Overview

URL froshcab.com/
IP199.34.228.79
ASNWEEBLY
Location United States
Report completed2022-09-14 03:27:06 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-14 2 froshcab.com/ Phishing
2022-09-14 2 www.froshcab.com/ Phishing
2022-09-14 2 www.froshcab.com/ Phishing
2022-09-14 2 www.froshcab.com/files/main_style.css?1576438525 Phishing
2022-09-14 2 www.froshcab.com/files/templateArtifacts.js?1576438525 Phishing
2022-09-14 2 www.froshcab.com/files/theme/bodybg.jpg?1576438525 Phishing
2022-09-14 2 www.froshcab.com/files/theme/wrapper.jpg?1576438525 Phishing
2022-09-14 2 www.froshcab.com/files/theme/contentbg.png?1576438525 Phishing
2022-09-14 2 www.froshcab.com/files/theme/social-black.png?1576438525 Phishing
2022-09-14 2 www.froshcab.com/files/theme/submit_bg.png?1576438525 Phishing
2022-09-14 2 www.froshcab.com/files/theme/navigationbg.png?1576438525 Phishing
2022-09-14 2 www.froshcab.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[Custom (...) Phishing
2022-09-14 2 www.froshcab.com/uploads/1/2/8/8/12885318/published/screen-shot-2019-12-15- (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-13 04:56:27 UTC 142.250.74.3
mnemonic passive DNS www.froshcab.com (16) 0 2018-10-28 17:41:15 UTC 2022-07-10 05:53:13 UTC 199.34.228.79 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-13 05:09:29 UTC 34.215.91.121
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-14 01:55:20 UTC 142.250.74.42
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-13 06:57:13 UTC 44.235.202.207
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-13 04:56:30 UTC 216.58.207.200
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-13 04:56:58 UTC 95.101.11.115
mnemonic passive DNS cdn2.editmysite.com (5) 11564 2012-10-02 18:27:39 UTC 2022-09-13 20:51:25 UTC 151.101.85.46
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-13 12:32:54 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-13 22:14:45 UTC 143.204.55.36
mnemonic passive DNS froshcab.com (1) 0 2021-02-01 05:08:42 UTC 2022-08-14 20:20:16 UTC 199.34.228.79 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-13 05:25:58 UTC 143.204.55.25
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-13 04:58:37 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-13 21:21:55 UTC 93.184.220.29


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.79

Date UQ / IDS / BL URL IP
2022-11-21 22:43:06 +0000
0 - 0 - 9 www.desmondinsurance.com/ 199.34.228.79
2022-11-18 05:33:27 +0000
0 - 0 - 12 billionaireroyalties.com/ 199.34.228.79
2022-11-09 13:56:04 +0000
0 - 0 - 10 desmondinsurance.com/ 199.34.228.79
2022-09-14 03:27:06 +0000
0 - 0 - 13 froshcab.com/ 199.34.228.79
2022-09-06 20:42:36 +0000
0 - 0 - 1 www.stierslaw.com/ 199.34.228.79

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-12-08 09:23:00 +0000
0 - 0 - 3 www.stonemountain-capital.net/research/altern (...) 199.34.228.159
2022-12-08 09:22:57 +0000
0 - 0 - 1 www.stonemountain-capital.net/news/oliver-foc (...) 199.34.228.159
2022-12-08 09:22:45 +0000
0 - 0 - 1 www.stonemountain-capital.net/news/stone-moun (...) 199.34.228.159
2022-12-08 09:22:24 +0000
0 - 0 - 3 www.stonemountain-capital.net/news/stone-moun (...) 199.34.228.159
2022-12-08 08:43:12 +0000
0 - 0 - 7 robersonrentall.net/ 199.34.228.100

Last 1 reports on domain: froshcab.com

Date UQ / IDS / BL URL IP
2022-09-14 03:27:06 +0000
0 - 0 - 13 froshcab.com/ 199.34.228.79

No other reports with similar screenshot



JavaScript

Executed Scripts (19)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (51)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 03:09:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xSNxfyj6wOxf80RWGlAUf_eAvVIKdcps7v-rsDK2AjWD8n5BmWr9Bw==
Age: 1050


