42
a9a3c0d7ed606f51a86958c6fc9f9935f7a3d33697860e4fc1480ec1f0114734

HTTP Headers

GET /files/theme/container_fade.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 6265
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
ETag: "6ac99572d55e85b65b906b066644b621"
x-amz-request-id: tx000000000000000dfe7a7-005ea3b248-10e20e2-las
X-Storage-Bucket: za9a3
X-Storage-Object: a9a3c0d7ed606f51a86958c6fc9f9935f7a3d33697860e4fc1480ec1f0114734
X-Host: grn24.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/files/theme/field.png?1676727725

199.34.228.155

200 OK

149 B

URL HTTP/1.1
www.edinburghh3.com/files/theme/field.png?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
PNG image data, 5 x 20, 8-bit/color RGB, non-interlaced\012- data
Size
149 B (149 bytes)
Hash
75ca98a284650ab482c9256e5609e371
6325c898af731351d7aaf12124a720ac34349514
1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808

HTTP Headers

GET /files/theme/field.png?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png; charset=binary
Content-Length: 149
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 00:23:32 GMT
x-rgw-object-type: Normal
ETag: "75ca98a284650ab482c9256e5609e371"
x-amz-request-id: tx000000000000001b05a35-0062847d57-b9fbc77-sfo1
X-Storage-Bucket: z1f98
X-Storage-Object: 1f98bbb606dcf5955bccbeea4efc4ca681d573c1945a8d580f984b0c3c678808
X-Host: grn137.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/files/theme/button.png?1676727725

199.34.228.155

200 OK

2.0 kB

URL HTTP/1.1
www.edinburghh3.com/files/theme/button.png?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
PNG image data, 400 x 209, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2030 bytes)
Hash
b7a42ea7dba5c23c5479b3835b7456ac
35ea5c46ec312071d5e68ffabb04f486ecf2ffb6
3ebda7e0c961b23b337d356767ab277bcf1265305dca996acc6fc189d697d7ba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/theme/button.png?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png; charset=binary
Content-Length: 2030
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
x-rgw-object-type: Normal
ETag: "b7a42ea7dba5c23c5479b3835b7456ac"
x-amz-request-id: tx00000000000004c1ae06f-0063a07e47-c696eea-sfo1
X-Storage-Bucket: z3ebd
X-Storage-Object: 3ebda7e0c961b23b337d356767ab277bcf1265305dca996acc6fc189d697d7ba
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/nznh23_orig.jpg

199.34.228.155

200 OK

57 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/nznh23_orig.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 887x800, components 3\012- data
Size
57 kB (56994 bytes)
Hash
e7f36a33c5dd7cef910349d0da919a46
7dd7b842ce888e5aa03790e00dedbdeb35b018a0
20c2fd174868edea8e9cb3cae45ff63209b1d5c6d66db6f735fb37cb03963213

HTTP Headers

GET /uploads/9/2/5/2/9252544/nznh23_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 56994
Connection: keep-alive
Last-Modified: Fri, 19 Feb 2021 12:13:38 GMT
x-rgw-object-type: Normal
ETag: "e7f36a33c5dd7cef910349d0da919a46"
x-amz-request-id: tx000000000000053d5c9cd-0063b0267b-c696eea-sfo1
X-Storage-Bucket: z20c2
X-Storage-Object: 20c2fd174868edea8e9cb3cae45ff63209b1d5c6d66db6f735fb37cb03963213
X-Host: blu25.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/files/theme/container_bottom.gif?1676727725

199.34.228.155

200 OK

2.8 kB

URL HTTP/1.1
www.edinburghh3.com/files/theme/container_bottom.gif?1676727725
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
GIF image data, version 89a, 979 x 31\012- data
Size
2.8 kB (2833 bytes)
Hash
cc9eca9b17e3172d00c57c4303e7ff0a
b2efaa773f63bb2742812d8582c832e7d248cca3
181ff546dfac2a5fa99170c99582e674e5ece397717dbfce4dcec1503ad6bf05

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/theme/container_bottom.gif?1676727725 HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/files/main_style.css?1676727725
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/gif; charset=binary
Content-Length: 2833
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 21:13:38 GMT
x-rgw-object-type: Normal
ETag: "cc9eca9b17e3172d00c57c4303e7ff0a"
x-amz-request-id: tx0000000000000253cc0b1-0062bc614b-b9fbc20-sfo1
X-Storage-Bucket: z181f
X-Storage-Object: 181ff546dfac2a5fa99170c99582e674e5ece397717dbfce4dcec1503ad6bf05
X-Host: blu142.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/6294829_orig.jpg

199.34.228.155

200 OK

6.0 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/6294829_orig.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 180x180, components 3\012- data
Size
6.0 kB (6029 bytes)
Hash
e80cdd2e3f16dcbe15b9ef2e81a32337
8b61a137dac366601d5583d25b88ebb406d158c1
0bbd10b9cda1d5cac0b2320d6501b51b0ce6e4b69a1dd25e4d4aed1dfffdbc6c

