r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3295
Expires: Wed, 21 Sep 2022 23:39:44 GMT
Date: Wed, 21 Sep 2022 22:44:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 22:13:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L7QUpRxO-LcW0hq4h2hKpTp1pc0ywqSKcthgUXf87k1LElByqySHJQ==
Age: 1861
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
301 Moved Permanently 494 B URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2b79e0410f9bc7b1c87ca7b9d149a991
2876c9ffe299c597e6701773975aed5dfa86863c
b58ce969b246ccfc101fa6f4178d7a63439e6aa94b9d2990c9a8c41ce1d76dd2
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET / HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 22:44:49 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=webmailrackspaceonlineservicesnowwwphphphp.weebly.com
Vary: X-W-SSL,User-Agent
Location: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
X-Host: grn31.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 494
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YoL8pjylisk4Vcj8ylOL5wqGEEu2ZF17sF-vGFya4N0Vd358IwDssQ==
age: 65376
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 22:44:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 22:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 22:58:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fLffshDlvgAImCttd2BSoioADdULu8RoWx0TPBSaTU-AN0lIPdeXQA==
Age: 2488
ocsp.digicert.com/
200 OK 471 B IP
Hash 9f401cbe691797705671cf24bcdafa5e
d91c3ce2c075593987f6f4eac66561276ebd6d0e
5bec3df55995625e03e870b6d1c475ab82c17290aac6d9fae5bed29791c97328
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Server: ECS (amb/6B88)
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1019
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Last-Modified: Wed, 21 Sep 2022 22:27:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
200 OK 6.0 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (861), with CRLF, LF line terminators
Hash bcdf84891df4d1c3897a1e18571cef8f
bc79af8d6db25ff4040e5458812e202e37fb7e56
e334f0e2f22d5b24c9ba6c1d14a654595eebb1bf58362569f2301d8d8e785311
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET / HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 22:44:50 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=webmailrackspaceonlineservicesnowwwphphphp.weebly.com
language=en; expires=Wed, 05-Oct-2022 22:44:50 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"f5b9a1aa9c13fb66ef55a659d523c76b-gzip"
Content-Encoding: gzip
X-Host: blu45.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 5997
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
200 OK 9.7 kB URL HTTP/2 cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP
File type PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Hash 6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtBep7ROccdUt9-QNl5VbmRIpCUwFb5y0r5I6-vVE2nBsM9PCbzHI6xHxQIvmEjxA2YbetFcXQVHBR8TKD8jioOTQFmXNb8
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
expires: Sun, 17 Apr 2022 00:19:21 GMT
cache-control: public, max-age=86400, s-maxage=259200
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
content-type: image/png
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:50 GMT
via: 1.1 varnish
age: 166221
x-served-by: cache-bma1623-BMA
x-cache: HIT
x-cache-hits: 648
x-timer: S1663800291.563467,VS0,VE0
access-control-allow-origin: *
content-length: 9677
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1663714980
200 OK 1.4 kB URL HTTP/2 cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1663714980
IP
File type ASCII text, with very long lines (3600), with no line terminators
Hash 121a5b9688d8e70ee7bb06cc79491f76
3a28220baa7d8879270c8311bed7dddefa7e43e9
181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
GET /js/site/footerSignup.js?buildTime=1663714980 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 22:44:55 GMT
etag: "632a4267-e10"
expires: Tue, 04 Oct 2022 23:06:00 GMT
cache-control: max-age=1209600
x-host: grn51.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:50 GMT
age: 85130
x-served-by: cache-sjc10042-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 313
x-timer: S1663800291.563305,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1372
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/css/old/fancybox.css?1662144649