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7454
Expires: Wed, 14 Sep 2022 05:31:09 GMT
Date: Wed, 14 Sep 2022 03:26:55 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.79
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 14 Sep 2022 03:26:55 GMT
Server: Apache
Location: http://www.froshcab.com/
Content-Length: 232
Keep-Alive: timeout=10, max=66
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   232
Md5:    97960fc054abf74912f96416f5d55b26
Sha1:   b609a0f15bb8232fb429fbc28eba1fc7ffc40b2c
Sha256: 8a9450509127936547ff36b6f15817a3c6efd575121dfa831ce2bb43f9a7a190

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WjgBpe8vZvaizDkqgyXH4jd5QfwToHcS7hbrfzqLRi1CzemgaazWsg==
age: 82301
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 14 Sep 2022 03:26:55 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.79
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Sep 2022 03:26:55 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.froshcab.com
Vary: X-W-SSL,User-Agent
Location: https://www.froshcab.com/
X-Host: grn104.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 346
Keep-Alive: timeout=10, max=52
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   346
Md5:    f36498050bb0eff51033b5d2d90d99c0
Sha1:   64016c21cc8d7f9358d8e5fadef2943f41aaff68
Sha256: 54fe124278c341f7c23b4691449ecf376307ac00b8066473e5384215784e4a0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 03:03:22 GMT
Expires: Wed, 14 Sep 2022 03:56:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zodsvFVEDmRCCAeI-7CBhX0Fhaz0M-tB4CPj8kUS6iOljJW5lG32EQ==
Age: 1414


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4297
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 03:26:56 GMT
Last-Modified: Wed, 14 Sep 2022 02:15:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1CBBA078C3E522B3F74FE0DCD10B18A62DB0BE9642D9E898D49FE1DF6970332D"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Wed, 14 Sep 2022 09:26:24 GMT
Date: Wed, 14 Sep 2022 03:26:56 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fLyVObKB472Taa2twgirQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.91.121
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /Cc+LVjBDJh/t8kMTnMm+U0N16Q=

                                        
                                            GET / HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 14 Sep 2022 03:26:56 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.froshcab.com language=en; expires=Wed, 28-Sep-2022 03:26:56 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"f01e344c1ef41b1c0df15246570c28aa-gzip"
Content-Encoding: gzip
X-Host: blu114.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7071
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text Nim source code, Unicode text, UTF-8 text, with very long lines (3497), with CRLF, LF line terminators
Size:   7071
Md5:    aaa08acda0150d0d0b41ad9818b261f0
Sha1:   03928d9b0c470ea108e305d0231a4d057e13d268
Sha256: da4453072758a68c5d6272ca57f7108e63094d15295ddbb577ded55e503cb45a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css/old/fancybox.css?1576262606 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 30 Aug 2022 19:50:23 GMT
etag: "630e69ff-f47"
expires: Wed, 14 Sep 2022 12:10:00 GMT
cache-control: max-age=1209600
x-host: grn34.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 03:26:56 GMT
age: 1178217
x-served-by: cache-sjc10081-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1663126017.986359,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /js/lang/en/stl.js?buildTime=1576262606& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:12:14 GMT
etag: "6312477e-2c44e"
expires: Tue, 20 Sep 2022 08:21:43 GMT
cache-control: max-age=1209600
x-host: grn13.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 03:26:56 GMT
age: 673514
x-served-by: cache-sjc10036-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663126017.987944,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32802
Md5:    40ee71f2f2de93b9561845efa9a0cbbc
Sha1:   13451e3fb165d1ad524d9863d8344eab4a2fe353
Sha256: 41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 03:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/site/main.js?buildTime=1576262606 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:49:09 GMT
etag: "631a5545-74804"
expires: Tue, 27 Sep 2022 10:31:36 GMT
cache-control: max-age=1209600
x-host: blu90.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 03:26:56 GMT
age: 60920
x-served-by: cache-sjc10070-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663126017.989278,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            GET /css/sites.css?buildTime=1576262606 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Wed, 07 Sep 2022 17:46:38 GMT
etag: W/"6318d8fe-347ac"
expires: Wed, 21 Sep 2022 18:23:24 GMT
cache-control: max-age=1209600
x-host: grn102.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 03:26:56 GMT
age: 551013
x-served-by: cache-sjc10060-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 47
x-timer: S1663126017.992106,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 09:37:50 GMT
expires: Sun, 10 Sep 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 323347
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            GET /files/main_style.css?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu71.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (350)
Size:   2607
Md5:    157a7a05817797eead36ae61b61ac311
Sha1:   63f7c61f13561d9d7946662ad913a3c75e902fa6
Sha256: e5430e5fe77607188d3985db426763cc6866f2110ba40d2f2b5f322d6c447419