HTTP Headers

GET /uploads/9/2/5/2/9252544/6294829_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 6029
Connection: keep-alive
Last-Modified: Mon, 28 Jan 2019 09:48:03 GMT
x-rgw-object-type: Normal
ETag: "e80cdd2e3f16dcbe15b9ef2e81a32337"
x-amz-request-id: tx000000000000066996fb7-0063d101e8-c699baa-sfo1
X-Storage-Bucket: z0bbd
X-Storage-Object: 0bbd10b9cda1d5cac0b2320d6501b51b0ce6e4b69a1dd25e4d4aed1dfffdbc6c
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes

ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

34.208.136.5

200 OK

0 B

URL HTTP/2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
34.208.136.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.edinburghh3.com/
Origin: https://www.edinburghh3.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 19 Feb 2023 12:50:03 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.edinburghh3.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2

www.edinburghh3.com/uploads/9/2/5/2/9252544/hc-logo_orig.jpg

199.34.228.155

200 OK

26 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/hc-logo_orig.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x512, components 3\012- data
Size
26 kB (25805 bytes)
Hash
3c98461270888a0a18aae0a340f08e83
f926ab93ad1801eca42d17a8790f1289c64b2d31
e445e7e2834d88f94407ee4d2139019d863cb068425c2d220fdb0da8dfd3f590

HTTP Headers

GET /uploads/9/2/5/2/9252544/hc-logo_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 25805
Connection: keep-alive
Last-Modified: Wed, 13 Jul 2022 10:49:42 GMT
x-rgw-object-type: Normal
ETag: "3c98461270888a0a18aae0a340f08e83"
x-amz-request-id: tx0000000000000779685bc-0063ef3edc-c696eea-sfo1
X-Storage-Bucket: ze445
X-Storage-Object: e445e7e2834d88f94407ee4d2139019d863cb068425c2d220fdb0da8dfd3f590
X-Host: grn137.sf2p.intern.weebly.net
Accept-Ranges: bytes

ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

34.208.136.5

200 OK

2 B

URL HTTP/2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
34.208.136.5:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1788
Origin: https://www.edinburghh3.com
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 19 Feb 2023 12:50:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=66ee14ed-e430-4e4c-b3d4-49940a8b8b6c; Expires=Mon, 19 Feb 2024 12:50:03 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.edinburghh3.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.edinburghh3.com/uploads/9/2/5/2/9252544/yh3_orig.jpg

199.34.228.155

200 OK

20 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/yh3_orig.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, progressive, precision 8, 251x320, components 3\012- data
Size
20 kB (19915 bytes)
Hash
223be09fae8e2db6f3100a91c44ca213
142dc56923ce07fe3f702f2844bf6f565f5b2320
7ff03a8b48cac28d5687158047107c889a2e6de5891668bc0c5228f7527f8a89

HTTP Headers

GET /uploads/9/2/5/2/9252544/yh3_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 19915
Connection: keep-alive
Last-Modified: Tue, 27 Aug 2019 12:49:36 GMT
x-rgw-object-type: Normal
ETag: "223be09fae8e2db6f3100a91c44ca213"
x-amz-request-id: tx000000000000076ff38bf-0063ee4f00-c699baa-sfo1
X-Storage-Bucket: z7ff0
X-Storage-Object: 7ff03a8b48cac28d5687158047107c889a2e6de5891668bc0c5228f7527f8a89
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/nz-2024_orig.jpg

199.34.228.155

200 OK

28 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/nz-2024_orig.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 395x395, components 3\012- data
Size
28 kB (27526 bytes)
Hash
a58e500cdcaa3307aa7f9c667fcbf726
8d7cca3f4babfdd6df969294ad1ac4b18a10c670
c521a5ebfa831482471cc5c18514fe5b3aa0e4ff9604935830ec94dea05fab74

HTTP Headers

GET /uploads/9/2/5/2/9252544/nz-2024_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 27526
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 10:58:57 GMT
x-rgw-object-type: Normal
ETag: "a58e500cdcaa3307aa7f9c667fcbf726"
x-amz-request-id: tx00000000000007744cbc1-0063eea1ae-c696eea-sfo1
X-Storage-Bucket: zc521
X-Storage-Object: c521a5ebfa831482471cc5c18514fe5b3aa0e4ff9604935830ec94dea05fab74
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/header_images/1334865204.jpg

199.34.228.155

200 OK

144 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/header_images/1334865204.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 920x259, components 3\012- data
Size
144 kB (143855 bytes)
Hash
876f82f06c9f250fc34d583287953424
0c13943e692ee354ce0aeee98ac64430f2bccaa5
386fb65141392f1460f60cb1d21ca6a93489a187ec24a1666efc2a82d48a90db