200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1662144649
IP
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1662144649 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 14 Sep 2022 16:19:04 GMT
etag: "6321fef8-f47"
expires: Fri, 30 Sep 2022 19:09:22 GMT
cache-control: max-age=1209600
x-host: blu86.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:50 GMT
age: 444928
x-served-by: cache-sjc10050-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1663800291.573759,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1662144649
200 OK 159 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1662144649
IP
File type ASCII text, with very long lines (32007)
Size 159 kB (159020 bytes)
Hash 19fd4a473c58275a9e8110c598292a56
3ff56cbf5a3677387aef743acdf1a8abf822d28d
89b155f71eeef3fb8d9c95ff95288c29a0b5b722d9c0a3dfdeadfea8b8032884
GET /js/site/main-customer-accounts-site.js?buildTime=1662144649 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 22:44:55 GMT
etag: "632a4267-82588"
expires: Wed, 05 Oct 2022 07:39:35 GMT
cache-control: max-age=1209600
x-host: blu141.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:50 GMT
age: 54315
x-served-by: cache-sjc10062-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1663800291.563291,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 159020
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1662144649
200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1662144649
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1662144649 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 14 Sep 2022 16:18:59 GMT
etag: W/"6321fef3-347ac"
expires: Fri, 30 Sep 2022 18:51:19 GMT
cache-control: max-age=1209600
x-host: grn23.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:50 GMT
age: 446011
x-served-by: cache-sjc10047-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663800291.571659,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1662144649&
200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1662144649&
IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Hash 9a49c00a13898c31cb9ae140287b524d
79aa80ae3e30b6f4ea929e6e118b16c68db216c2
7d4c52ebfd0e158669a414ec9c2ee33a1296b20d59370d8b3193c1ec81a9ec35
GET /js/lang/en/stl.js?buildTime=1662144649& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 22:43:41 GMT
etag: "632a421d-2c4a6"
expires: Wed, 05 Oct 2022 08:53:29 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:50 GMT
age: 49881
x-served-by: cache-sjc10058-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 4
x-timer: S1663800291.569890,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32828
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1662144649
200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1662144649
IP
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1662144649 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 16:19:21 GMT
etag: "6321ff09-74804"
expires: Mon, 03 Oct 2022 12:56:37 GMT
cache-control: max-age=1209600
x-host: grn110.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:50 GMT
age: 208093
x-served-by: cache-sjc10053-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663800291.568538,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/MutationObserver.js
200 OK 6.8 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/MutationObserver.js
IP
Hash a502a64ac17dab318a72b5c6f667e5d6
9b623c5cdc2c288649ff13504131ea2c382e700d
b0d53c00940847c4638accf26f204ef4569affa4a686ebcc5d3cc87d1697aa9d
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET /files/theme/MutationObserver.js HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 18 Nov 2021 03:49:24 GMT
x-rgw-object-type: Normal
ETag: W/"e52201e96af18dd02c85eb627c843491"
x-amz-request-id: tx0000000000000000447ab-006258b631-4d6022f-las
X-Storage-Bucket: z3974
X-Storage-Object: 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a
X-Host: blu41.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 22:33:18 GMT
expires: Thu, 21 Sep 2023 22:33:18 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/plugins.js?1662226723
200 OK 16 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/plugins.js?1662226723
IP
Hash 43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET /files/theme/plugins.js?1662226723 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001ac621f-00628479bc-b9fbc77-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: grn73.sf2p.intern.weebly.net