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 03:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/templateArtifacts.js?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu134.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (1630)
Size:   1632
Md5:    e0836e8203c22b8e4086f27e91e86f5a
Sha1:   28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
Sha256: 32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6366
Expires: Wed, 14 Sep 2022 05:13:03 GMT
Date: Wed, 14 Sep 2022 03:26:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6366
Expires: Wed, 14 Sep 2022 05:13:03 GMT
Date: Wed, 14 Sep 2022 03:26:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6366
Expires: Wed, 14 Sep 2022 05:13:03 GMT
Date: Wed, 14 Sep 2022 03:26:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6366
Expires: Wed, 14 Sep 2022 05:13:03 GMT
Date: Wed, 14 Sep 2022 03:26:57 GMT
Connection: keep-alive

                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 30 Aug 2022 19:50:08 GMT
etag: "630e69f0-124fe"
expires: Thu, 15 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 03:26:57 GMT
age: 1104497
x-served-by: cache-sjc10034-SJC, cache-bma1632-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 6968
x-timer: S1663126018.716393,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6366
Expires: Wed, 14 Sep 2022 05:13:03 GMT
Date: Wed, 14 Sep 2022 03:26:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95cae812-e46e-458f-8f56-665dd54dc9cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8934
x-amzn-requestid: b943ea93-26b0-4757-bf65-9ac16d020309
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GscoAMFzlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-562ec43d48042f9b3fca0425;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CAPKkRx5_S60HEp4XyYQO5IbrVanbrDVbVzD6By33n-Qeah-YeInFg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:46 GMT
age: 20711
etag: "d15ba6932d3e896730dafac9c65877c9471895a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8934
Md5:    10e3ccb7e0c8fb76c5b1619ca818821a
Sha1:   d15ba6932d3e896730dafac9c65877c9471895a5
Sha256: c2a0f51f71ef5e836d0aa96b453aaeefe96f48699be598f65bedc701096baaad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16980
x-amzn-requestid: 7c555cd5-4a33-452e-82d4-cac3282c0b0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYZfRHYOoAMFtIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320092e-0bbd43cc499db9ed24226439;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 04:38:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m4lRTnfzeQluGV3fqyeSS6yLeU8tcfijOqcqyVdZ2L2pENHfWdrUHg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 09:39:44 GMT
age: 64033
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16980
Md5:    d7be52d818b206e064541ef4f4b0786b
Sha1:   7674123112859fd79ee9214c5308ad6a5e4ed015
Sha256: bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
age: 20443
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15547
Md5:    56811a1a20a467464e1f3da171ef8b14
Sha1:   366b2090d409d694b72b4b4131df46dd65d69c5a
Sha256: 4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e7ebee-3326-460f-b5ca-02aae140968c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6154
x-amzn-requestid: 3341eb6d-9787-470e-aceb-dd722af36716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GVwIAMFSzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4e79b8594d68a9c504e33a25;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0ig7ITAeZj5ypLK25XtmhEQIR_pz-P96ZUgOA0Q4OgwVtAF5pmo4sA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:23:12 GMT
etag: "895f8e58be471d713557a1318b3d050429cfe419"
age: 18225
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6154
Md5:    de3f5f47acb69d9c4fa6721b5283404a
Sha1:   895f8e58be471d713557a1318b3d050429cfe419
Sha256: 396f97609adc2f1cdf7e241f8b164ae89e0d353cc26e48184977a1c684c544cc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2983619f-d6cc-479c-a800-f63653fe82a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5480
x-amzn-requestid: b405f33a-dd58-4857-9491-f88ad4e26dd1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavU9GbdIAMFYBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8ec-747b56005a9e41722b9284f9;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:41:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KWuXKGVvou5cQ_2CBKgzRAqBJyfmHAgc4CofUPSfBllQ-_JQjWHm2Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:04 GMT
age: 19313
etag: "efa4e8f1a2318a72cbd87066f1356eeb00b50a1b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5480
Md5:    26f9137a12e4cd798f873bc1d1696ffe
Sha1:   efa4e8f1a2318a72cbd87066f1356eeb00b50a1b
Sha256: 09aa40cc76ffaf087bcfd5448811260d81c1c042b7d65e0fbf33dd8f44cd52b1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:29:25 GMT
age: 86252
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10138
Md5:    0789404fdbe3613d465d8fa89a63d7b8
Sha1:   0617d2e513097ca415a1d07cd39b1cb64d832ecf
Sha256: 80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
                                        
                                            GET /files/theme/bodybg.jpg?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/jpeg; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:57 GMT
Content-Length: 21871
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2020 13:25:57 GMT
x-rgw-object-type: Normal
ETag: "b176bc4da84218f3d14689d091689e74"
x-amz-request-id: tx0000000000000000595af-006258b75b-4d5d368-las
X-Storage-Bucket: z82a5
X-Storage-Object: 82a5e203b8da3c31a3fabd2ad959d377dca8107ef511a7f7f252aa92682018c1
X-Host: grn129.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4400x200, components 3\012- data
Size:   21871
Md5:    b176bc4da84218f3d14689d091689e74
Sha1:   a76a6e2600ec128a644be846b48f499dab61e76e
Sha256: 82a5e203b8da3c31a3fabd2ad959d377dca8107ef511a7f7f252aa92682018c1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/wrapper.jpg?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/jpeg; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:57 GMT
Content-Length: 52473
Connection: keep-alive
Last-Modified: Sun, 03 Apr 2022 10:34:13 GMT
x-rgw-object-type: Normal
ETag: "1b53126aad048e6d91a0c8f129cc9bf6"
x-amz-request-id: tx000000000000002fd9490-0062857d80-b9fbc20-sfo1
X-Storage-Bucket: z0668
X-Storage-Object: 06684118a43105346a75fa593691510ae99b8364ed93a3ba13e7468651842189
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 960x203, components 3\012- data
Size:   52473
Md5:    1b53126aad048e6d91a0c8f129cc9bf6
Sha1:   60465b7cb54b8125c80f5e32e703d68da6efeec1
Sha256: 06684118a43105346a75fa593691510ae99b8364ed93a3ba13e7468651842189

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/contentbg.png?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 2177
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2020 13:25:58 GMT
x-rgw-object-type: Normal
ETag: "85a0a65f1693a008b874b0d95556959a"
x-amz-request-id: tx00000000000002250509a-0062b76943-b9fbc64-sfo1
X-Storage-Bucket: z53f0
X-Storage-Object: 53f00d99cc70c98b15955bf45448894302e554efa8b402c3a716e3e759a23456
X-Host: grn84.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   2177
Md5:    85a0a65f1693a008b874b0d95556959a
Sha1:   b8788714198b891d1f0a8e6863ceff3921c381d4
Sha256: 53f00d99cc70c98b15955bf45448894302e554efa8b402c3a716e3e759a23456

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 03:26:58 GMT
Last-Modified: Wed, 14 Sep 2022 01:43:10 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BWAKnAsNGSCcx5MMyB2SMlNLDeyTLeLLnN1tkNrdqkpQNxBrlalTbA==
Age: 6229

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 03:26:58 GMT
Last-Modified: Wed, 14 Sep 2022 02:52:15 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -0jHBONHesOX57lqprJYYOn3gQirVVPAQUpbqC_zev0nS7q4HSuk0Q==
Age: 2084

                                        
                                            GET /files/theme/button_small_blue.png?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 4208
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2020 13:25:56 GMT
x-rgw-object-type: Normal
ETag: "bce65ed5292206659f693571a143c2c6"
x-amz-request-id: tx000000000000002eab69f-0061a9264a-a9f41e7-sfo1
X-Storage-Bucket: zb117
X-Storage-Object: b11707d60d978c138eb32b287adc30b671ac5024e149b1df2fbe70e33276c3f6
X-Host: grn70.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 400 x 209, 8-bit/color RGBA, non-interlaced\012- data
Size:   4208
Md5:    bce65ed5292206659f693571a143c2c6
Sha1:   23e3d6e204df2c208540f2dc0ba859627acbfdbc
Sha256: b11707d60d978c138eb32b287adc30b671ac5024e149b1df2fbe70e33276c3f6
                                        
                                            GET /files/theme/banner-left.png?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 143
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2020 13:25:58 GMT
x-rgw-object-type: Normal
ETag: "09cf1322e23636d731fa33319b64c203"
x-amz-request-id: tx000000000000002ebd664-006285705f-b9fbc77-sfo1
X-Storage-Bucket: z6b3d
X-Storage-Object: 6b3da9c5baa991fbb179b9da45e4323158f99b6ea4f2781d52ab2725a5a14852
X-Host: blu25.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   143
Md5:    09cf1322e23636d731fa33319b64c203
Sha1:   e63f1ef28c16062a65607736d30d5de46f5f161e
Sha256: 6b3da9c5baa991fbb179b9da45e4323158f99b6ea4f2781d52ab2725a5a14852
                                        
                                            GET /files/theme/social-black.png?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 6549
Connection: keep-alive
Last-Modified: Sun, 17 May 2020 11:14:47 GMT
x-rgw-object-type: Normal
ETag: "132ad9de3997c9119122ba7194ef33ac"
x-amz-request-id: tx0000000000000027b6290-00628523b5-b9fbc77-sfo1
X-Storage-Bucket: zacda
X-Storage-Object: acdad86410ce4f1b4ae930a841b8bc5b70490e52a6aa5a12478d7b6f41b49619
X-Host: grn84.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 253 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size:   6549
Md5:    132ad9de3997c9119122ba7194ef33ac
Sha1:   1c4eae82241eab21e40d05520378348b0e191088
Sha256: acdad86410ce4f1b4ae930a841b8bc5b70490e52a6aa5a12478d7b6f41b49619

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/submit_bg.png?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 758
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2020 13:25:56 GMT
x-rgw-object-type: Normal
ETag: "5ef43cefa466ca02b543bdf3b7361f16"
x-amz-request-id: tx0000000000000246c03ea-0062fad3f9-c03521c-sfo1
X-Storage-Bucket: z0abe
X-Storage-Object: 0abe451f5718dfe25b3a0cf1ec61b5ac11cb67930a98994657c6560202bdfbcc
X-Host: grn70.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 43 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   758
Md5:    5ef43cefa466ca02b543bdf3b7361f16
Sha1:   6b94e3b255fce90da2d856a21171919c207761f1
Sha256: 0abe451f5718dfe25b3a0cf1ec61b5ac11cb67930a98994657c6560202bdfbcc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/navigationbg.png?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 1008
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2020 13:25:56 GMT
ETag: "2488f0e5a16faa6be3f4a48bc3824ea0"
x-amz-request-id: tx00000000000000b190533-005eab2a57-10e2649-las
X-Storage-Bucket: z8c44
X-Storage-Object: 8c44884b5b52d00efde9cfe84701a8be684ee7c1f83ca7838c211df4600bd64b
X-Host: blu25.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 960 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   1008
Md5:    2488f0e5a16faa6be3f4a48bc3824ea0
Sha1:   0f2b7cef0d204462ccb2f1d860131277e7bd0ae3
Sha256: 8c44884b5b52d00efde9cfe84701a8be684ee7c1f83ca7838c211df4600bd64b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/input-bg.png?1576438525 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/files/main_style.css?1576438525
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 539
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2020 13:25:55 GMT
x-rgw-object-type: Normal
ETag: "d091a079ccdff583a92c435edb322ee5"
x-amz-request-id: tx00000000000000313b0a0-00628594a9-b9fbc77-sfo1
X-Storage-Bucket: zddcd
X-Storage-Object: ddcd6ce47079bc41a519fb75e62d0c43e0380f5ff1e62d093c8efedbc825c20a
X-Host: grn127.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 186 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   539
Md5:    d091a079ccdff583a92c435edb322ee5
Sha1:   e9778d7e54e22961093a0e86a482bf7509a4bee8
Sha256: ddcd6ce47079bc41a519fb75e62d0c43e0380f5ff1e62d093c8efedbc825c20a
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.froshcab.com/
Origin: https://www.froshcab.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         44.235.202.207
HTTP/2 200 OK
                                        
date: Wed, 14 Sep 2022 03:26:58 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.froshcab.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 03:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.200
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 14 Sep 2022 02:17:11 GMT
expires: Wed, 14 Sep 2022 04:17:11 GMT
cache-control: public, max-age=7200
age: 4187
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1786
Origin: https://www.froshcab.com
Connection: keep-alive
Referer: https://www.froshcab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.235.202.207
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Wed, 14 Sep 2022 03:26:58 GMT
content-length: 2
server: nginx
set-cookie: sp=0be3fd2c-2a8a-411d-a457-ee10a51eef62; Expires=Thu, 14 Sep 2023 03:26:58 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.froshcab.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 14 Sep 2022 03:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Cookie: is_mobile=0; language=en; _snow_ses.7567=*; _snow_id.7567=8b31805e-a4b3-432f-985d-781591badc99.1663126004.1.1663126004.1663126004.25d37d31-1452-4d3f-935a-d0d39d5d915d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 6518
Connection: keep-alive
Last-Modified: Sun, 22 Mar 2020 10:42:15 GMT
x-rgw-object-type: Normal
ETag: "9c3d4ce8fedb71a64e6d939519d1c5cf"
x-amz-request-id: tx00000000000002533408b-0062fc37fd-c033918-sfo1
X-Storage-Bucket: z26e1
X-Storage-Object: 26e147dd56c82174d2c8f69fb85b9c8539168cae5966339defb2943de1a2b87a
X-Host: blu134.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Size:   6518
Md5:    9c3d4ce8fedb71a64e6d939519d1c5cf
Sha1:   46ac07d5cddf3158fdc1ba4ae51868c6e3523d42
Sha256: 26e147dd56c82174d2c8f69fb85b9c8539168cae5966339defb2943de1a2b87a
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.froshcab.com
Connection: keep-alive
Referer: https://www.froshcab.com/
Cookie: is_mobile=0; language=en; _snow_ses.7567=*; _snow_id.7567=8b31805e-a4b3-432f-985d-781591badc99.1663126004.1.1663126004.1663126004.25d37d31-1452-4d3f-935a-d0d39d5d915d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Wed, 14 Sep 2022 03:26:58 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu105.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /uploads/1/2/8/8/12885318/published/screen-shot-2019-12-15-at-2-17-31-pm_1.png?1576437515 HTTP/1.1 
Host: www.froshcab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.froshcab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.79
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 14 Sep 2022 03:26:58 GMT
Content-Length: 103851
Connection: keep-alive
Last-Modified: Sun, 15 Dec 2019 19:18:35 GMT
x-rgw-object-type: Normal
ETag: "f4da7914742ac4be2d0f93020c7f0736"
x-amz-request-id: tx0000000000000000f1639-0063214a02-c699baa-sfo1
X-Storage-Bucket: z2941
X-Storage-Object: 29416b5f9522ec246e713969e65a47e3557e8345d90629c303458f973e3b0ac0
X-Host: grn129.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  PNG image data, 466 x 288, 8-bit/color RGBA, non-interlaced\012- data
Size:   103851
Md5:    f4da7914742ac4be2d0f93020c7f0736
Sha1:   a10085c747627b37d7d26d198ab91257e8da64b2
Sha256: 29416b5f9522ec246e713969e65a47e3557e8345d90629c303458f973e3b0ac0

Alerts:
  Blocklists:
    - fortinet: Phishing