HTTP Headers

GET /uploads/9/2/5/2/9252544/header_images/1334865204.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 143855
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:43:27 GMT
x-rgw-object-type: Normal
ETag: "876f82f06c9f250fc34d583287953424"
x-amz-request-id: tx000000000000073a61d6e-0063ea5c09-c6aed46-sfo1
X-Storage-Bucket: z386f
X-Storage-Object: 386fb65141392f1460f60cb1d21ca6a93489a187ec24a1666efc2a82d48a90db
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/_7803139.jpg

199.34.228.155

200 OK

8.6 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/_7803139.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 159x164, components 3\012- data
Size
8.6 kB (8613 bytes)
Hash
20db15942d5d8e2511ca26b1b22bf7a7
550587fac0291a759dd47c7cfc0367dc2531b846
8753718b34df5e96c63a6ee3e61e32f529c26a3e2d05c1b06004651d677b9bfd

HTTP Headers

GET /uploads/9/2/5/2/9252544/_7803139.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/jpeg
Content-Length: 8613
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:45:04 GMT
x-rgw-object-type: Normal
ETag: "20db15942d5d8e2511ca26b1b22bf7a7"
x-amz-request-id: tx0000000000000766f01a9-0063eef998-c6aed46-sfo1
X-Storage-Bucket: z8753
X-Storage-Object: 8753718b34df5e96c63a6ee3e61e32f529c26a3e2d05c1b06004651d677b9bfd
X-Host: blu67.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/_7938246.jpg

199.34.228.155

200 OK

1.6 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/_7938246.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 87x87, components 3\012- data
Size
1.6 kB (1601 bytes)
Hash
b0f08fffd83fd826648ccc2435f97026
0ffb16842c39afa6ef9733f6a80277f77847b2c3
6f2b555edbbc0a2f28173970b86463d4087dd7e0a07cc488729a4e9f8c5310bf

HTTP Headers

GET /uploads/9/2/5/2/9252544/_7938246.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/jpeg
Content-Length: 1601
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:43:31 GMT
x-rgw-object-type: Normal
ETag: "b0f08fffd83fd826648ccc2435f97026"
x-amz-request-id: tx000000000000076d772c7-0063efc803-c6aed46-sfo1
X-Storage-Bucket: z6f2b
X-Storage-Object: 6f2b555edbbc0a2f28173970b86463d4087dd7e0a07cc488729a4e9f8c5310bf
X-Host: grn44.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/uk-on-sec_orig.jpg

199.34.228.155

200 OK

55 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/uk-on-sec_orig.jpg
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1100x640, components 3\012- data
Size
55 kB (54643 bytes)
Hash
95083fa2fcb348b6d031826f4b19d21a
6b38e74b64b06866d080bf34206d72c6214bcd59
2f2d9d7839c316bc6e7edc6ff90e054438bf663b5cf20a8bbb4a92bf8e140656

HTTP Headers

GET /uploads/9/2/5/2/9252544/uk-on-sec_orig.jpg HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/jpeg
Content-Length: 54643
Connection: keep-alive
Last-Modified: Thu, 29 Nov 2018 12:07:08 GMT
x-rgw-object-type: Normal
ETag: "95083fa2fcb348b6d031826f4b19d21a"
x-amz-request-id: tx0000000000000764d459d-0063ec9908-c669cc6-sfo1
X-Storage-Bucket: z2f2d
X-Storage-Object: 2f2d9d7839c316bc6e7edc6ff90e054438bf663b5cf20a8bbb4a92bf8e140656
X-Host: blu14.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/events3_orig.png

199.34.228.155

200 OK

55 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/events3_orig.png
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
PNG image data, 187 x 182, 8-bit/color RGBA, non-interlaced\012- data
Size
55 kB (55012 bytes)
Hash
3bf86262972f2a770531ce9cd6a5f087
88db5271465ecfc86d56df47ca5fee2e008d4ecb
fd81efab1f3f84bc4caff5bc903cb17116e4647581987589f5eda4042f291c3a

HTTP Headers

GET /uploads/9/2/5/2/9252544/events3_orig.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png
Content-Length: 55012
Connection: keep-alive
Last-Modified: Wed, 30 Sep 2020 11:59:41 GMT
x-rgw-object-type: Normal
ETag: "3bf86262972f2a770531ce9cd6a5f087"
x-amz-request-id: tx0000000000000766f00c2-0063eef997-c6aed46-sfo1
X-Storage-Bucket: zfd81
X-Storage-Object: fd81efab1f3f84bc4caff5bc903cb17116e4647581987589f5eda4042f291c3a
X-Host: grn39.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/_5615539_orig.gif