Content-Encoding: gzip
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/main_style.css?1662231394
200 OK 7.2 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/main_style.css?1662231394
IP
File type assembler source, ASCII text, with very long lines (815)
Hash ad9d5c30880c6005e1b78b510c624e85
0404c6f5409cab8785952dc562e1ab9656905251
414527050d3e25f7784b5be1e8331eeec7902baeadd3f34ef9b279566828bd50
GET /files/main_style.css?1662231394 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn62.sf2p.intern.weebly.net
Content-Encoding: gzip
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/jquery.revealer.js?1662226723
200 OK 2.8 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/jquery.revealer.js?1662226723
IP
Hash c22ab67199a33d876512504cda4ff55b
36e96eae4644b6028532974fe5186a072792cb37
c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET /files/theme/jquery.revealer.js?1662226723 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: application/javascript
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx000000000000000dadafb-0061a70ad3-a9f3e81-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: grn73.sf2p.intern.weebly.net
Accept-Ranges: bytes
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/jquery.pxuMenu.js?1662226723
200 OK 3.7 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/jquery.pxuMenu.js?1662226723
IP
File type HTML document, ASCII text
Hash ac373d716afe4270df40f60417b0f418
aba148148c771bb66b0b4aeab6eac8eb40352745
f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
GET /files/theme/jquery.pxuMenu.js?1662226723 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: application/javascript
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 04 Apr 2022 07:42:11 GMT
x-rgw-object-type: Normal
ETag: "ac373d716afe4270df40f60417b0f418"
x-amz-request-id: tx000000000000000045524-006258b632-4d5d368-las
X-Storage-Bucket: zf755
X-Storage-Object: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
X-Host: blu41.sf2p.intern.weebly.net
Accept-Ranges: bytes
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/jquery.trend.js?1662226723
200 OK 3.8 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/jquery.trend.js?1662226723
IP
Hash 4beccebe0a060b2b2c43de5c2d4512ef
250a779dd017877b9f360b264cf072d9e87974ff
446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET /files/theme/jquery.trend.js?1662226723 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: application/javascript
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001ed57e3-006284b3ea-b9fbc64-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: blu39.sf2p.intern.weebly.net
Accept-Ranges: bytes
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/custom-1.js?1662226723
200 OK 4.1 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/custom-1.js?1662226723
IP
Hash 9f3b0abe72c25dcd381cb41900970422
559cf4346ff62e549e9b5d9856fb6d1d1139eb8b
297782594ab453c80e206ae349690e2580655f5b6700c32b2a9a8a167917ffb6
GET /files/theme/custom-1.js?1662226723 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 26 Oct 2021 13:57:32 GMT
x-rgw-object-type: Normal
ETag: W/"214dde43cebf15418cdcc76f9677ee46"
x-amz-request-id: tx000000000000001d0dce1-0061a7e2f5-a9f1b25-sfo1
X-Storage-Bucket: zcfbf
X-Storage-Object: cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7
X-Host: grn69.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/wsnbn/snowday262.js
200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 16:18:50 GMT
etag: "6321feea-124fe"
expires: Thu, 29 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:51 GMT
age: 569171
x-served-by: cache-sjc10051-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 865
x-timer: S1663800291.340414,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/uploads/1/4/3/0/143034077/rackspace-webmail-hosted-email-for-business-down1_orig.png
200 OK 5.1 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/uploads/1/4/3/0/143034077/rackspace-webmail-hosted-email-for-business-down1_orig.png
IP
File type PNG image data, 792 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash e568efd63bd83dd351be958188fa3918
c5ec71e946c4a9fbb2f03a87ddd439a87e06c0d1
3804a3e3b861ae584bd8f3047fbba93a3b361adf354bbb91af9b6c87452fc00d
Analyzer Verdict Alert openphish Rackspace
GET /uploads/1/4/3/0/143034077/rackspace-webmail-hosted-email-for-business-down1_orig.png HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: image/png
Content-Length: 5110
Connection: keep-alive
Last-Modified: Fri, 31 Jul 2020 12:31:09 GMT
x-rgw-object-type: Normal
ETag: "e568efd63bd83dd351be958188fa3918"
x-amz-request-id: tx0000000000000038169ca-0062860f63-b9fbc64-sfo1
X-Storage-Bucket: z3804
X-Storage-Object: 3804a3e3b861ae584bd8f3047fbba93a3b361adf354bbb91af9b6c87452fc00d
X-Host: blu76.sf2p.intern.weebly.net
Accept-Ranges: bytes
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/uploads/1/4/3/0/143034077/rackspace-webmail-hosted-email-for-business-up_orig.png
200 OK 2.5 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/uploads/1/4/3/0/143034077/rackspace-webmail-hosted-email-for-business-up_orig.png
IP
File type PNG image data, 787 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 706dbe0deb23403a1a8c55acf036cc71
65766bf0260630fc28cf9f2b8ff1b2afc21189ef
ef72ffbf586e82a7a8873f769012ff60a3743d3003096a194f7f0a53da35aab7
Analyzer Verdict Alert openphish Rackspace
GET /uploads/1/4/3/0/143034077/rackspace-webmail-hosted-email-for-business-up_orig.png HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: image/png
Content-Length: 2525
Connection: keep-alive
Last-Modified: Mon, 06 Jul 2020 17:53:48 GMT
x-rgw-object-type: Normal
ETag: "706dbe0deb23403a1a8c55acf036cc71"
x-amz-request-id: tx000000000000001f284ad-006284c241-b9fbc77-sfo1
X-Storage-Bucket: zef72
X-Storage-Object: ef72ffbf586e82a7a8873f769012ff60a3743d3003096a194f7f0a53da35aab7
X-Host: grn42.sf2p.intern.weebly.net
Accept-Ranges: bytes
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/uploads/1/4/3/0/143034077/published/rackspace-orig.jpg?1662231289
200 OK 12 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/uploads/1/4/3/0/143034077/published/rackspace-orig.jpg?1662231289
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 221x342, components 3\012- data
Hash adfa168283d1411d37774a6e21b72924
3f1a9be4c7537150094d92387c0fd8ebbcda94c7
9ac43f6afee162c65ed1ffc3fddff9d1e9ed2891966d5069cae217de75fea62e
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET /uploads/1/4/3/0/143034077/published/rackspace-orig.jpg?1662231289 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: image/jpeg
Content-Length: 12147
Connection: keep-alive
Last-Modified: Wed, 26 May 2021 08:23:21 GMT
x-rgw-object-type: Normal
ETag: "adfa168283d1411d37774a6e21b72924"
x-amz-request-id: tx00000000000000679703b-00632b0eba-c669cc6-sfo1
X-Storage-Bucket: z9ac4
X-Storage-Object: 9ac43f6afee162c65ed1ffc3fddff9d1e9ed2891966d5069cae217de75fea62e
X-Host: grn50.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i
200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i
IP
Hash ad97ba1102a3e76a593d2bf61c985875
395d4b8e1b675eff13f04a3580b03328f2b2202d
0fcba8d4958a5d6004b53f35750a20a04adaefa970f62cc58c60eca002ff6450
GET /css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 22:44:50 GMT
date: Wed, 21 Sep 2022 22:44:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/sprites/site/forms-s3786257308.png
200 OK 341 B URL HTTP/2 cdn2.editmysite.com/sprites/site/forms-s3786257308.png
IP
File type PNG image data, 13 x 26, 8-bit gray+alpha, non-interlaced\012- data
Hash 8bebedaad333db9b949dab050728d9be
9c58d43d230d8b5e6befc2198999840ff555934c
6928442dcdfd67ab71262fb35b80fdddb13277f7fceb3744d417b2d22bcaeecb
GET /sprites/site/forms-s3786257308.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1662144649
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
last-modified: Tue, 20 Sep 2022 22:41:09 GMT
etag: "632a4185-155"
expires: Wed, 05 Oct 2022 07:43:00 GMT
cache-control: max-age=1209600
x-host: blu141.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:51 GMT
age: 54110
x-served-by: cache-sjc10062-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663800291.387114,VS0,VE1
access-control-allow-origin: *
content-length: 341
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Hash 481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 17:06:38 GMT
expires: Fri, 15 Sep 2023 17:06:38 GMT
cache-control: public, max-age=31536000
age: 538693
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1663714980
200 OK 886 B URL HTTP/2 cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1663714980
IP
File type ASCII text, with very long lines (2632)
Hash 5c465ace654da8d0e367f91e7751ae62
f218f483eccbba5be90abf97eff819569329f8b7
0c91c8e311bc809644913a2ff023585ba587ecfc834ba3cd152544e75d422bd9
GET /css/free-footer-v3.css?buildtime=1663714980 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 20 Sep 2022 22:44:29 GMT
etag: "632a424d-a49"
expires: Tue, 04 Oct 2022 23:06:00 GMT
cache-control: max-age=1209600
x-host: blu48.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 22:44:51 GMT
age: 85131
x-served-by: cache-sjc10023-SJC, cache-bma1623-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 281
x-timer: S1663800291.403539,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 886
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22168, version 1.0\012- data
Hash aecf4656f9d639613cf46bf25e28a08b
b51fb5207f34b7283474875e2493591784c09947
f39f934bc7f7b1b4dfa532f4b38dac960a3a7ad6bb9789a412f03bdcb4abd9f5
GET /s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:11:25 GMT
expires: Sat, 16 Sep 2023 16:11:25 GMT
cache-control: public, max-age=31536000
age: 455606
last-modified: Mon, 11 Jul 2022 18:56:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?_=1663800291168
200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1663800291168
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash 27b68162c75bebb4dacf518c46e974d5
99abc7e3e02891bec5de3dda3cb18a6f865f82bc
93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
GET /recaptcha/api.js?_=1663800291168 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 21 Sep 2022 22:44:51 GMT
date: Wed, 21 Sep 2022 22:44:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/images/arrow-light.svg?1662231394
200 OK 886 B URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/theme/images/arrow-light.svg?1662231394
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 552eb2e04260fc0733e5633d15c6aeaa
0a9efcc3b0ebabb23a49a00061fd8200eded1613
705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
GET /files/theme/images/arrow-light.svg?1662231394 HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/files/main_style.css?1662231394
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: image/svg+xml; charset=us-ascii
Content-Length: 886
Connection: close
Last-Modified: Sat, 19 Mar 2022 04:38:52 GMT
x-rgw-object-type: Normal
ETag: "552eb2e04260fc0733e5633d15c6aeaa"
x-amz-request-id: tx000000000000001c6abb0-0062848a69-b9fbc63-sfo1
X-Storage-Bucket: z705f
X-Storage-Object: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Content-Disposition: attachment
X-Host: grn69.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 61642
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 21 Sep 2022 22:17:11 GMT
expires: Thu, 22 Sep 2022 00:17:11 GMT
cache-control: public, max-age=7200
age: 1660
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 22:44:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
Analyzer Verdict Alert openphish Rackspace
GET /favicon.ico HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.7c74=*; _snow_id.7c74=967b7e43-45f3-47b7-8aef-c2591e563f4c.1663800291.1.1663800291.1663800291.6cb0af15-3154-42be-89fc-ec3798a55060
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 22:44:51 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000000c8f1f2-0061a70684-a9f1b25-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu39.sf2p.intern.weebly.net
Accept-Ranges: bytes
webmailrackspaceonlineservicesnowwwphphphp.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
200 OK 348 B URL HTTP/1.1 webmailrackspaceonlineservicesnowwwphphphp.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert openphish Rackspace
fortinet Phishing
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: webmailrackspaceonlineservicesnowwwphphphp.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.7c74=*; _snow_id.7c74=967b7e43-45f3-47b7-8aef-c2591e563f4c.1663800291.1.1663800291.1663800291.6cb0af15-3154-42be-89fc-ec3798a55060
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 22:44:51 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu127.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=72
Connection: Keep-Alive
Content-Type: application/json
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c91716c17cd9e4d5d00e28a1bb756c62
06c8f6749ceb6696a82a73c357946c775924e76a
3c5cae8d3fb1699d489352ec495d1d44c8f3e05fcb70bf3bdc9a6ed637b6e2c6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 22:44:51 GMT
Last-Modified: Wed, 21 Sep 2022 21:55:08 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SKfIuZ5JRS1y6YDjuw1Yjw6vikcQlRp1rl6fiHeA-I0XlILK6E9P7Q==
Age: 2983
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13427
Expires: Thu, 22 Sep 2022 02:28:38 GMT
Date: Wed, 21 Sep 2022 22:44:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13427
Expires: Thu, 22 Sep 2022 02:28:38 GMT
Date: Wed, 21 Sep 2022 22:44:51 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c91716c17cd9e4d5d00e28a1bb756c62
06c8f6749ceb6696a82a73c357946c775924e76a
3c5cae8d3fb1699d489352ec495d1d44c8f3e05fcb70bf3bdc9a6ed637b6e2c6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 22:44:51 GMT
Last-Modified: Wed, 21 Sep 2022 22:23:34 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V3AQwDYqM7Lr-sYf1n3h_EGnoTGCvfikmaFGgDreMxA6cY_AOimVDQ==
Age: 1277
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13427
Expires: Thu, 22 Sep 2022 02:28:38 GMT
Date: Wed, 21 Sep 2022 22:44:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 3385
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37687ec8382ef481897d1e65bf14010a
6ce495268093b256875ec1c4d6a05fc1f3d25446
24cc6f8715bb5b0b8a27a3f40831f9fed6cc4c5a882622633e1865dca6e50531
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3372
x-amzn-requestid: 10d24c22-0b3d-402b-9a10-6cbfc9a699a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG5QHJRoAMFaPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab83b-37ba740c7eba56b30e2ea528;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:39 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VM9vtBQFJEEX58Q_SYVC7L18jDp-kxDCIk1QMjyaaLc6DNUSJ9uivg==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:08:36 GMT
age: 56175
etag: "6ce495268093b256875ec1c4d6a05fc1f3d25446"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce3e9d330cc9b9c84fb7846bf0d8c7a0
134720f07ffdbef5ff551bdb3c3743c806d1512d
0724f7ca2de62c8086e80b527aec78de6b63996107b32c7e9990bd472e64a347
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:21:48 GMT
age: 1383
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a504981ee10d8341b64f19001464ae8a
56f228d7358ba9deef000f53214dc7c1dc358109
0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:25:34 GMT
age: 69557
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F969d6cdd-691e-480c-aa3f-20d1f7156aa3.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F969d6cdd-691e-480c-aa3f-20d1f7156aa3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 935051c999523e0eb4c95bbe470f5708
deb3edfb3995fa43ca3e8dcc2adb09028bd240e3
30efea98cf000c8a0fd6e02b08ab114d4453c2d6f63360a352ebbd0f0bd138a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F969d6cdd-691e-480c-aa3f-20d1f7156aa3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13329
x-amzn-requestid: 54887f94-9832-494c-b1c8-0a27ac04b3e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HDmHlQoAMFfLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b854a-5fb778255bce533044676173;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: x73RKQ2BJRxcFZJEobdvgd_5MplH5mHcGljNL4Em4yqTOCW8DSnzXw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:03:49 GMT
age: 2462
etag: "deb3edfb3995fa43ca3e8dcc2adb09028bd240e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 4242
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 22:44:52 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1824
Origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 22:44:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=a35b5fa7-9feb-4284-ac1e-0fb4dd573d94; Expires=Thu, 21 Sep 2023 22:44:52 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext
IP
GET /css?family=Oswald:400,300,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 22:44:50 GMT
date: Wed, 21 Sep 2022 22:44:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext
IP
GET /css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailrackspaceonlineservicesnowwwphphphp.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 22:44:50 GMT
date: Wed, 21 Sep 2022 22:44:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
199.34.228.54
23.36.77.32
93.184.220.29
151.101.85.46