199.34.228.155

200 OK

5.1 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/_5615539_orig.gif
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
GIF image data, version 89a, 220 x 220\012- data
Size
5.1 kB (5132 bytes)
Hash
a1673c854474b2ed26820f42f4d0f13f
c2301081db55c21cb7f2e42cc69bc0198c035a06
1e53a20a8314eab49626949ec57052bc83d11bb310fc7dcbb8121f40e8d4779e

HTTP Headers

GET /uploads/9/2/5/2/9252544/_5615539_orig.gif HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/gif
Content-Length: 5132
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 10:42:46 GMT
x-rgw-object-type: Normal
ETag: "a1673c854474b2ed26820f42f4d0f13f"
x-amz-request-id: tx0000000000000772ea71b-0063ee1f58-c669cc6-sfo1
X-Storage-Bucket: z1e53
X-Storage-Object: 1e53a20a8314eab49626949ec57052bc83d11bb310fc7dcbb8121f40e8d4779e
X-Host: blu147.sf2p.intern.weebly.net
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a6e5d93e6ff78ff0040d571937410c78
ec1b36fe7fb5f6cc3b41d50bcddc3199dbac8969
f14addd83ab95ac7ad8b7340db9c82f4bc03f5fa9781ec9923485f17dbb101ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

216.58.211.8

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
216.58.211.8:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 19 Feb 2023 12:41:40 GMT
expires: Sun, 19 Feb 2023 14:41:40 GMT
cache-control: public, max-age=7200
age: 504
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js

142.250.74.35

200 OK

165 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (557)
Size
165 kB (164853 bytes)
Hash
bde872ce764ca70494c65b6b34a1c88e
27e1b13cd255fac03519429a0efdd797671eacde
2fff53e7a1bb12f09930778b6f6c0142f048b1a03068cf775ceebaa28072898b

HTTP Headers

GET /recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.edinburghh3.com
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164853
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Feb 2023 07:26:32 GMT
expires: Mon, 19 Feb 2024 07:26:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 19412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a6e5d93e6ff78ff0040d571937410c78
ec1b36fe7fb5f6cc3b41d50bcddc3199dbac8969
f14addd83ab95ac7ad8b7340db9c82f4bc03f5fa9781ec9923485f17dbb101ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 12:50:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.edinburghh3.com/favicon.ico

199.34.228.155

200 OK

4.3 kB

URL HTTP/1.1
www.edinburghh3.com/favicon.ico
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en; _snow_ses.b2ed=*; _snow_id.b2ed=48bba910-cff4-43b6-91ef-dc0c1e8c117e.1676811003.1.1676811003.1676811003.9343e9db-7d37-4565-b49c-df264ef17281
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:04 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001ac862e-0062847767-b9fbc20-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu137.sf2p.intern.weebly.net
Accept-Ranges: bytes

www.edinburghh3.com/uploads/9/2/5/2/9252544/logoeu2023_orig.png

199.34.228.155

200 OK

226 kB

URL HTTP/1.1
www.edinburghh3.com/uploads/9/2/5/2/9252544/logoeu2023_orig.png
IP
199.34.228.155:0
ASN
#27647 WEEBLY

File type
PNG image data, 494 x 449, 8-bit/color RGBA, non-interlaced\012- data
Size
226 kB (226444 bytes)
Hash
decf4bd9fb262996f1f4fcc2d5fe1148
411821202fd62a66df52f10c1efe2c0dd490e743
3aa6d9e8577fff009a27291907cec0fa86a83f33003725a52595f328936ec5d2

HTTP Headers

GET /uploads/9/2/5/2/9252544/logoeu2023_orig.png HTTP/1.1
Host: www.edinburghh3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 12:50:03 GMT
Content-Type: image/png
Content-Length: 226444
Connection: keep-alive
Last-Modified: Sat, 25 Sep 2021 12:37:38 GMT
x-rgw-object-type: Normal
ETag: "decf4bd9fb262996f1f4fcc2d5fe1148"
x-amz-request-id: tx000000000000073fe3cb6-0063e9245e-c699baa-sfo1
X-Storage-Bucket: z3aa6
X-Storage-Object: 3aa6d9e8577fff009a27291907cec0fa86a83f33003725a52595f328936ec5d2
X-Host: blu41.sf2p.intern.weebly.net
Accept-Ranges: bytes

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1676659918&

151.101.1.46

200 OK

0 B

URL HTTP/2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1676659918&
IP
151.101.1.46:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/lang/en/stl.js?buildTime=1676659918& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.edinburghh3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Feb 2023 16:28:08 GMT
etag: "63efab18-2c2d4"
expires: Fri, 03 Mar 2023 18:54:58 GMT
cache-control: max-age=1209600
x-host: blu117.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 19 Feb 2023 12:50:02 GMT
age: 150902
x-served-by: cache-sjc10029-SJC, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 12
x-timer: S1676811002.130359,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32837
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML