embravewise.com/
308 Permanent Redirect 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://embravewise.com/
Server: Caddy
Date: Fri, 09 Dec 2022 04:31:14 GMT
Content-Length: 0
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5419
Expires: Fri, 09 Dec 2022 06:01:33 GMT
Date: Fri, 09 Dec 2022 04:31:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3065
Expires: Fri, 09 Dec 2022 05:22:19 GMT
Date: Fri, 09 Dec 2022 04:31:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
content-type: application/json
age: 1377
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2630
Expires: Fri, 09 Dec 2022 05:15:04 GMT
Date: Fri, 09 Dec 2022 04:31:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bo+ZCOLnYTqR+nXA99EvwsujI9k2NJ3TWPc+VTV6pUMsh46WNYnU3tEJ+XIFqrFV9ZuLvQ1XjAA=
x-amz-request-id: F9PA67H3V4XKGRFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:50:06 GMT
age: 2468
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:31:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:59 GMT
age: 1396
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5930
Cache-Control: max-age=108867
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:15 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:45:42 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yjJLWeTvOlwnLp/kkS+Fmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l8JuIfN/RcfedIoISapc4+8M2hE=
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash e50111fcabe72c46f8a41dce3f16c6af
d1403a9a12fecb65e5aee63fbd9783dd76494426
0cd1e18101f6374d6d8ebd7fd40f75bbe3279c3094775e204ad5a90f159817d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0CD1E18101F6374D6D8EBD7FD40F75BBE3279C3094775E204AD5A90F159817D3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10402
Expires: Fri, 09 Dec 2022 07:24:38 GMT
Date: Fri, 09 Dec 2022 04:31:16 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash ade5df0554c6ffd08f0413e4c19ec359
61459d057c2df93614504d1aadfe7565698206e1
da41c7e037f8b645c4d73b538877cae3393b23e4a0ba2c5e2ea5b739d78dbc69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4459
Cache-Control: max-age=108510
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:16 GMT
Etag: "6391ad87-116"
Expires: Sat, 10 Dec 2022 10:39:46 GMT
Last-Modified: Thu, 08 Dec 2022 09:25:27 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 471 B IP
Hash 6b8313f9e33695225653527e2d423cd7
f93d3c7e748b85edc6f0209e73813f13e5bf2070
9fbcb6376f48faf9fab6fada8876197456bb8c5c1c0b5c34b25dcfe323e18354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3405
Cache-Control: max-age=164695
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:16 GMT
Etag: "63928d1e-1d7"
Expires: Sun, 11 Dec 2022 02:16:11 GMT
Last-Modified: Fri, 09 Dec 2022 01:19:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 278 B IP
Hash ade5df0554c6ffd08f0413e4c19ec359
61459d057c2df93614504d1aadfe7565698206e1
da41c7e037f8b645c4d73b538877cae3393b23e4a0ba2c5e2ea5b739d78dbc69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1569
Cache-Control: max-age=105620
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:16 GMT
Etag: "6391ad87-116"
Expires: Sat, 10 Dec 2022 09:51:36 GMT
Last-Modified: Thu, 08 Dec 2022 09:25:27 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 278
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 120a74d03db1ba90095a89005c9faed1
61bdf9bb9c33c06cdc5259e5574335d9f72ae210
002df4f2ac5ca4324b6cb51eba8ccf245f7b3c9fd1ab774c17228a4446896067
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:31:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 13 Dec 2022 02:22:32 GMT
ETag: "61bdf9bb9c33c06cdc5259e5574335d9f72ae210"
Last-Modified: Fri, 09 Dec 2022 02:22:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1427
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b02a079741c06-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 120a74d03db1ba90095a89005c9faed1
61bdf9bb9c33c06cdc5259e5574335d9f72ae210
002df4f2ac5ca4324b6cb51eba8ccf245f7b3c9fd1ab774c17228a4446896067
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:31:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 13 Dec 2022 02:22:32 GMT
ETag: "61bdf9bb9c33c06cdc5259e5574335d9f72ae210"
Last-Modified: Fri, 09 Dec 2022 02:22:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1427
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b02a07b7db4fa-OSL
cdn.hotishop.com/assets/2021/10/c975c77827a97928141b1918493155db.png
200 OK 6.7 kB URL HTTP/2 cdn.hotishop.com/assets/2021/10/c975c77827a97928141b1918493155db.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 796f79f17bd016dff819ea804968f70e
557d9ad30266a6a9caa117826bd79d6597f99d63
58ae95c1396f2a0d719361ad26d15208721f591646d7d0e51a932251c7f5d2f4
GET /assets/2021/10/c975c77827a97928141b1918493155db.png HTTP/1.1
Host: cdn.hotishop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:16 GMT
content-type: image/webp
content-length: 6698
cf-ray: 776b029f1cdf0afa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfKoWMra8ndFPzo3GHiqsjhg:3e18b7861e0523dd23f9d7926deeb6c8"
last-modified: Mon, 25 Oct 2021 02:27:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=39 c=11 v=2022.9.2 l=6698
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/09/c15636da33a47281ed1784080b020ab2e53ebd6d76503fdb9d8b254909877533.png
200 OK 7.3 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/c15636da33a47281ed1784080b020ab2e53ebd6d76503fdb9d8b254909877533.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe1b54f84260b545806a4decdbb1890e
e6f87ebbeacb600d93266fd807f20168900af666
604e5c205d29872e0b15c7a4a2833416ada8907927f9d39366380bd1f5e21852
GET /image/2022/09/c15636da33a47281ed1784080b020ab2e53ebd6d76503fdb9d8b254909877533.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:16 GMT
content-type: image/webp
content-length: 7274
cf-ray: 776b029f3b00b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfLLwbOnBkhcDISU6LCTxRtTH-JdRV_HsQesDqGFoaDQ:a45168f20ae73cc593bb0571f2863746"
last-modified: Tue, 13 Sep 2022 10:10:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/r q=0 n=66 c=0+12 v=2022.12.0 l=7274
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.embravewise.com/
200 OK 89 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (63276)
Hash 1f92bdfa80eb86229d0b08074941c5b2
5d0c31b650d5821415e7bfd238dabc9188760377
f2edcd1e63922411c46511f4efe84c929ad596fe5b57aabab130d3a12dd3d60b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 04:31:15 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0%3D; expires=Sat, 10-Dec-2022 00:31:15 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6Ijd2YktkanBnSjNnZWlRWDlaZUJIY1E9PSIsInZhbHVlIjoiZE8zVFlzV3pcL0cranJqa3hHa1JzM3ZtR0VVVkdXXC9hd1JEMTdLRjFZYk5uNjNGYkNoOCtNVGhEZE5ab3lRMlNtdlZpQWhtdXArK2xmbk5YTzk2bVN4aVhlS3lyVWg4YnlYYkNcLzJtZ0lUVkhtSUthbE5YNm4yYmc0MSt5RzVYTEgiLCJtYWMiOiIwOGM3ZjA2NTM1YWM3NDRkODlhZjkwNWRhMWJhNGRlZGFjMjlmODIyZmEwYWIxZGI5Zjg0YTc0YWY5Mzk3MjE3In0%3D; expires=Sat, 10-Dec-2022 00:31:15 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:31:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:31:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:31:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 14257
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 1348
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 43348
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ed82780732ed682ee46b2df52b3ca2
0b3fe77e142178561b28c93b94b1aea2e1c395a5
383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6_KiAcPwtB6XJyanlunX6qvT9jdlEgMPMdGHM10HmJwQ2Ue_pDsCXg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 57223
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb7655c8fe89a83f0096c51684aa21c
4946fcab2a99d926c45abaecf8f97b6214dee0cd
60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: a1b14c0b-ceb5-4a3e-9dec-2503a0841bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPMEQJoAMF6uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2d-1aec46bb5d73f0c47c824174;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rft2LEct9jDCAiIawPp0pGAg7S-bDRqXWxzM4H28FFqN2bS6TYwV7A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:55 GMT
age: 23481
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:12:28 GMT
age: 47928
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
us-east-conversion-assistant-apps.oss-us-east-1.aliyuncs.com/index.js
200 OK 83 kB URL HTTP/1.1 us-east-conversion-assistant-apps.oss-us-east-1.aliyuncs.com/index.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34716)
Hash 697e17034da4a410fa09159a734b02dc
2dc3afda623aca90cca1d16e877708d7139a9ef2
7b44f51fddd66c7b3851bb53f97e9d0ae28739463f64704a4d8071862af5ffc5
GET /index.js HTTP/1.1
Host: us-east-conversion-assistant-apps.oss-us-east-1.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 09 Dec 2022 04:31:16 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-oss-request-id: 6392BA1431724B3630557B87
Last-Modified: Thu, 08 Dec 2022 07:08:27 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8442859034395005804
x-oss-storage-class: Standard
Content-MD5: kQAaUZMxWD/+rGj1H9gL2A==
x-oss-server-time: 1
Content-Encoding: gzip
cdn.cloudfastin.top/image/2022/09/91ca7b15bf5736e57c7bdfc223be05e52624559e2130ec4dcfb01907ecaeacf9-180x121.png
200 OK 6.0 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/91ca7b15bf5736e57c7bdfc223be05e52624559e2130ec4dcfb01907ecaeacf9-180x121.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 180x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78d07dda41323a0db56933d3d18253a0
ec840c07755939d83b009f7c2fb9a3b4122671ea
a60b47ec0e2ef2c00e8c2c58242124439bf76037a00411617b1c78d34c961fa6
GET /image/2022/09/91ca7b15bf5736e57c7bdfc223be05e52624559e2130ec4dcfb01907ecaeacf9-180x121.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:17 GMT
content-type: image/webp
content-length: 5966
cf-ray: 776b029f2afcb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfPYvMS3O7zXDS7rK-FE8Rj8IwQbVSpEbDeQ8Y5Hn2DQ:6e76fd59d3172bd997b8d68041de4f9c"
last-modified: Wed, 14 Sep 2022 10:14:02 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=197 c=16+18 v=2022.12.0 l=5966
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.paypal.com/sdk/js?client-id=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&commit=false¤cy=USD&disable-funding=bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&components=buttons,funding-eligibility,messages
200 OK 129 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&commit=false¤cy=USD&disable-funding=bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&components=buttons,funding-eligibility,messages
IP
File type Unicode text, UTF-8 text, with very long lines (65471)
Size 129 kB (129097 bytes)
Hash e29699dc9e2561a95da4e5cf839b7c37
e9fb68ef5f10afdf37ba0e0c437fc506a978c461
06b55a7b7763701d9df874005b1412c8711240da067ea6c4ac5ffd9fdf51e167
GET /sdk/js?client-id=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&commit=false¤cy=USD&disable-funding=bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&components=buttons,funding-eligibility,messages HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-y3Pw9NNGtbZ/8T1jbMCCeChjxo4nijrfDt1W7MO6/rbTTQVG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-y3Pw9NNGtbZ/8T1jbMCCeChjxo4nijrfDt1W7MO6/rbTTQVG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
date: Fri, 09 Dec 2022 04:31:16 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1f849-6fto718Qr983ug4MQ3/FBql4xGE"
p3p: true
paypal-debug-id: 0209a3453a714
server: ECAcc (lhd/3597)
server-timing: traceparent;desc="00-00000000000000000000209a3453a714-6bdc694a633e7b2b-01", content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=450
set-cookie: tsrce=clientsdknodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:16 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:16 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254676%26vteXpYrS%3D1670562076%26vr%3Df526dfe61840a2d082429b2affc2cbd3%26vt%3Df526dfe61840a2d082429b2affc2cbd2%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:16 GMT; HttpOnly; Secure
ts_c=vr%3Df526dfe61840a2d082429b2affc2cbd3%26vt%3Df526dfe61840a2d082429b2affc2cbd2; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:16 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000209a3453a714-9c746248926748cb-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 129097
X-Firefox-Spdy: h2
www.paypal.com/tagmanager/pptm.js?id=www.embravewise.com&t=xo&v=5.0.343&source=payments_sdk&client_id=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&comp=buttons,funding-eligibility,messages&vault=false
200 OK 4.8 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=www.embravewise.com&t=xo&v=5.0.343&source=payments_sdk&client_id=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&comp=buttons,funding-eligibility,messages&vault=false
IP
File type ASCII text, with very long lines (13590)
Hash 0f9ee9a184d26df52e8d9346646bc16e
dfce6362111f425ff6db03d0e9a9d4c7c3c7c275
29ed467834975ee6aa68097dc8bf1f0731344310c92d2cb5a88f1f66bab11d08
GET /tagmanager/pptm.js?id=www.embravewise.com&t=xo&v=5.0.343&source=payments_sdk&client_id=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&comp=buttons,funding-eligibility,messages&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 62460
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JB4h8Q2VsDGQDEL/qfJ7B/IuPsX/otHM17at+D3gp9nCdW2N' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
date: Fri, 09 Dec 2022 04:31:17 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3541-Sc3NbFCiQliilncCHmCh2GGpWbU"
last-modified: Thu, 08 Dec 2022 11:10:18 GMT
paypal-debug-id: 0263549885bb7
server: ECAcc (lhd/35F9)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=36
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000263549885bb7-5417b1fecd81817a-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 4753
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/muse.js
200 OK 16 kB URL HTTP/2 www.paypalobjects.com/muse/muse.js
IP
File type ASCII text, with very long lines (55891)
Hash 6aebbe482c72000aea20895991f70478
eff1d3370786f9ee4ea539776bc43ab9bece89ba
2acb950bc7678b9e6c265194821fac386bf555db582ee8c0e2d9e68ff3eaa862
GET /muse/muse.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Fri, 09 Dec 2022 04:31:17 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-da91"
expires: Fri, 09 Dec 2022 05:31:17 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 4ed231c19b8ee
server: ECAcc (ska/F6AB)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000004ed231c19b8ee-2c1dbb544885a4c0-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 16464
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/analytics/index.html
200 OK 17 kB URL HTTP/2 www.paypalobjects.com/muse/analytics/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55410)
Hash 56fc10c2e8100a7e4418dc987c23d7a5
5c11880437f36368f82da60522bfcb0d57b395cf
326df6156907ef357f13bf48a5a3798dd4e692345d04fb4edad8370058d1198a
GET /muse/analytics/index.html HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: text/html
date: Fri, 09 Dec 2022 04:31:17 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Fri, 09 Dec 2022 05:31:17 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 514eaaea2ba33
server: ECAcc (ska/F764)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000514eaaea2ba33-87b7eae83cde363e-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 16791
X-Firefox-Spdy: h2
static.wshopon.com/js/element-ui/2.13.0/theme-chalk/index.css
200 OK 37 kB URL HTTP/2 static.wshopon.com/js/element-ui/2.13.0/theme-chalk/index.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d7077c7517f10f17234675f1b8c432d
159847a179cbfb1db1f054f3b2884f4b7f3a5a9b
05cbbeb44df4a587c02a89cb258d6d9debfe2695f1222471728b161e13dc7ebc
GET /js/element-ui/2.13.0/theme-chalk/index.css HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Fri, 09 Dec 2022 04:31:17 GMT
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
etag: W/"d28b24857449b697847be95be3d3701d"
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pN7IRnZWOXQXLP4tVGvQKCqjYD6hbqU1H9PtfPQyVSOf-afa_SBVrA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d8948342e8ecdf04f489882c7d820d17
2623c88cca0965a65121d2e22ddef9c20fc728d4
ba787078f0e5ab280c245dee59ceb157617f6fd1447617d66e81c2a4a32113d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA787078F0E5AB280C245DEE59CEB157617F6FD1447617D66E81C2A4A32113D1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16374
Expires: Fri, 09 Dec 2022 09:04:11 GMT
Date: Fri, 09 Dec 2022 04:31:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 67f3ce15ef5d182c65991111638934c3
0365813fa19d0f8c021df7738e51091c5db7e165
4455b00bc4dd5bed283ab59241d9acd8903e3c65498c93b8062cf1514b94569d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4455B00BC4DD5BED283AB59241D9ACD8903E3C65498C93B8062CF1514B94569D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10507
Expires: Fri, 09 Dec 2022 07:26:24 GMT
Date: Fri, 09 Dec 2022 04:31:17 GMT
Connection: keep-alive
conversion-assistant.apps.seabroadnet.com/api/conversion/global/setting?shop=www.embravewise.com
200 OK 613 B URL HTTP/2 conversion-assistant.apps.seabroadnet.com/api/conversion/global/setting?shop=www.embravewise.com
IP
ASN #45102 Alibaba US Technology Co., Ltd.
Hash e0b84159d54900c1d1373e95e34557c3
24b4f214b993f119ce748326a7ac77ef07f3fa0c
dcb8f6e817817656f0b3e7ac4a92d36f74b204c727957d5257be2b59a7c9c325
GET /api/conversion/global/setting?shop=www.embravewise.com HTTP/1.1
Host: conversion-assistant.apps.seabroadnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.embravewise.com/
Origin: https://www.embravewise.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 09 Dec 2022 04:31:17 GMT
x-powered-by: PHP/8.1.1
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
x-request-id: 58d3dd89-1e36-4cec-992b-0f6fedc0b5d0
X-Firefox-Spdy: h2
o467009.ingest.sentry.io/api/6247921/envelope/?sentry_key=8cd10bc007dc4facaae097f3cdfc5e49&sentry_version=7
200 OK 2 B URL HTTP/2 o467009.ingest.sentry.io/api/6247921/envelope/?sentry_key=8cd10bc007dc4facaae097f3cdfc5e49&sentry_version=7
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/6247921/envelope/?sentry_key=8cd10bc007dc4facaae097f3cdfc5e49&sentry_version=7 HTTP/1.1
Host: o467009.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.embravewise.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.embravewise.com
Content-Length: 402
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:31:17 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://www.embravewise.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.wshopon.com/static/v1.33.33-h.6/store/vogue/css/fonts.433031.css
200 OK 78 kB URL HTTP/2 static.wshopon.com/static/v1.33.33-h.6/store/vogue/css/fonts.433031.css
IP
Hash b846f135c7b1de04bbec5208a4a1ad40
41373ef118d5067fdcaf6cf56db035bb476079b8
89110be5b7869a0c1709ea080469fc5a1bcdc60c0e41e046b7540c14c3ef46a6
GET /static/v1.33.33-h.6/store/vogue/css/fonts.433031.css HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Fri, 09 Dec 2022 04:31:17 GMT
last-modified: Mon, 05 Dec 2022 10:45:51 GMT
etag: W/"11436ef7c5bb46fbdb786f9d58b337a8"
cache-control: max-age=31536000, public
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AqDgBWfx3iazUiWuLZhRch6Woy_U4wNIsQ7qRnDtFmOwtWZAE15pMQ==
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1&page=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&es=visitorInfoFlowStarted&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1670560276916&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F
200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1&page=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&es=visitorInfoFlowStarted&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1670560276916&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1&page=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&es=visitorInfoFlowStarted&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1670560276916&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Fri, 09 Dec 2022 04:31:17 GMT
expires: Fri, 09 Dec 2022 04:31:17 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 67c4068f589c9
pragma: no-cache
server: ECAcc (lhd/35BC)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=175
set-cookie: ts=vreXpYrS%3D1765254677%26vteXpYrS%3D1670562077%26vr%3Df526e5561840a8a3a7a1f394ffffffff%26vt%3Df526e5561840a8a3a7a1f394fffffffe; Expires=Tue, 09 Dec 2025 04:31:17 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3Df526e5561840a8a3a7a1f394ffffffff%26vt%3Df526e5561840a8a3a7a1f394fffffffe; Expires=Tue, 09 Dec 2025 04:31:17 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000067c4068f589c9-a608fa1c08892c55-01
content-length: 42
X-Firefox-Spdy: h2
upselling.apps.seabroadnet.com/api/shop
200 OK 103 B URL HTTP/2 upselling.apps.seabroadnet.com/api/shop
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type JSON data\012- , ASCII text, with no line terminators
Hash 3bd5498b6948a970d8e734135b90a174
599618ec4ef6fae7a620716a89992a1039f26f72
f93baeb7eb2d3692414b5a75168a15d26a91ba4da96e2860c4877c154f3653c8
POST /api/shop HTTP/1.1
Host: upselling.apps.seabroadnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.embravewise.com/
Content-Type: multipart/form-data; boundary=---------------------------137503085720113954602960091943
Origin: https://www.embravewise.com
Content-Length: 192
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:17 GMT
content-type: application/json
x-powered-by: PHP/8.0.11
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A96JADHW6XKAUY-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A96JADHW6XKAUY-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&fltp=analytics&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1670560276611&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F
200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A96JADHW6XKAUY-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A96JADHW6XKAUY-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&fltp=analytics&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1670560276611&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A96JADHW6XKAUY-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A96JADHW6XKAUY-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&fltp=analytics&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1670560276611&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Fri, 09 Dec 2022 04:31:18 GMT
expires: Fri, 09 Dec 2022 04:31:18 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: eb1ef53ee344b
pragma: no-cache
server: ECAcc (lhd/358E)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=592
set-cookie: ts=vreXpYrS%3D1765254678%26vteXpYrS%3D1670562078%26vr%3Df526e61e1840aa5941e69b94ffffffff%26vt%3Df526e61e1840aa5941e69b94fffffffe; Expires=Tue, 09 Dec 2025 04:31:18 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3Df526e61e1840aa5941e69b94ffffffff%26vt%3Df526e61e1840aa5941e69b94fffffffe; Expires=Tue, 09 Dec 2025 04:31:18 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000eb1ef53ee344b-978c7399d42345ec-01
content-length: 42
X-Firefox-Spdy: h2
www.paypal.com/targeting/graphql
200 OK 307 B URL HTTP/2 www.paypal.com/targeting/graphql
IP
File type JSON data\012- , ASCII text, with very long lines (445)
Hash 1bae5e3f254cb50976885711cedf9759
74514a53d2b2642bbda6a937bbe00d220ee276a0
04bc8a2c37ba7762f7f620c965f9b5c9aa6dd38df067c01e20df275c04f6d5ed
POST /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypalobjects.com/
Content-Type: application/json
Origin: https://www.paypalobjects.com
Content-Length: 319
Connection: keep-alive
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-nxW1UU2oX1wAIDrT+dFZCR1eaKIHEPcTu2KGjJuV/uFlFHXr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 04:31:18 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1be-Mw5IFXdm3Dv+aN/kIJ/BS1TlLKk"
paypal-debug-id: 04a27aa798965
server: ECAcc (lhd/35E3)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=373
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Dec 2022 13:17:14 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 09 Dec 2023 04:31:18 GMT; Secure
x-pp-s=eyJ0IjoiMTY3MDU2MDI3ODI1NyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=targetingnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:18 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3Aztc80cnxP--kxQtB5-oWbFltMdl99okH.b7%2BDodIGLgeT2aLxM6exA217%2FSDVDKZ06WXaVsvmUPU; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:18 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254678%26vteXpYrS%3D1670562078%26vr%3Df526e63c1840ad0090d314fffbf95f59%26vt%3Df526e63c1840ad0090d314fffbf95f58%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:18 GMT; HttpOnly; Secure
ts_c=vr%3Df526e63c1840ad0090d314fffbf95f59%26vt%3Df526e63c1840ad0090d314fffbf95f58; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:18 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000004a27aa798965-36593405027dd8d4-01
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 307
X-Firefox-Spdy: h2
d3ud6u98s3z9ew.cloudfront.net/fonts-ttf/Mulish-Bold.woff2
200 OK 39 kB URL HTTP/2 d3ud6u98s3z9ew.cloudfront.net/fonts-ttf/Mulish-Bold.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 39432, version 1.0\012- data
Hash 505b4c017cc39a44334524c9326d5b43
4137fa5f60bfe69526546a2e5a57ca0ba77f4f2e
a4e0da1517685a404b9a87f3cb2ae92128bb54bd4aaa2c66be1e8d180a46731b
GET /fonts-ttf/Mulish-Bold.woff2 HTTP/1.1
Host: d3ud6u98s3z9ew.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.embravewise.com
Connection: keep-alive
Referer: https://static.wshopon.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 39432
date: Fri, 09 Dec 2022 04:31:19 GMT
access-control-allow-origin: *
access-control-allow-methods: PUT, POST, DELETE, GET
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
access-control-max-age: 3000
last-modified: Tue, 28 Dec 2021 05:58:19 GMT
etag: "505b4c017cc39a44334524c9326d5b43"
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EZuR_L70ZiGYAGRrFGypiZY2ZF0-NqzWBsfzVJjthJDkdT_jJvKScw==
cache-control: max-age=31536000
X-Firefox-Spdy: h2
d3ud6u98s3z9ew.cloudfront.net/fonts-ttf/Mulish-Regular.woff2
200 OK 40 kB URL HTTP/2 d3ud6u98s3z9ew.cloudfront.net/fonts-ttf/Mulish-Regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 39456, version 1.0\012- data
Hash 28547c4921422a1a6d77de9a45c5cd87
08f6e26774e80a50842fa517cbf75a1cc833562b
826df5d3bdf243dbbe9d554e60c04de26ae2eed4eda21d0ac0addeef47a09d7e
GET /fonts-ttf/Mulish-Regular.woff2 HTTP/1.1
Host: d3ud6u98s3z9ew.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.embravewise.com
Connection: keep-alive
Referer: https://static.wshopon.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 39456
date: Fri, 09 Dec 2022 04:31:19 GMT
access-control-allow-origin: *
access-control-allow-methods: PUT, POST, DELETE, GET
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
access-control-max-age: 3000
last-modified: Tue, 28 Dec 2021 05:58:46 GMT
etag: "28547c4921422a1a6d77de9a45c5cd87"
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 13BDiY_cviw74oKsUD1Xh_Auxw34xLVSXC49goXVSdDoJ1zRK0E0Hw==
cache-control: max-age=31536000
X-Firefox-Spdy: h2
d3ud6u98s3z9ew.cloudfront.net/fonts-ttf/v1/Muli.woff2
200 OK 35 kB URL HTTP/2 d3ud6u98s3z9ew.cloudfront.net/fonts-ttf/v1/Muli.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 34864, version 1.0\012- data
Hash 0c521373f8a378c0036fcd33d833d047
2fb629fbf0b8e5b7875c3889f00fa2ed8067bac9
3b14e2a7eb86c2b888f03d81b55ca4d016d4a357a4ea047cbea2c412d7cb5f88
GET /fonts-ttf/v1/Muli.woff2 HTTP/1.1
Host: d3ud6u98s3z9ew.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.embravewise.com
Connection: keep-alive
Referer: https://static.wshopon.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 34864
date: Fri, 09 Dec 2022 04:31:19 GMT
access-control-allow-origin: *
access-control-allow-methods: PUT, POST, DELETE, GET
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
access-control-max-age: 3000
last-modified: Tue, 28 Dec 2021 06:31:04 GMT
etag: "0c521373f8a378c0036fcd33d833d047"
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s7dgudwlKM6GIPAlvFMy08R4GEHhltyTYbOpwqPeB_wx1uOgm0qNgQ==
cache-control: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4103
Cache-Control: max-age=133331
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:18 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:33:29 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: qcRDp1RRy1u2b/CdjMAQpyuZV7PVIQNCgtTfnDIpFbme6HlkCPXY1TfIyIneVl0cwfHAA9ZuODasO0lEonC8LQ==
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 04:31:18 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4103
Cache-Control: max-age=133331
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:18 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:33:29 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
cdn.cloudfastin.top/image/2022/06/1740243c02efdaa1d6ebf40d17bc1c79453e9567b64a94f60cb530124a01d005-50.jpeg
200 OK 1.3 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/1740243c02efdaa1d6ebf40d17bc1c79453e9567b64a94f60cb530124a01d005-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7c9fcc0ac995b0d5fecf913fa7b28a6d
16ffeb44e0dc065d242727e78a5a56121a71a177
5924e53b7c1b0fac3f84f045309646664c6cd51f932e3aed1e3c9223800c348b
GET /image/2022/06/1740243c02efdaa1d6ebf40d17bc1c79453e9567b64a94f60cb530124a01d005-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:18 GMT
content-type: image/webp
content-length: 1308
cf-ray: 776b02ac8878b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfjQdDl2urxW4q2XTqA8p59F9qOQWGUuv3ZhIxTp0bDQ:46b261924ca53650abfdb284ed017345"
last-modified: Tue, 21 Jun 2022 13:44:39 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/r q=0 n=30 c=6+1 v=2022.12.0 l=1308
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f7d259abcaef8132ac998f330bdb9308
015267b4b37c73560c696ec1dd703459d8f68fe0
b812f2071f4fe41caf5bf1da7ac96b7f9f64aecc65e7be17b70ff48dea275e60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127440
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:18 GMT
Etag: "639208e6-118"
Expires: Sat, 10 Dec 2022 15:55:18 GMT
Last-Modified: Thu, 08 Dec 2022 15:55:18 GMT
Server: nginx
Content-Length: 280
cdn.wshopon.com/assets/2021/10/57a510d13c5fa6959456076e35f7cacf.png
200 OK 2.4 kB URL HTTP/2 cdn.wshopon.com/assets/2021/10/57a510d13c5fa6959456076e35f7cacf.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash 1e22dbcd9bb471bff14577f05cfb40a1
b2da0045bc1c5dc8f4934aec8e0e4233ee14ccfd
b4ecb2b1a26c27472bafc9030b5d50bfd8ef755db8d5614d71ea536caa358b28
GET /assets/2021/10/57a510d13c5fa6959456076e35f7cacf.png HTTP/1.1
Host: cdn.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:18 GMT
content-type: image/png
content-length: 2358
cf-ray: 776b02ad9da8b506-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfZs5t8J9L8E5WUhd9GtM1IibjJdRV_HsQesDqGFoaBQ:1e22dbcd9bb471bff14577f05cfb40a1"
last-modified: Tue, 19 Oct 2021 09:35:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=52 c=0+4 v=2022.11.4 l=2358
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 870B smaller"
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/24168f7fad9688331678b6daf32f35123720174943cb877efb8381ffcfd7d9ee-50.jpeg
200 OK 706 B URL HTTP/2 cdn.cloudfastin.top/image/2022/06/24168f7fad9688331678b6daf32f35123720174943cb877efb8381ffcfd7d9ee-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fb5eb240ee68a1a3374e5a4b6d8e80c8
4f012df16542131cd82e926370b17ab00ef5f73c
dc9bc4d4d66e3d65a0877f2199fe99c32676da1eb11fd3f5f7bbf94642ea6afe
GET /image/2022/06/24168f7fad9688331678b6daf32f35123720174943cb877efb8381ffcfd7d9ee-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:18 GMT
content-type: image/webp
content-length: 706
cf-ray: 776b02ace8a2b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfrNM3dWfJjZ-Vdw13GhjUoVIoOQWGUuv3ZhIxTp0bDQ:9752a47a27973f8cec77331a203f34d4"
last-modified: Tue, 21 Jun 2022 13:52:30 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=47 c=2+2 v=2022.12.0 l=706
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/744363473324539b7c4af40840dd35d3733dfd7005116046baa4f52ca329ba8f-50.jpeg
200 OK 936 B URL HTTP/2 cdn.cloudfastin.top/image/2022/06/744363473324539b7c4af40840dd35d3733dfd7005116046baa4f52ca329ba8f-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77186e5011053b072edc71536c46a856
6444a214ded4e0dcbe819a2c104b5321b1063a4b
882977842e697a650dff3dfbc0c0a619677a76fc1e9fc0f24930453ea4d295d2
GET /image/2022/06/744363473324539b7c4af40840dd35d3733dfd7005116046baa4f52ca329ba8f-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:18 GMT
content-type: image/webp
content-length: 936
cf-ray: 776b02ad08adb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cflCfHp7z7A5d4BP2t-Kh42j-9OQWGUuv3ZhIxTp0bDQ:7dc5a3046a37450eb649f61ce0079486"
last-modified: Tue, 21 Jun 2022 13:55:00 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=107 c=7+1 v=2022.12.0 l=936
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/9c67a4776121068f642b23d02275a0172795d8fd0c07c156ecc74116590c4204-50.jpeg
200 OK 1.9 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/9c67a4776121068f642b23d02275a0172795d8fd0c07c156ecc74116590c4204-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7ab5f4afc10c08890fc720f99fa8fb9d
57a84177297728a3dc949c598b606e5b52f9af50
0d728cc7216fa369a1e1ea44360dc8633b593b2cf87c113aef12878aaa18f0e3
GET /image/2022/06/9c67a4776121068f642b23d02275a0172795d8fd0c07c156ecc74116590c4204-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:18 GMT
content-type: image/webp
content-length: 1868
cf-ray: 776b02ad78f1b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfhpEQiYM5_UYFJ4cjfJ27cOp2OQWGUuv3ZhIxTp0bDQ:26b94ce09f2b4efde20180a553234b11"
last-modified: Thu, 23 Jun 2022 06:52:50 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=77 c=8+2 v=2022.12.0 l=1868
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/3f3c62187bf9a5e3502eecbbc608686dbced2837a58acff647d8e03d2aee88bc-50.jpeg
200 OK 1.4 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/3f3c62187bf9a5e3502eecbbc608686dbced2837a58acff647d8e03d2aee88bc-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4eada167e83d052e7b830e7e8570ce9
3ae98e5f681aa05835c9f398c4d11e6fc05abee5
95a3a75928065710e2d4f2965f7af8475b84d6a5ba13bac67299c90cd126e57a
GET /image/2022/06/3f3c62187bf9a5e3502eecbbc608686dbced2837a58acff647d8e03d2aee88bc-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:18 GMT
content-type: image/webp
content-length: 1416
cf-ray: 776b02adc926b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cf5fqIrksmdQ1T5IqIhiMwF5VrOQWGUuv3ZhIxTp0bDQ:2278e4515c718af12cefadb2cab408ac"
last-modified: Tue, 28 Jun 2022 08:01:45 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=167 c=5+2 v=2022.12.0 l=1416
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/19e74f8ea908c0575d5c10d2cd1653591ee491146706ccd039d652b5923c4f56-50.jpeg
200 OK 1.3 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/19e74f8ea908c0575d5c10d2cd1653591ee491146706ccd039d652b5923c4f56-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5245ab15b242c7c606cf6710d5031df3
c539ef10d8fe04f80744181e437c23f5f1368456
603f1c9360349de11b149a418fc58c099d8578dbb167aa158cc9935c7d019f64
GET /image/2022/06/19e74f8ea908c0575d5c10d2cd1653591ee491146706ccd039d652b5923c4f56-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1294
cf-ray: 776b02ac786fb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfDHBW2Kbi0OeJM3ntNOONR8TXOQWGUuv3ZhIxTp0bDQ:f063479a16aaf832f2c30b8710996d93"
last-modified: Tue, 21 Jun 2022 13:44:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=60 c=2+2 v=2022.12.0 l=1294
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
static.wshopon.com/js/element-ui/2.13.0/index.js
200 OK 145 kB URL HTTP/2 static.wshopon.com/js/element-ui/2.13.0/index.js
IP
Size 145 kB (144907 bytes)
Hash 0c0f3e2f7a4752f13a2c5a834a451bdc
6e1c7f7e8e10cbdad9818fcad1e5464860ea79b4
3e89ef571d7aa89820756a9f0de0c3b9eb1a8b8050c7ec01a30ec5c15bff56ca
GET /js/element-ui/2.13.0/index.js HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 09 Dec 2022 04:31:17 GMT
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
etag: W/"aad8e2ee90fb795b70705b06c69a8367"
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2Vr2mfpGWrsnqL6CeWllUhFtuBqbf9v63y-pPuuo-5gMfSN4jSNhtw==
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/c01f2978d202126bb46a50cd970922b1d881161e2a83dedbc60f1099d7d746b2-50.jpeg
200 OK 1.1 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/c01f2978d202126bb46a50cd970922b1d881161e2a83dedbc60f1099d7d746b2-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50d4d9ac07bcae446a931d385be30ff4
4f1d5f0c5fe7a0a75941e1e52ad7f25b35105d4e
7964664161c4eaed3838ce94612daa4f43d7ca98fe09a4ade6e81c98b6c6b6b6
GET /image/2022/06/c01f2978d202126bb46a50cd970922b1d881161e2a83dedbc60f1099d7d746b2-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1072
cf-ray: 776b02ac9880b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfQ7AzBj9DzozQMpsMMm6B1YKcOQWGUuv3ZhIxTp0bDQ:6c1fbba8f3c7b79fd9f3c77835fbdabf"
last-modified: Tue, 21 Jun 2022 13:44:46 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=55 c=2+1 v=2022.12.0 l=1072
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
static.wshopon.com/js/vue/2.6.14/vue.min.js
200 OK 35 kB URL HTTP/2 static.wshopon.com/js/vue/2.6.14/vue.min.js
IP
Hash 2b72f22e2a7cdde33a1b706e68e1a31b
4d1b3e4479d26d66a0800a9591581dc34bbe0961
bcd1b6114bd4136829e0e6a4a0603b3c7651b7820c80c13a215782cdb4be5b72
GET /js/vue/2.6.14/vue.min.js HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 09 Dec 2022 04:31:17 GMT
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
etag: W/"0a9a4681294d8c5f476687eea6e74842"
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _gO1t-WhUHxhiaPkYhbB67lMvpOF4lQoh8MfVyjAmGTfGQ2mtNxatg==
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/f0446aadc909460247f06dc0a86e8e16c16ab9b7a87aae388dd5f5514d47d87d-50.jpeg
200 OK 670 B URL HTTP/2 cdn.cloudfastin.top/image/2022/06/f0446aadc909460247f06dc0a86e8e16c16ab9b7a87aae388dd5f5514d47d87d-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7577c7be930e9ccd14a5ac4bf4ac7a18
33885ae70342846a24cb2f2ebe66153e509f58d1
de736e141acb15e26906f20a4e0460f954b0ba899d3d7a9be905726933c6f33d
GET /image/2022/06/f0446aadc909460247f06dc0a86e8e16c16ab9b7a87aae388dd5f5514d47d87d-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 670
cf-ray: 776b02ad38c7b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cf4r0ulJhUEl8fhg7kd_UfFEu9OQWGUuv3ZhIxTp0bDQ:d740bb90af811b3802d6b96ce84dfe5e"
last-modified: Tue, 21 Jun 2022 13:47:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/r q=0 n=29 c=4+1 v=2022.12.0 l=670
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/c119df9b25c4b4874457a9dbe41c300e6283a08fbb1cd42163c6fbaf7e66c62f-50.jpeg
200 OK 926 B URL HTTP/2 cdn.cloudfastin.top/image/2022/06/c119df9b25c4b4874457a9dbe41c300e6283a08fbb1cd42163c6fbaf7e66c62f-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x62, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 891ecbf4ec42d1bdcbb242baf565270c
52a7c00959d6433e261383c6442a4f77c24affe5
06a2777df4d0610e79c6250bfa33e455e4257f52993b025ef45bc5e952a129df
GET /image/2022/06/c119df9b25c4b4874457a9dbe41c300e6283a08fbb1cd42163c6fbaf7e66c62f-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 926
cf-ray: 776b02ad18b7b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cf_zbBrPMU6buE8QvKVRmmkjX9OQWGUuv3ZhIxTp0bDQ:f07ab544bd5adb2b33cb2a50e629db83"
last-modified: Tue, 21 Jun 2022 13:58:26 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=70 c=6+2 v=2022.12.0 l=926
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/4b1ce5bdb2f9f81ce2a9500a0c8160d0fd2783a92e7b5393edd9d6ee88c70f82-50.jpeg
200 OK 1.4 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/4b1ce5bdb2f9f81ce2a9500a0c8160d0fd2783a92e7b5393edd9d6ee88c70f82-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 730adef5924a8017fd594165173198c8
8072af5871bbd6ee87fe477db5f319758cb0d13d
a426afa76a82b7ef056538934bdd82d78678348b62ccbecec51e3660cec6b328
GET /image/2022/06/4b1ce5bdb2f9f81ce2a9500a0c8160d0fd2783a92e7b5393edd9d6ee88c70f82-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1376
cf-ray: 776b02acb887b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfjaBUWAF-gRCMezUnwuPDJWiLOQWGUuv3ZhIxTp0bDQ:73a6368cda2fa13f4a3c5abf42dba616"
last-modified: Tue, 21 Jun 2022 13:44:49 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=142 c=12+1 v=2022.12.0 l=1376
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
static.wshopon.com/js/bootstrap/4.6.1/js/bootstrap.min.js
200 OK 16 kB URL HTTP/2 static.wshopon.com/js/bootstrap/4.6.1/js/bootstrap.min.js
IP
Hash 15b61c2137e075fba36d3b873d2e852d
72ff2d96f3e00c25721f2122baccc69680e66ab0
b97ba70b46aa67c3d297f77d9f0252b973c44944212b73154f5ecbd4cbef7ad6
GET /js/bootstrap/4.6.1/js/bootstrap.min.js HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 23:44:45 GMT
etag: W/"55d39b6bff845a12b1f838acb73c444c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rij4mv0ZWF5dK4NP43HBJq51zVp1ljZXvA5JbJpOVdK5NGeEzmogzw==
age: 17192
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/b0d33f6cc9b078ccf4c168e3153b79ebd80802cceafca376ab00134a74f5d748-50.jpeg
200 OK 1.8 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/b0d33f6cc9b078ccf4c168e3153b79ebd80802cceafca376ab00134a74f5d748-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x58, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5834a06329472dc9a0aeef45ff4374e
44796930fd9343b58753dd38adadaa9ba37be6b5
034f18ab8d288de4b600adfe1a4c6a36545f1a3142df15c8ff859fd5451c09e2
GET /image/2022/06/b0d33f6cc9b078ccf4c168e3153b79ebd80802cceafca376ab00134a74f5d748-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1780
cf-ray: 776b02ad68dbb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfuyWRtvs5m0sonijCN1hriRq8OQWGUuv3ZhIxTp0bDQ:edb305364e01ce29e3ad66ce66a78e3f"
last-modified: Tue, 21 Jun 2022 13:44:31 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=81 c=10+1 v=2022.12.0 l=1780
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/67dc0a50235e672c2c143d96399f832852a81376d3b060945e9c0a40a0727506-50.jpeg
200 OK 1.0 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/67dc0a50235e672c2c143d96399f832852a81376d3b060945e9c0a40a0727506-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 960b7760fafef993504527d018701519
a64ee33960aff44fcc9dfeaa378f0dedf9577b23
8406c4c63b1ab38d95ce5ff0497b0f4aa74a9e6b03e79d4b49b9c574ea383e51
GET /image/2022/06/67dc0a50235e672c2c143d96399f832852a81376d3b060945e9c0a40a0727506-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1030
cf-ray: 776b02ad48ccb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cf59c5s7j7mDt3rE4qWaSPnt0_OQWGUuv3ZhIxTp0bDQ:81906bb040022811a2e9eef639d07eee"
last-modified: Tue, 21 Jun 2022 13:44:17 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=122 c=6+2 v=2022.12.0 l=1030
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/a27020b80ff733c12be0b565d4278350d7912cb8e56b02b457313e5a38c0a6b5-50.jpeg
200 OK 1.5 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/a27020b80ff733c12be0b565d4278350d7912cb8e56b02b457313e5a38c0a6b5-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x49, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a7d1d048f7914ecb6b3e4abe34c8604c
f2114a64d6e7a13925ff438470bd9d3c7b6d7834
47c43edf8bd6b2db855152ee30d0f9d08d86b45c9af657830aedf189b05002fc
GET /image/2022/06/a27020b80ff733c12be0b565d4278350d7912cb8e56b02b457313e5a38c0a6b5-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1542
cf-ray: 776b02ad78eab4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cf5KpKCLay850GZU-SO9EaZodBOQWGUuv3ZhIxTp0bDQ:b86294537599cfe115bc2d7113b0ac1b"
last-modified: Tue, 21 Jun 2022 13:44:34 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=109 c=7+2 v=2022.12.0 l=1542
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/07/077e29cfeb87af94444858d7338c018634b9508ed604411a73e40959285ee49f-50.jpeg
200 OK 444 B URL HTTP/2 cdn.cloudfastin.top/image/2022/07/077e29cfeb87af94444858d7338c018634b9508ed604411a73e40959285ee49f-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash caff43a3e3326f6f1068645a8a7c6a74
5c37cb0abf1129fbc38fb530acb4ecab7101af0d
4ba7abc54d5a44f4900cd3842ab08fcbbf78554a720e9b7613c9b0958dc00095
GET /image/2022/07/077e29cfeb87af94444858d7338c018634b9508ed604411a73e40959285ee49f-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 444
cf-ray: 776b02ae0946b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfhl1Y4NY_I5r-OKc0w6G8MFp6OQWGUuv3ZhIxTp0bDQ:f77c567ff319b4fbec8e4151e3dc5427"
last-modified: Mon, 04 Jul 2022 08:04:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=48 c=7+1 v=2022.12.0 l=444
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/72cb25effbd37cec45b22a37f49e95728e91cc1c8eb612054cbd52268276bbaf-50.jpeg
200 OK 1.2 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/72cb25effbd37cec45b22a37f49e95728e91cc1c8eb612054cbd52268276bbaf-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x66, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d706a6798068e869518a0fa0a936603
d36ee4b4d8f4fc6a4cc439b77aa9e36689627749
fe4c23d28f3ac017621d7accdcdca2cbc6da0581190772992e9502dd9d9bf0aa
GET /image/2022/06/72cb25effbd37cec45b22a37f49e95728e91cc1c8eb612054cbd52268276bbaf-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1218
cf-ray: 776b02adb90fb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfOr2w3MWfjxRKdysAE7iS6M73OQWGUuv3ZhIxTp0bDQ:e808eb2ae0a0949b037d4a322c91a04e"
last-modified: Sat, 25 Jun 2022 00:01:09 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=92 c=13+2 v=2022.12.0 l=1218
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/962d0effad84443604723c40ddf1da49f2dd51e373a88544402ea37da137d6d1-50.jpeg
200 OK 860 B URL HTTP/2 cdn.cloudfastin.top/image/2022/06/962d0effad84443604723c40ddf1da49f2dd51e373a88544402ea37da137d6d1-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x37, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2f89d6a7d396e280f1971f1d7072b92
8646e9ed2c28bbe6bcc1be5dfa5d83855adb1a0c
1774008c6ad54f87f3d6bf1a9912f7eb5117e9e37df11c00e07011b1dca0efa8
GET /image/2022/06/962d0effad84443604723c40ddf1da49f2dd51e373a88544402ea37da137d6d1-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 860
cf-ray: 776b02ade931b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfwgOHMhb8Gka5SpqEs1WpyrwzOQWGUuv3ZhIxTp0bDQ:aadab698ba8c4b07116e282fbfc0e6c3"
last-modified: Tue, 28 Jun 2022 08:01:37 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=90 c=5+1 v=2022.12.0 l=860
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/07/abf9ac1e7cc43b6501da1a8214a8b8c22a6177e02ec6bb0b78d7c0389160f26a-50.jpeg
200 OK 1.4 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/07/abf9ac1e7cc43b6501da1a8214a8b8c22a6177e02ec6bb0b78d7c0389160f26a-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b536d70ef360993ab519648e4ca8cfd
e5393961d4251f1f9f19b341a140de7b5dd8e196
f3fc7786221da117e9997589c4457634841d7d4d130096480852c2f052303496
GET /image/2022/07/abf9ac1e7cc43b6501da1a8214a8b8c22a6177e02ec6bb0b78d7c0389160f26a-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1390
cf-ray: 776b02adf939b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfnzQz6yWmQC5G3odgtqQ_km9sOQWGUuv3ZhIxTp0bDQ:26159ec262b800e4a5941d42ccac1805"
last-modified: Fri, 01 Jul 2022 11:46:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=105 c=10+1 v=2022.12.0 l=1390
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/331395bd1bc60f159d6eefddd7989b5f75b5fea8c7bd9ba0be01fb30e5687f0d-50.jpeg
200 OK 1.4 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/331395bd1bc60f159d6eefddd7989b5f75b5fea8c7bd9ba0be01fb30e5687f0d-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a95ebc80cbdb65cecf326e6b9d9b0a94
46a1e83cd8b93ddbd7d2476948bc6d1d96055108
c63dde8f1e3fd41078dcae29e9c67ccf9e6f5b50acedea073291a6fb77d6fce0
GET /image/2022/06/331395bd1bc60f159d6eefddd7989b5f75b5fea8c7bd9ba0be01fb30e5687f0d-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1424
cf-ray: 776b02add92ab4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfEjEdTb6mfxNaOLpf2UTKX8y_OQWGUuv3ZhIxTp0bDQ:04fee45e490106e469c532573286d846"
last-modified: Tue, 28 Jun 2022 08:01:33 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=130 c=9+1 v=2022.12.0 l=1424
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/08/01e5adf79f908c51b7db6830d275c05bf690107844f2520e5bda593bc6cbdcad-50.jpeg
200 OK 678 B URL HTTP/2 cdn.cloudfastin.top/image/2022/08/01e5adf79f908c51b7db6830d275c05bf690107844f2520e5bda593bc6cbdcad-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x51, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6fbb5eed8169b14e02252ac351c9bf4c
9b8420000522ae882e63404b3b7cad92d3f5b011
0cef5ce7b8b18a6f53f188245fa501d618747aeb991210a46986d986f23b77dc
GET /image/2022/08/01e5adf79f908c51b7db6830d275c05bf690107844f2520e5bda593bc6cbdcad-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 678
cf-ray: 776b02ad28c5b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfDXHfDQmJWAKNOyIK-O75shTkOQWGUuv3ZhIxTp0bDQ:15e78ab4040db51b3319a4ebcb6479da"
last-modified: Fri, 26 Aug 2022 01:55:35 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=247 c=5+2 v=2022.12.0 l=678
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/07/5d6e95cf169708486e1cfe5624827545d23ce61df7b9b9bcdca363974a83f1c9-50.jpeg
200 OK 1.3 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/07/5d6e95cf169708486e1cfe5624827545d23ce61df7b9b9bcdca363974a83f1c9-50.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b2d071999de72f03857bc799b6f1b0c
cd2e48855241018c5ff5594da9f03908fb66f7ab
3aa3c41419bdff09f2d24f3bf9476caad2d972735c99cbe111fec799f3c16aa7
GET /image/2022/07/5d6e95cf169708486e1cfe5624827545d23ce61df7b9b9bcdca363974a83f1c9-50.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 1338
cf-ray: 776b02adf93eb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfDSYOrsEMPufYHCWTmqJyhm3dOQWGUuv3ZhIxTp0bDQ:005bc30ed6f488eb0b232fd7f1b5bf08"
last-modified: Mon, 04 Jul 2022 08:04:33 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=134 c=8+1 v=2022.12.0 l=1338
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
200 OK 592 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP
File type gzip compressed data\012- data
Hash da8a492bc3c2ceec0787cc15e525c9f9
6e9cd509a3006256957ff82d56997ab45c24b6aa
406a820d338a8076d9f5eba7dd75506c9922a49f416415ded4c52aa8a90a7232
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.embravewise.com/
Origin: https://www.embravewise.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.embravewise.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 09 Dec 2022 04:31:19 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 0252983157188
server: ECAcc (lhd/3585)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=247
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Dec 2022 13:17:15 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 09 Dec 2023 04:31:19 GMT; Secure
x-pp-s=eyJ0IjoiMTY3MDU2MDI3OTIyOSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:19 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:19 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254679%26vteXpYrS%3D1670562079%26vr%3Df526ea971840a1d61a2415a1fbaa07d4%26vt%3Df526ea971840a1d61a2415a1fbaa07d3%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:19 GMT; HttpOnly; Secure
ts_c=vr%3Df526ea971840a1d61a2415a1fbaa07d4%26vt%3Df526ea971840a1d61a2415a1fbaa07d3; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:19 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000252983157188-068dfb565490e19f-01
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/09/91ca7b15bf5736e57c7bdfc223be05e52624559e2130ec4dcfb01907ecaeacf9-1300.png
200 OK 134 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/91ca7b15bf5736e57c7bdfc223be05e52624559e2130ec4dcfb01907ecaeacf9-1300.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1123x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 134 kB (134446 bytes)
Hash cf3238398e113747434e432aa24a96ca
a61ef9317e2800f035780f1d5e6830f48a860d85
b693e538df73feee32f1679484806f4d76e54f735b44ae9ea9fa8477a954d6b2
GET /image/2022/09/91ca7b15bf5736e57c7bdfc223be05e52624559e2130ec4dcfb01907ecaeacf9-1300.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:19 GMT
content-type: image/webp
content-length: 134446
cf-ray: 776b02b11a6ab4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfPYvMS3O7zXDS7rK-FE8Rj8IwBGjnEvK9me9TrkEkDQ:6e76fd59d3172bd997b8d68041de4f9c"
last-modified: Wed, 14 Sep 2022 10:14:02 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=69 c=14+115 v=2022.12.0 l=134446
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1&page=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&es=visitorInfo&cust=X38ABTE9YRRL4&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&unsc=0&identifier_used=DFP&e=im&t=1670560278283&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F
200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1&page=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&es=visitorInfo&cust=X38ABTE9YRRL4&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&unsc=0&identifier_used=DFP&e=im&t=1670560278283&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1&page=muse%3Aoffer%3A%3A%3A96JADHW6XKAUY-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=66379785-af54-4b42-9efe-f379ace35109&es=visitorInfo&cust=X38ABTE9YRRL4&mrid=96JADHW6XKAUY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=embravewise&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&unsc=0&identifier_used=DFP&e=im&t=1670560278283&g=0&completeurl=https%3A%2F%2Fwww.embravewise.com%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Fri, 09 Dec 2022 04:31:19 GMT
expires: Fri, 09 Dec 2022 04:31:19 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 215206a3e77e8
pragma: no-cache
server: ECAcc (lhd/35D8)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=669
set-cookie: ts=vreXpYrS%3D1765254679%26vteXpYrS%3D1670562079%26vr%3Df526ec951840a56c25255fbfffffffff%26vt%3Df526ec951840a56c25255fbffffffffe; Expires=Tue, 09 Dec 2025 04:31:19 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3Df526ec951840a56c25255fbfffffffff%26vt%3Df526ec951840a56c25255fbffffffffe; Expires=Tue, 09 Dec 2025 04:31:19 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000215206a3e77e8-5bd291bb81c16c6f-01
content-length: 42
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/09/8771b7674955a0246196398350e9ec6d4f9bc07633456c1ff4ac8d44d42f72b2-500.png
200 OK 21 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/8771b7674955a0246196398350e9ec6d4f9bc07633456c1ff4ac8d44d42f72b2-500.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8226d2c7cec4d2716a7b94d2af0ee054
43f391fdf508ce51c434f7c2b4d6a3bf110ec6d5
49fb09e601c2edbe5457b031141c6f90d1439664e67c16dd5c88ff27e39e8297
GET /image/2022/09/8771b7674955a0246196398350e9ec6d4f9bc07633456c1ff4ac8d44d42f72b2-500.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:20 GMT
content-type: image/webp
content-length: 20800
cf-ray: 776b02b4abd5b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfYllXyNuTPMiXDJq_g4M4d9TfrWj-KnYkQiF0MtQADQ:b67c79ea59847660fb3c1e8b3df1268f"
last-modified: Wed, 14 Sep 2022 11:27:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=149 c=16+55 v=2022.12.0 l=20800
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
200 OK 20 kB IP
File type C source, ASCII text, with very long lines (59550), with no line terminators
Hash ee87898c84a8b6278922167a5d397194
69b748d7deb800466f1846c3fc00728d21cc9be9
3b12125d3bb6b4d6f7ff059c3a9b5e7e122529c621284372c9d080cce2ded246
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
dc: ccg11-origin-www-1.paypal.com
etag: W/"636d6099-e89e"
last-modified: Thu, 10 Nov 2022 20:35:37 GMT
paypal-debug-id: 5b35a8889f4d
server: ECAcc (nya/7974)
traceparent: 00-000000000000000000005b35a8889f4d-2a06849f8ac290c4-01
x-content-type-options: nosniff
accept-ranges: bytes
date: Fri, 09 Dec 2022 04:31:20 GMT
via: 1.1 varnish
age: 545151
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 98674
x-timer: S1670560280.207027,VS0,VE1
vary: Accept-Encoding
expires: Sat, 10 Dec 2022 04:31:20 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 20248
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
304 Not Modified 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Thu, 10 Nov 2022 20:35:37 GMT
If-None-Match: W/"636d6099-e89e"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 09 Dec 2022 04:31:20 GMT
via: 1.1 varnish
etag: W/"636d6099-e89e"
age: 545151
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 98675
x-timer: S1670560280.219052,VS0,VE1
vary: Accept-Encoding
expires: Sat, 10 Dec 2022 04:31:20 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/06/1740243c02efdaa1d6ebf40d17bc1c79453e9567b64a94f60cb530124a01d005-100.jpeg
200 OK 3.4 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/1740243c02efdaa1d6ebf40d17bc1c79453e9567b64a94f60cb530124a01d005-100.jpeg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 83d2a5b8e65969d9dee8c8fac71a6bc7
1f71aaa92336e6dd6c499a3cf4aef2409043d0ad
773027a342ff7e71296b1ab1bb806bb2e538c4b949702dc53f6850458a633624
GET /image/2022/06/1740243c02efdaa1d6ebf40d17bc1c79453e9567b64a94f60cb530124a01d005-100.jpeg HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:20 GMT
content-type: image/webp
content-length: 3368
cf-ray: 776b02b49bc7b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfjQdDl2urxW4q2XTqA8p59F9qf3Q-22UukrmHzIgBDQ:46b261924ca53650abfdb284ed017345"
last-modified: Tue, 21 Jun 2022 13:44:39 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=3 c=6+4 v=2022.12.0 l=3368
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a14d9bae640024e0718229f4f12045f1
c808ec1d19d59b1519a791e2ec3fd8a629b988c2
21d86a70ee340259194c6d1f9cb238df9ce87e05d23920d64e5564c988b621f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165554
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:31:20 GMT
Etag: "63929dca-1d7"
Expires: Sun, 11 Dec 2022 02:30:34 GMT
Last-Modified: Fri, 09 Dec 2022 02:30:34 GMT
Server: nginx
Content-Length: 471
cdn.cloudfastin.top/image/2022/06/0af704581718f422ca9006fb4fde9cf5efd07743d48e51665398ba7d02892f61-50.gif
200 OK 36 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/06/0af704581718f422ca9006fb4fde9cf5efd07743d48e51665398ba7d02892f61-50.gif
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6f0106e5f74992c0dc29e9680b320dd5
189df9bf0f6e026d4ff811381ed90c626f7dd193
bfdc869f1dc09376f064ad59002fc0a3d4ebfb9f60192fa0074e5a35d078e9ab
GET /image/2022/06/0af704581718f422ca9006fb4fde9cf5efd07743d48e51665398ba7d02892f61-50.gif HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:20 GMT
content-type: image/webp
content-length: 36410
cf-ray: 776b02ad58d1b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfPKxS9FBM7hMj7VhNfZhLtQCcOQWGUuv3ZhIxTp0bDQ:95ffdaaf862a0aebd83fbf43f20737f9"
last-modified: Tue, 21 Jun 2022 13:44:24 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:85,h2pri
cf-resized: internal=ok/m q=0 n=183 c=195+906 v=2022.12.0 l=36410
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
b.stats.paypal.com/v2/counter.cgi?p=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS
302 Found 0 B URL HTTP/1.1 b.stats.paypal.com/v2/counter.cgi?p=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/counter.cgi?p=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS
Content-Length: 0
Set-Cookie: c=743c86c1e274a85e2ac9; Domain=stats.paypal.com; expires=Thu, 04 Dec 2042 04:31:20 GMT; Path=/
Content-Type: application/octet-stream
Date: Fri, 09 Dec 2022 04:31:20 GMT
www.embravewise.com/api/statistics/track
201 Created 22 kB URL HTTP/2 www.embravewise.com/api/statistics/track
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fb77e523a958cc75f7537db3729e578c
4ed600194d8a95e27553e8dc87efe82cfd34e945
e98004081d12758a03c6bf96cdd018b996cf99041e63741a127ae0a159e25053
Analyzer Verdict Alert fortinet Malware
POST /api/statistics/track HTTP/1.1
Host: www.embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-LANG: en-US
X-XSRF-TOKEN: eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0=
Content-Length: 374
Origin: https://www.embravewise.com
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: XSRF-TOKEN=eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0%3D; xtuselsaqe76_session=eyJpdiI6Ijd2YktkanBnSjNnZWlRWDlaZUJIY1E9PSIsInZhbHVlIjoiZE8zVFlzV3pcL0cranJqa3hHa1JzM3ZtR0VVVkdXXC9hd1JEMTdLRjFZYk5uNjNGYkNoOCtNVGhEZE5ab3lRMlNtdlZpQWhtdXArK2xmbk5YTzk2bVN4aVhlS3lyVWg4YnlYYkNcLzJtZ0lUVkhtSUthbE5YNm4yYmc0MSt5RzVYTEgiLCJtYWMiOiIwOGM3ZjA2NTM1YWM3NDRkODlhZjkwNWRhMWJhNGRlZGFjMjlmODIyZmEwYWIxZGI5Zjg0YTc0YWY5Mzk3MjE3In0%3D; session_uuid=f84356447a1f4a01898f046e8c48669agrrW21RZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 04:31:19 GMT
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
set-cookie: XSRF-TOKEN=eyJpdiI6ImZ6MVBFTUIrUGdmZWJqQ1FCSVN4alE9PSIsInZhbHVlIjoiMlFvMWgyeFdtMitZTVwvM3ZmNTNMaVArWGFOekV0N0g2bEZRWFpHanN0ckw4a05mUldpcVJiV2R6MjZXNVo1TmZOdStrUU56d3drbTJmQVVtTllWTlZBc1J5aFpcL2tqdHd6N0pmU2VNd29kWWdBRE1GYWplMnBwa0dwVDJIWHJGTCIsIm1hYyI6ImY3MzFiNWQ5NTIwZDZmODg0MmI1ZThlOWI3ODhjN2NmMjAwZGVmMTI4MTQ0MmNhNzY4YzA1NDE3MDUzNDA1NDEifQ%3D%3D; expires=Sat, 10-Dec-2022 00:31:19 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6ImduNWN5Vkk3ajFTdnVPWERzVlZoQ0E9PSIsInZhbHVlIjoiYW1YOWpwSEpDMXZaK1lHOHJVVjIwXC9YRlwvQTdMNjNMQ2E0eEd3QVQ2WEhKMzFmKzVrYUw2TkJwT3hWR2ZVOFBSTlg2TE1TZVFjcG5wRGlxNmJcL05PS0dibnk2aHFOSmlveTdVT3NCZ2dibXBURGRtTWpOXC9taXFxOTJPMmYzeGlmIiwibWFjIjoiZGM0NzczMjM5ZDMzOTdiMGMxMWVmNzdhNGRlNmQxZjMyMTg4OWI5NzBjOTAyYjhhNjdjMjdmMzBkMjMwNGE0NyJ9; expires=Sat, 10-Dec-2022 00:31:19 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/09/915107dd1d1fdc1ac32c2234fa85c45f9cf37050ac00dbaf98f00434c2ef24cc-400.png
200 OK 10 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/915107dd1d1fdc1ac32c2234fa85c45f9cf37050ac00dbaf98f00434c2ef24cc-400.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f7cd7dc4500ac5272390862a4305fd86
b9f678046b94110bd22bb5055eeeeced29c3f43c
7f198b3845cad1014a78f35c2c70d2d85457cf7a9f52ebdce7e73551c7e0ab90
GET /image/2022/09/915107dd1d1fdc1ac32c2234fa85c45f9cf37050ac00dbaf98f00434c2ef24cc-400.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:20 GMT
content-type: image/webp
content-length: 10470
cf-ray: 776b02b4abd7b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfkOk80JjUuXPYIOOnKp4XKZH8xyJ6nv9rvBsRgLgsDQ:d30bb3847a898cb79474b1b9fdac4734"
last-modified: Wed, 14 Sep 2022 11:29:12 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=156 c=6+32 v=2022.12.0 l=10470
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.embravewise.com/api/store/ip
200 OK 24 kB URL HTTP/2 www.embravewise.com/api/store/ip
IP
Hash 6d4abf1a2a2d78662ea8bf3218af4210
e253e500536fd6e88c6bf85136854e2940d119d6
f533a3488016f24e8c7cc42b61430287ba4098b55f83734db534fe7aecdfac3b
Analyzer Verdict Alert fortinet Malware
GET /api/store/ip HTTP/1.1
Host: www.embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LANG: en-US
X-XSRF-TOKEN: eyJpdiI6ImNaS0VXU1pqTFdvTjh3NHVNeEwwXC9RPT0iLCJ2YWx1ZSI6ImxPUHc3WFQwaGRwU2Y0MXZ0RHdDRlZaVVU2ODRCN2pMWDNmZVJockpCVVFITDNoanNYajdSeVZ2cDZUSFZzWkpMMnJGTE1EN0Z4Njkzd1BuVkwxRzFjSzRhSHVrUjVnZXpMTzBaamdwYmFDZFdcL1k2MlwvYWVTM002eHBpTTBCT20iLCJtYWMiOiJiZjg4Njk1ZmZjZTFhMmZmNzg2MjRkMTk1YWMwYTVjNzJkZDE3NTg4NzI0Njc3N2I1Mjg5OGNkMGI3ZjQyMDgzIn0=
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImNaS0VXU1pqTFdvTjh3NHVNeEwwXC9RPT0iLCJ2YWx1ZSI6ImxPUHc3WFQwaGRwU2Y0MXZ0RHdDRlZaVVU2ODRCN2pMWDNmZVJockpCVVFITDNoanNYajdSeVZ2cDZUSFZzWkpMMnJGTE1EN0Z4Njkzd1BuVkwxRzFjSzRhSHVrUjVnZXpMTzBaamdwYmFDZFdcL1k2MlwvYWVTM002eHBpTTBCT20iLCJtYWMiOiJiZjg4Njk1ZmZjZTFhMmZmNzg2MjRkMTk1YWMwYTVjNzJkZDE3NTg4NzI0Njc3N2I1Mjg5OGNkMGI3ZjQyMDgzIn0%3D; xtuselsaqe76_session=eyJpdiI6InlvZnNLYWt4bjl5MEI5UG16NTk3V3c9PSIsInZhbHVlIjoiaTF0QnRaR1dzV2preU0xVVhaZmx3d0tuRjJLWENveEtweStxNzF1VzRGRDJoNXFJZEJKdTlncFJXb2Ezc0ZyYzFKNERBN0c1cWNWTG9DZHo2emxcL0I3UXBxNnVyN0hUdFlnTzhRbGljRW1veHBERjR3ZENKQTdaeWF1bFhVWlwvOCIsIm1hYyI6ImQyODIyZjljMThkYzVjZGIzMDVkODNmNzVmMzg1N2EzYTA3NGU4MjRiZTUxNWFlYjViZmY5OTA4NGI2YjJjNjMifQ%3D%3D; session_uuid=f84356447a1f4a01898f046e8c48669agrrW21RZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
content-type: application/json
date: Fri, 09 Dec 2022 04:31:19 GMT
etag: "9f029f2ca5bf803561c95a39150498089578ecae"
set-cookie: XSRF-TOKEN=eyJpdiI6ImNvQ3NuVGZETmswblNuc1F3UFZ4QUE9PSIsInZhbHVlIjoiaUxKb3JUV3hReHR5Wm83THppMFV3SHlQWHpETXM2OE9BUXVFd3hCWnEyZDBZVzVUWVhqb1hsaHVWZzBTMEl4ejhcL0Z5OEZESytlcmJ0cWV3V2dmc1pcL2szODh4b2J1aXdHMHJxaG14eUFpTnV4NWpaR3VXZEJcL0c4b2RBQUZHZWIiLCJtYWMiOiJlNDhjZmI4NzNjY2M3OGM4OGZjMWI3ZTg0ZGM0MzQ0Yjk1N2M3Yjg2YjA0YWIxMDk4NDhlMWYwMDBkOTFmNTdmIn0%3D; expires=Sat, 10-Dec-2022 00:31:19 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6IlpqXC9JYlwvVHozNjJaalZHdndMbCtJUT09IiwidmFsdWUiOiJRUDM2ZzdUazR3M1RiWWNaWk1cL0pEQWExYlV3T1ZKXC9wTFBGbnVBTGJRM2tSN09Ec0hLdk1hMkhsYkp3bTFiZjd0S2lvczNkSDc0M2dMXC9yQzhmb1VGcUZxN3haRW5XYXlYZDdCMnNTTER3Y3RWczFVUzB0V2NSNFVCXC8ydVBVcWsiLCJtYWMiOiI4ZjZlNGQwNGFjNDNjMDg5MzYwOWFhNjc3NDE0ZjRjYmZmNjVhMzA3MzgxOTQ5YTk1NmYwYzQ0NzVkN2NhYTkzIn0%3D; expires=Sat, 10-Dec-2022 00:31:19 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
200 OK 149 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3e7bf609e5fb0ff1f33d97fb3816e286
eca827e429a89cbe927689c26e9ef73734e00a0e
cfe079d6fe9faae81a78f62296ecc7a4cb12a28fa99f1bed6ea4c6d8ea194df3
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=smartcomponentnodeweb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
correlation-id: 8b3deff99f14d
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 8b3deff99f14d
traceparent: 00-00000000000000000008b3deff99f14d-a36c615e0a5d25ad-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Fri, 09 Dec 2022 04:31:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220043-HHN, cache-bma1635-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1670560280.243223,VS0,VE175
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
200 OK 613 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP
File type JSON data\012- , ASCII text, with very long lines (1022), with no line terminators
Hash d88eeafec063dc7ee8f12c98aa6a8c9c
32bd0741a5d14231a0f82e3d4bd97fa4d240210c
2aa5f4e32b589f2127b55532979c745909599b8c73e64ad9b13bbc131eddf95b
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 8327
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_dc43d5b514_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 04:31:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3fe-2FryFE2JV+DOT5PRXEs0xc0t0Yo"
paypal-debug-id: 0b501186a8097
server: ECAcc (lhd/35D3)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=212
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 09 Dec 2023 04:31:20 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Dec 2022 13:17:16 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:19 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3MDU2MDI4MDQyMyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:20 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254680%26vteXpYrS%3D1670562080%26vr%3Df526ef491840a7a855e8dd12fb65c8b8%26vt%3Df526ef491840a7a855e8dd12fb65c8b7%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; HttpOnly; Secure
ts_c=vr%3Df526ef491840a7a855e8dd12fb65c8b8%26vt%3Df526ef491840a7a855e8dd12fb65c8b7; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000b501186a8097-3106069873a429a6-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 613
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/09/b4f49c76d91bc6a682b4643a35478238461bfb7f51141ea687e9892b0701a88c-500.png
200 OK 70 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/b4f49c76d91bc6a682b4643a35478238461bfb7f51141ea687e9892b0701a88c-500.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 46a28bc83854f932651a3717102938b6
8ddb9835c91ae82498a14d5cc2d3c68a3f8fdd08
a5e116573dfd19e7fe6e61226992ae3572123938bf3b21ed9d9b48e774cec8e3
GET /image/2022/09/b4f49c76d91bc6a682b4643a35478238461bfb7f51141ea687e9892b0701a88c-500.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:20 GMT
content-type: image/webp
content-length: 69760
cf-ray: 776b02b4abd3b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfOxJbxiyJy5q9I4xnJkJMhOLNrWj-KnYkQiF0MtQADQ:2c99bb29dcb3396e1c900966bdd82cb7"
last-modified: Wed, 14 Sep 2022 11:15:10 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=111 c=8+54 v=2022.12.0 l=69760
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
200 OK 618 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP
File type JSON data\012- , ASCII text, with very long lines (1024), with no line terminators
Hash fc1019d3a1fd73efc4d23ff8218570be
b30b151a94898770876e09c5612370ea717cc1c4
938cb943f14892d77d15f5dce75e3b1216323ec6c0600faa2c546c3fddc44607
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 8327
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_84da7c3812_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 04:31:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"400-KTi3ZLjsaWEURiPfw9W75zw+mgI"
paypal-debug-id: 0524341372946
server: ECAcc (lhd/35F2)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=277
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 09 Dec 2023 04:31:20 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Dec 2022 13:17:16 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:19 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3MDU2MDI4MDQyOSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:20 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254680%26vteXpYrS%3D1670562080%26vr%3Df526ef2b1840a1d30bc2f783ffc9843c%26vt%3Df526ef2b1840a1d30bc2f783ffc9843b%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; HttpOnly; Secure
ts_c=vr%3Df526ef2b1840a1d30bc2f783ffc9843c%26vt%3Df526ef2b1840a1d30bc2f783ffc9843b; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000524341372946-97efdc3e79242399-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 618
X-Firefox-Spdy: h2
dub.stats.paypal.com/v2/counter2.cgi?p=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS
200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v2/counter2.cgi?p=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v2/counter2.cgi?p=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypal.com/
Connection: keep-alive
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=353df5b1a755c19bb312; Domain=stats.paypal.com; expires=Thu, 04 Dec 2042 04:31:20 GMT; Path=/
Date: Fri, 09 Dec 2022 04:31:20 GMT
cdn.cloudfastin.top/image/2022/09/a2af7a454300c3ec5b316200dbb2763d228a4a31d214f2d86f1396c4d7af2f85-400.png
200 OK 58 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/a2af7a454300c3ec5b316200dbb2763d228a4a31d214f2d86f1396c4d7af2f85-400.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 16d6052ea63f2522063e4055e6e9831f
117da8b7809a36c44936d097bc6aa87fee1fad73
c53a0a20861ad0d59dbea4ba1b10448de9e80e462d5a8e079893e4695bea30ad
GET /image/2022/09/a2af7a454300c3ec5b316200dbb2763d228a4a31d214f2d86f1396c4d7af2f85-400.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:20 GMT
content-type: image/webp
content-length: 57858
cf-ray: 776b02b49bccb4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfqycNfaEpz-Ui5f3dOj7JOPOcxyJ6nv9rvBsRgLgsDQ:d60788ed01f7d89cf0b9c773949c52f2"
last-modified: Wed, 14 Sep 2022 11:13:03 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=163 c=10+40 v=2022.12.0 l=57858
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
304 Not Modified 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Thu, 10 Nov 2022 20:35:37 GMT
If-None-Match: W/"636d6099-e89e"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 09 Dec 2022 04:31:20 GMT
via: 1.1 varnish
etag: W/"636d6099-e89e"
age: 545151
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 98677
x-timer: S1670560281.616838,VS0,VE2
vary: Accept-Encoding
expires: Sat, 10 Dec 2022 04:31:20 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p2
200 OK 125 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c2764ab3e966f72812a7ba49a7c2d989
19fb379e9579e4f2ce707bc6333835a90848ffbc
b6fb8fb60d1d423775d078a6609ae420a7deab178e6811bb5c64fb40e611e8c2
POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1381
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: 24725d330e646
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 24725d330e646
set-cookie: sc_f=hVi6SyUWKQoZ8j1JiphhPTiu2dREl89iQICDA04L3hRQR7gCnbHhnciIOR-vYR3aQClTYcQgSj8DbV-Ks0y1_t1Pk1nkrQsMR-Dsv0;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Tue, 07-Dec-2027 20:31:20 GMT; HttpOnly
traceparent: 00-000000000000000000024725d330e646-0f3963a4ecafad1e-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Fri, 09 Dec 2022 04:31:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220069-HHN, cache-bma1635-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p1
200 OK 125 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 85d33af06c673599856f96da36279628
41bf8ac576f6819798cddeedb5c7f99a705e51e1
2cacb5026f2ff5034be245328f53642cc3867c6464eafaa0fe2053be3fc43192
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 4535
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: 5264170e66ea
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 5264170e66ea
set-cookie: sc_f=VKToAM_4vXxP9W7pr-8ljkS_Mpr03n5igN1jOoKb5J6Ra9kkGBalqq77-lbt0i0IUCap6VRzzG1COudxXvtWyQbQ6khfzkP7QaQ15m;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Tue, 07-Dec-2027 20:31:20 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=pEBlYJCpKIQcJO6A2mKFNL3PHtQstWSKlNXjKpOxqs2nvlgtT4GU6Px-ate68fB_rSd7tM9byB7ft0XQ;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Wed, 03-Dec-2042 20:31:20 GMT; HttpOnly
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:20 GMT; HttpOnly; Secure
traceparent: 00-000000000000000000005264170e66ea-823da0382ecf1ab0-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Fri, 09 Dec 2022 04:31:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220071-HHN, cache-bma1635-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
200 OK 613 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP
File type JSON data\012- , ASCII text, with very long lines (1022), with no line terminators
Hash c0385f5f1b1c9a65aeee33d7ba3ab77e
6229539905ae1c717aafe0d4dcf3e49fe062a6bd
b3f2fdb8db8761a65fa4a225ba75f02845e2f9d0fc1fb269bb30b1f11ad016d9
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1439
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_84da7c3812_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 04:31:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3fe-TaYipwbyA71c/Gj5Lj98VD6xwvg"
paypal-debug-id: 0114440377001
server: ECAcc (lhd/35F9)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=212
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 09 Dec 2023 04:31:20 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Dec 2022 13:17:16 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:19 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3MDU2MDI4MDY1NyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:20 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254680%26vteXpYrS%3D1670562080%26vr%3Df526f0391840a7885e4dbe35ffc13af5%26vt%3Df526f0391840a7885e4dbe35ffc13af4%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; HttpOnly; Secure
ts_c=vr%3Df526f0391840a7885e4dbe35ffc13af5%26vt%3Df526f0391840a7885e4dbe35ffc13af4; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000114440377001-d80ec655292114a0-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 613
X-Firefox-Spdy: h2
c6.paypal.com/v1/r/d/b/p3?f=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS
200 OK 20 B URL HTTP/2 c6.paypal.com/v1/r/d/b/p3?f=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS
IP
Hash 163be0a88c70ca629fd516dbaadad96a
c8830ccf3a863e489ca37f4da572bad0e05d077b
ac73670af3abed54ac6fb4695131f4099be9fbe39d6076c5d0264a6bbdae9d83
GET /v1/r/d/b/p3?f=uid_60d07a9188_mdq6mze6mty&s=SMART_PAYMENT_BUTTONS HTTP/1.1
Host: c6.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
correlation-id: 77dd2796017ee
date: Fri, 09 Dec 2022 04:31:19 GMT
paypal-debug-id: 77dd2796017ee
server: ECAcc (lhd/35A0)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=200
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000077dd2796017ee-cb7f4844ccd9aebc-01
vary: Accept-Encoding
content-length: 20
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p1
200 OK 125 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f7e05e86d27171b36e80cba28dc599a7
7e600ea25afbfca6b78d756946fa12ed7c740243
8aa5b9b7457b549632b094a0c028fe53ba32dbcc360c29dffe7afc8a2ae9a829
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 4535
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: 87096624f715d
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 87096624f715d
set-cookie: sc_f=26X6iN8Gd6w-EOOry9Qi4xRUUOaNGBz2YZygXWuSuXOJiolOi2IszfUthYmdm9arRSNGZOxRI-rf1Y0gMK4NWOSFiAaxjMTt_aaVcm;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Tue, 07-Dec-2027 20:31:20 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=pEBlYJCpKIQcJO6A2mKFNL3PHtQstWSKlNXjKpOxqs2nvlgtT4GU6Px-ate68fB_rSd7tM9byB7ft0XQ;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Wed, 03-Dec-2042 20:31:20 GMT; HttpOnly
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:20 GMT; HttpOnly; Secure
traceparent: 00-000000000000000000087096624f715d-0522d99788702792-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Fri, 09 Dec 2022 04:31:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220020-HHN, cache-bma1635-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
www.embravewise.com/api/store/facebook-conversions-api
200 OK 145 B URL HTTP/2 www.embravewise.com/api/store/facebook-conversions-api
IP
Hash 69f6283cf92ecde03a6caf5195d5481b
d55acc1aff69486fd967e01397e814aa71a65a71
b1ebec626c13720b2be4bb94611e9a6b98d78e4a67ef50ad4c86f55425ee8835
Analyzer Verdict Alert fortinet Malware
POST /api/store/facebook-conversions-api HTTP/1.1
Host: www.embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-LANG: en-US
X-XSRF-TOKEN: eyJpdiI6ImZ6MVBFTUIrUGdmZWJqQ1FCSVN4alE9PSIsInZhbHVlIjoiMlFvMWgyeFdtMitZTVwvM3ZmNTNMaVArWGFOekV0N0g2bEZRWFpHanN0ckw4a05mUldpcVJiV2R6MjZXNVo1TmZOdStrUU56d3drbTJmQVVtTllWTlZBc1J5aFpcL2tqdHd6N0pmU2VNd29kWWdBRE1GYWplMnBwa0dwVDJIWHJGTCIsIm1hYyI6ImY3MzFiNWQ5NTIwZDZmODg0MmI1ZThlOWI3ODhjN2NmMjAwZGVmMTI4MTQ0MmNhNzY4YzA1NDE3MDUzNDA1NDEifQ==
Content-Length: 324
Origin: https://www.embravewise.com
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImZ6MVBFTUIrUGdmZWJqQ1FCSVN4alE9PSIsInZhbHVlIjoiMlFvMWgyeFdtMitZTVwvM3ZmNTNMaVArWGFOekV0N0g2bEZRWFpHanN0ckw4a05mUldpcVJiV2R6MjZXNVo1TmZOdStrUU56d3drbTJmQVVtTllWTlZBc1J5aFpcL2tqdHd6N0pmU2VNd29kWWdBRE1GYWplMnBwa0dwVDJIWHJGTCIsIm1hYyI6ImY3MzFiNWQ5NTIwZDZmODg0MmI1ZThlOWI3ODhjN2NmMjAwZGVmMTI4MTQ0MmNhNzY4YzA1NDE3MDUzNDA1NDEifQ%3D%3D; xtuselsaqe76_session=eyJpdiI6ImduNWN5Vkk3ajFTdnVPWERzVlZoQ0E9PSIsInZhbHVlIjoiYW1YOWpwSEpDMXZaK1lHOHJVVjIwXC9YRlwvQTdMNjNMQ2E0eEd3QVQ2WEhKMzFmKzVrYUw2TkJwT3hWR2ZVOFBSTlg2TE1TZVFjcG5wRGlxNmJcL05PS0dibnk2aHFOSmlveTdVT3NCZ2dibXBURGRtTWpOXC9taXFxOTJPMmYzeGlmIiwibWFjIjoiZGM0NzczMjM5ZDMzOTdiMGMxMWVmNzdhNGRlNmQxZjMyMTg4OWI5NzBjOTAyYjhhNjdjMjdmMzBkMjMwNGE0NyJ9; session_uuid=f84356447a1f4a01898f046e8c48669agrrW21RZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 04:31:20 GMT
etag: W/"da39a3ee5e6b4b0d3255bfef95601890afd80709"
set-cookie: XSRF-TOKEN=eyJpdiI6InN0Y28rMkpndWNSMnBFeElEQllDeVE9PSIsInZhbHVlIjoibjlDVVEremZsM0M1Y3JpOXduUW1aWDdranFXWWMyaU11bjJBRWdTUktORnJKN0VRaUdXQmpaSXUyZEtiTUg3bmlaXC95YW1PZlhUbFlSQisyMVhcL2FpRGRBXC9yaHVJWjVKc2FWYVcySUQ4TUptdlNTSG1vakNaYlZPait4YnFWNjEiLCJtYWMiOiIzYjA3NWFiYmJlYmUwZWE1YTRhNDQ1NmZmZTE4Y2IyZjA2YzlhNGM3YTNkZjU0YTJlOGFkMzQ5OTJlYzRjOTJhIn0%3D; expires=Sat, 10-Dec-2022 00:31:20 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6InhsT1FwbWVNaHZmdXRvN0NrT3EzcFE9PSIsInZhbHVlIjoiNHAraUZcL2F5dUdYS0JkR1J0UXl6emQ4RzZLMmV6RVZYZmVTQUlJSTNuNWZza2hnSGJzSU5NSkI1UFY4N1dPVzhZUTBITGI3YU1rZ3FRamJqNlRJXC8wWWdOYm1SQzl0VGlYS1ZDdHloT01vMzNYTmVoT213WGtheE9CQjFQSUllSCIsIm1hYyI6IjRkNWNiMWIyMWU3Mjc5NDFmMDEzOTY5OGYwNTlkNTEyMDBlYTJiNzVkZjU4NzFhZjQ4ZjU1NTNkZmVlOWZkOTkifQ%3D%3D; expires=Sat, 10-Dec-2022 00:31:20 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
200 OK 614 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP
File type JSON data\012- , ASCII text, with very long lines (1026), with no line terminators
Hash 6b7171dacb59adc52b04aeb8803d01a5
95774a26c4c52280eb1ac8779f0d7cd9c6cd691e
bc694329dcc867de3f1926059c164a7766415b691e3dc684e28a610f7460a129
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1439
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_dc43d5b514_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 04:31:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"402-MTPu9eJZMLgDz6Os+jJViFmfeIY"
paypal-debug-id: 01773a084aa23
server: ECAcc (lhd/35F8)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=213
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 09 Dec 2023 04:31:20 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Dec 2022 13:17:16 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:19 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3MDU2MDI4MDgzMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:20 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254680%26vteXpYrS%3D1670562080%26vr%3Df526f0e41840ad04b7db90c6ffc897e9%26vt%3Df526f0e41840ad04b7db90c6ffc897e8%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; HttpOnly; Secure
ts_c=vr%3Df526f0e41840ad04b7db90c6ffc897e9%26vt%3Df526f0e41840ad04b7db90c6ffc897e8; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:20 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000001773a084aa23-cf0504cc85d4ff2b-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 614
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=724624048855298&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280930&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
200 OK 516 kB URL HTTP/2 www.facebook.com/tr/?id=724624048855298&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280930&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
IP
File type gzip compressed data, from Unix\012- data
Size 516 kB (515855 bytes)
Hash 6e378e70479e131c99d854bd05270948
37422f24933dcb058729f489ab27c24e1a58ae28
a460f1947ae2252bb8687d2445b414bc51e4f65cc46df52d8e152c1f500af717
GET /tr/?id=724624048855298&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280930&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 04:31:21 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=798632474852151&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280939&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=798632474852151&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280939&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=798632474852151&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280939&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 04:31:21 GMT
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
200 OK 149 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3e7bf609e5fb0ff1f33d97fb3816e286
eca827e429a89cbe927689c26e9ef73734e00a0e
cfe079d6fe9faae81a78f62296ecc7a4cb12a28fa99f1bed6ea4c6d8ea194df3
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=smartcomponentnodeweb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
correlation-id: d0d5976fd243b
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: d0d5976fd243b
traceparent: 00-0000000000000000000d0d5976fd243b-733d00bfba7f6337-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Fri, 09 Dec 2022 04:31:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220095-HHN, cache-bma1635-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1670560280.428692,VS0,VE165
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=745133759961906&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280934&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=745133759961906&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280934&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=745133759961906&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280934&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 04:31:21 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=580013720420078&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280936&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=580013720420078&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280936&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=580013720420078&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280936&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 04:31:21 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=432456268474051&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280937&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=432456268474051&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280937&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=432456268474051&ev=PageView&dl=https%3A%2F%2Fwww.embravewise.com%2F&rl=&if=false&ts=1670560280937&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670560280929.2124242393&it=1670560278095&coo=false&eid=9a2d5928-ffbb-4d43-8e3c-91072c5796d3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 04:31:21 GMT
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
200 OK 603 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP
File type JSON data\012- , ASCII text, with very long lines (1014), with no line terminators
Hash 21f064ef351411e093aa32674ad01403
d1f62700d17ef777f9a29af49e4581a99a721a85
086710116369f9edb09c6ace49843d8fbe9586b2689be9553dc1eb3fcbd2cf57
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1470
Origin: https://www.embravewise.com
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.embravewise.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 04:31:22 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3f6-dgC/ieb5Wq/reZKc4Mzs62EzVns"
paypal-debug-id: 008392882876b
server: ECAcc (lhd/3588)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=231
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 09 Dec 2023 04:31:22 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Dec 2022 13:17:18 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:21 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3MDU2MDI4MjA2MiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:22 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254682%26vteXpYrS%3D1670562082%26vr%3Df526f5a31840a7a082df5db5fb65a6ab%26vt%3Df526f5a31840a7a082df5db5fb65a6aa%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:22 GMT; HttpOnly; Secure
ts_c=vr%3Df526f5a31840a7a082df5db5fb65a6ab%26vt%3Df526f5a31840a7a082df5db5fb65a6aa; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:22 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000008392882876b-0674c7660d0df7c0-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 603
X-Firefox-Spdy: h2
cdn.wshopon.com/assets/2021/10/5a81a54e2f38cb800f7564d6f91006f2-1300.png
200 OK 19 kB URL HTTP/2 cdn.wshopon.com/assets/2021/10/5a81a54e2f38cb800f7564d6f91006f2-1300.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1300x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5ab8a7715ab427f3e066cab5c72e7b9e
d1f1a44613e720f860be6db23b3206e953b82e1a
26a8adbbadadd7274258d159db95024bcd80bb0c37307afb6505c88bb9becf0b
GET /assets/2021/10/5a81a54e2f38cb800f7564d6f91006f2-1300.png HTTP/1.1
Host: cdn.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:22 GMT
content-type: image/webp
content-length: 18974
cf-ray: 776b02c22d57b506-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfbpr80AbDx394TNPeN3UZl6HRBGjnEvK9me9TrkEkDQ:7266e64af38809bd744ae670dc9d4956"
last-modified: Mon, 18 Oct 2021 06:57:51 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=18 c=13+45 v=2022.12.0 l=18974
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.embravewise.com/api/store/exchanges
200 OK 2.7 kB URL HTTP/2 www.embravewise.com/api/store/exchanges
IP
File type JSON data\012- , ASCII text, with very long lines (2679), with no line terminators
Hash c311025f413d572e5521827f3b3c5b06
991fc10256136cb0d68dc65c0612c6b0e86e2651
45e2881f41d75626e6f4c428dfb03b9c8d0da8cc527fa742b2a738891c88f6f1
Analyzer Verdict Alert fortinet Malware
GET /api/store/exchanges HTTP/1.1
Host: www.embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LANG: en-US
X-XSRF-TOKEN: eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0=
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: XSRF-TOKEN=eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0%3D; xtuselsaqe76_session=eyJpdiI6Ijd2YktkanBnSjNnZWlRWDlaZUJIY1E9PSIsInZhbHVlIjoiZE8zVFlzV3pcL0cranJqa3hHa1JzM3ZtR0VVVkdXXC9hd1JEMTdLRjFZYk5uNjNGYkNoOCtNVGhEZE5ab3lRMlNtdlZpQWhtdXArK2xmbk5YTzk2bVN4aVhlS3lyVWg4YnlYYkNcLzJtZ0lUVkhtSUthbE5YNm4yYmc0MSt5RzVYTEgiLCJtYWMiOiIwOGM3ZjA2NTM1YWM3NDRkODlhZjkwNWRhMWJhNGRlZGFjMjlmODIyZmEwYWIxZGI5Zjg0YTc0YWY5Mzk3MjE3In0%3D; session_uuid=f84356447a1f4a01898f046e8c48669agrrW21RZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
content-type: application/json
date: Fri, 09 Dec 2022 04:31:18 GMT
etag: "991fc10256136cb0d68dc65c0612c6b0e86e2651"
set-cookie: XSRF-TOKEN=eyJpdiI6Im5wZ2lWMlpCY3R6NVwvRW16K2ZCZWJBPT0iLCJ2YWx1ZSI6IjFoQlYzTEtsTEhvdEZUZ1wvQTlHRk02eWhJeExhcnBOYlVmZHJ1UHR4VDIyUk1uMkhMNm9wVGN6V0g4TlRYOURBbTBjUVJ3VUlUWllsQzVmaEpHNlJMXC8weEFmZjMzM1hVaXNRb0FMM3gzaFwvUXlmMzBUd01mTW44TGdTZXdraXR3IiwibWFjIjoiYTc2ZTg5MzFlNDQzYzYzZTc4MWM5ZDliODEzYmRmODNkZWJhMTU3ZWY4MTQ3ZDFjNzA5ZmVkYzMzNTFlNGE4YiJ9; expires=Sat, 10-Dec-2022 00:31:18 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6IlRYc3RyRU9RS2wyb09mdEJMRDNSVFE9PSIsInZhbHVlIjoiN3JiNG1pOXo1THR3a29DNEZYTVdkYU0rbHppYUU1VVFJd0Q1YUtUTGNITTBMVUREWFhWUUpseFFUY2dzUmpmMlJtTzFjS1l4R1UxUE9TQlNlVmxCODhVdkdOd29GM3JoSUxxT2UrbHJkZElpWURTTDdYMDluWUk3ZVcrcXpoblQiLCJtYWMiOiJhNTMxZTdjNDQyMDA4ZWFmMWY3ZjY0MGNkZTBjYjVkNjhjNDIyZDgxMjY5ODUzZDczZjJkNDdkZTdmODAyNTc5In0%3D; expires=Sat, 10-Dec-2022 00:31:18 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.cloudfastin.top/image/2022/09/e52f63543655576259a74260e398a2f9ab088021eba3b95450f3b2f460ebaf8c-1300.png
200 OK 170 kB URL HTTP/2 cdn.cloudfastin.top/image/2022/09/e52f63543655576259a74260e398a2f9ab088021eba3b95450f3b2f460ebaf8c-1300.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1125x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 170 kB (170292 bytes)
Hash 5152b456d7a3ee205fcb3d4eccb3fba5
b5f774d701c046333902928f38fea47f581524ae
e1fa45b9c7b804569d74cd9b2a70f0f1ecbf2930b9e9eb191227c44695db0a15
GET /image/2022/09/e52f63543655576259a74260e398a2f9ab088021eba3b95450f3b2f460ebaf8c-1300.png HTTP/1.1
Host: cdn.cloudfastin.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:31:22 GMT
content-type: image/webp
content-length: 170292
cf-ray: 776b02c21a53b4fa-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "cfp--ZQuUvh_EV045WeVQ3ymu0BGjnEvK9me9TrkEkDQ:ca60dd56c065ac1c7972d6ccbd9c2ec7"
last-modified: Wed, 14 Sep 2022 10:53:40 GMT
vary: Accept, Accept-Encoding
cf-cache-status: MISS
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/m q=0 n=156 c=16+124 v=2022.12.0 l=170292
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:58 GMT
age: 23485
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_84da7c3812_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
200 OK 0 B URL HTTP/2 www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_84da7c3812_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
IP
GET /smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_84da7c3812_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: tsrce=targetingnodeweb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 04:31:19 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5e2af-eXc1FkHOHcdQ8hpDINsfBeTnoro"
p3p: true
paypal-debug-id: 0888984596327
server: ECAcc (lhd/35ED)
server-timing: traceparent;desc="00-00000000000000000000888984596327-3eb0115fcae96d89-01", content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=359
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:19 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:19 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254679%26vteXpYrS%3D1670562079%26vr%3Df526ea611840ad04b81756f4ffc8988f%26vt%3Df526ea611840ad04b81756f4ffc8988e%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:19 GMT; HttpOnly; Secure
ts_c=vr%3Df526ea611840ad04b81756f4ffc8988f%26vt%3Df526ea611840ad04b81756f4ffc8988e; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:19 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000888984596327-442c67d22f72dc0f-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_dc43d5b514_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
200 OK 0 B URL HTTP/2 www.paypal.com/smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_dc43d5b514_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
IP
GET /smart/buttons?env=production&locale.country=US&locale.lang=en&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=48&style.menuPlacement=below&commit=false&fundingSource=paypal&sdkVersion=5.0.343&components.0=buttons&components.1=funding-eligibility&components.2=messages&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVdINHM4UldJMElOWS1nYVZQWkw5M3lLNVdNTzNIdjlLX2MzZi1ic1NIX3JyRlpaWjJJSUdQd21iOHRwbzhNRHlleThXVzkxTERjN3Bvdk4mY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCxibGlrLGVwcyxnaXJvcGF5LGlkZWFsLG1lcmNhZG9wYWdvLG15YmFuayxwMjQsc2VwYSxzb2ZvcnQsdmVubW8mY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ubnZieGhiYnBscGRuZGNpc29icnBwbHRheXBsbnoifX0&clientID=AWH4s8RWI0INY-gaVPZL93yK5WMO3Hv9K_c3f-bsSH_rrFZZZ2IIGPwmb8tpo8MDyey8WW91LDc7povN&sdkCorrelationID=f834081e9672b&storageID=uid_2d618f32b3_mdq6mze6mty&sessionID=uid_60d07a9188_mdq6mze6mty&buttonSessionID=uid_dc43d5b514_mdq6mze6mtc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&disableFunding.10=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: tsrce=targetingnodeweb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 04:31:19 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5e2af-EJ8/Ve5b7xn2tAbblLlRd8dwbas"
p3p: true
paypal-debug-id: 040b959b23491
server: ECAcc (lhd/35F0)
server-timing: traceparent;desc="00-0000000000000000000040b959b23491-8d7ecd9da084be9d-01", content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=361
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 12 Dec 2022 04:31:19 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Fri, 09 Dec 2022 05:01:19 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1765254679%26vteXpYrS%3D1670562079%26vr%3Df526ea4b1840a1d30bc2f783ffc98467%26vt%3Df526ea4b1840a1d30bc2f783ffc98466%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:19 GMT; HttpOnly; Secure
ts_c=vr%3Df526ea4b1840a1d30bc2f783ffc98467%26vt%3Df526ea4b1840a1d30bc2f783ffc98466; Path=/; Domain=paypal.com; Expires=Mon, 08 Dec 2025 04:31:19 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000040b959b23491-ca0df45a1d3bce70-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
embravewise.com/
302 Found 0 B IP
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 04:31:15 GMT
location: //www.embravewise.com/
set-cookie: XSRF-TOKEN=eyJpdiI6IkxxbjJWT3ZGWE51dWhxd3pZKzFYb3c9PSIsInZhbHVlIjoiTG5tWDA3VzhTMHFJK2V5S0J3UGlsNkl6RjIzVFRXNHl0QUFRRk1OaENZSW8xdytrRE13eWZRUzEyQXBRWDRQRTROMUVkV3VsMFRuRnRtSmMxeEhhV1EydlIrTHBjd3RPeDZ3eVRxOFJcL3NEVGptN0RPY0pvSDI3Mk8xbmUzMFg3IiwibWFjIjoiMmYxMWM0MTY1YmIzZDViZTA2OTdlMmVhODQ3ZjRlMWU1YjhmNGE3YmNkNGUyMjM2NmVlMzYxYjk0NmFkYmM1ZSJ9; expires=Sat, 10-Dec-2022 00:31:15 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6IitPSjV4YkpBV1JKYWwxNUVJMDFhc2c9PSIsInZhbHVlIjoiQ1lkTjMyUVwvMFJMVHh2djlYSUpWeXJsQnlVWjRnaWZJaWVTcjhiQlBZeW5tR21OajBXdzJNZ0JLWWZGV0V4WkF0aXFjakJOR0pDdzBhMWQ5VSs1NVFkazF2YzZQc1g3SlVoSk9YSDc3MFFFVnU4QThaUGkydkVoTHlROHlyZ1RoIiwibWFjIjoiNmYzNzExMWIxOTZiNTRkZDJmZDEzYjg3YmQ4ZmQ1Yzg5NzU4YjUyZmRiMTAzNWJiY2U2ZTMzMjc1MjdhZWFmMSJ9; expires=Sat, 10-Dec-2022 00:31:15 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
static.wshopon.com/static/v1.33.33-h.6/store/vogue/js/app.aaeeea.js
200 OK 0 B URL HTTP/2 static.wshopon.com/static/v1.33.33-h.6/store/vogue/js/app.aaeeea.js
IP
GET /static/v1.33.33-h.6/store/vogue/js/app.aaeeea.js HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 06 Dec 2022 07:06:25 GMT
last-modified: Mon, 05 Dec 2022 10:46:00 GMT
etag: W/"497f915d8e03c06642b14519ad389df1"
cache-control: max-age=31536000, public
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6L1fpuATpZDGM7oUh01sMhOWEFGyZFQnkMdp1TgpjKtBEFGu1jUTgw==
age: 249892
X-Firefox-Spdy: h2
static.wshopon.com/static/v1.33.33-h.6/store/vogue/js/index.debf6a.js
200 OK 0 B URL HTTP/2 static.wshopon.com/static/v1.33.33-h.6/store/vogue/js/index.debf6a.js
IP
GET /static/v1.33.33-h.6/store/vogue/js/index.debf6a.js HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 08 Dec 2022 23:44:45 GMT
last-modified: Mon, 05 Dec 2022 10:45:57 GMT
etag: W/"51349f05401c6b465d38ef9bf50811cb"
cache-control: max-age=31536000, public
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -qN_6DJ1P0w-GNHlGHz4_q3iPoc95Sy7ithkKXN0n4-8T2uNBRrl-g==
age: 17192
X-Firefox-Spdy: h2
static.wshopon.com/js/jquery/3.6.0/jquery.min.js
200 OK 0 B URL HTTP/2 static.wshopon.com/js/jquery/3.6.0/jquery.min.js
IP
GET /js/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: static.wshopon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.embravewise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 23:44:45 GMT
etag: W/"0732e3eabbf8aa7ce7f69eedbd07dfdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jtM_jR2U9kthrPAxhM0qpEQ7PCYFpP-s3iPAoixAFsfY5TqYCr5mig==
age: 17192
X-Firefox-Spdy: h2
www.embravewise.com/api/store/last-sales
200 OK 0 B URL HTTP/2 www.embravewise.com/api/store/last-sales
IP
Analyzer Verdict Alert fortinet Malware
GET /api/store/last-sales HTTP/1.1
Host: www.embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LANG: en-US
X-XSRF-TOKEN: eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0=
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: XSRF-TOKEN=eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0%3D; xtuselsaqe76_session=eyJpdiI6Ijd2YktkanBnSjNnZWlRWDlaZUJIY1E9PSIsInZhbHVlIjoiZE8zVFlzV3pcL0cranJqa3hHa1JzM3ZtR0VVVkdXXC9hd1JEMTdLRjFZYk5uNjNGYkNoOCtNVGhEZE5ab3lRMlNtdlZpQWhtdXArK2xmbk5YTzk2bVN4aVhlS3lyVWg4YnlYYkNcLzJtZ0lUVkhtSUthbE5YNm4yYmc0MSt5RzVYTEgiLCJtYWMiOiIwOGM3ZjA2NTM1YWM3NDRkODlhZjkwNWRhMWJhNGRlZGFjMjlmODIyZmEwYWIxZGI5Zjg0YTc0YWY5Mzk3MjE3In0%3D; session_uuid=f84356447a1f4a01898f046e8c48669agrrW21RZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
content-type: application/json
date: Fri, 09 Dec 2022 04:31:18 GMT
etag: "f954bfef7e7af15b8a53691dd571b6e83e040415"
set-cookie: XSRF-TOKEN=eyJpdiI6ImNaS0VXU1pqTFdvTjh3NHVNeEwwXC9RPT0iLCJ2YWx1ZSI6ImxPUHc3WFQwaGRwU2Y0MXZ0RHdDRlZaVVU2ODRCN2pMWDNmZVJockpCVVFITDNoanNYajdSeVZ2cDZUSFZzWkpMMnJGTE1EN0Z4Njkzd1BuVkwxRzFjSzRhSHVrUjVnZXpMTzBaamdwYmFDZFdcL1k2MlwvYWVTM002eHBpTTBCT20iLCJtYWMiOiJiZjg4Njk1ZmZjZTFhMmZmNzg2MjRkMTk1YWMwYTVjNzJkZDE3NTg4NzI0Njc3N2I1Mjg5OGNkMGI3ZjQyMDgzIn0%3D; expires=Sat, 10-Dec-2022 00:31:18 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6InlvZnNLYWt4bjl5MEI5UG16NTk3V3c9PSIsInZhbHVlIjoiaTF0QnRaR1dzV2preU0xVVhaZmx3d0tuRjJLWENveEtweStxNzF1VzRGRDJoNXFJZEJKdTlncFJXb2Ezc0ZyYzFKNERBN0c1cWNWTG9DZHo2emxcL0I3UXBxNnVyN0hUdFlnTzhRbGljRW1veHBERjR3ZENKQTdaeWF1bFhVWlwvOCIsIm1hYyI6ImQyODIyZjljMThkYzVjZGIzMDVkODNmNzVmMzg1N2EzYTA3NGU4MjRiZTUxNWFlYjViZmY5OTA4NGI2YjJjNjMifQ%3D%3D; expires=Sat, 10-Dec-2022 00:31:18 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.embravewise.com/api/store/cart
200 OK 0 B URL HTTP/2 www.embravewise.com/api/store/cart
IP
Analyzer Verdict Alert fortinet Malware
GET /api/store/cart HTTP/1.1
Host: www.embravewise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LANG: en-US
X-XSRF-TOKEN: eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0=
Connection: keep-alive
Referer: https://www.embravewise.com/
Cookie: XSRF-TOKEN=eyJpdiI6InBtV2k5MGVxUlphdmhFNUQxXC96bmZRPT0iLCJ2YWx1ZSI6Inh5QVlZXC9XSTZ2Y2ZCSkpFeHF4d2xlU3lrRHB3ZkxTYVhXc3FvZXhWXC84UnVvOW9USzlZWUV1WWFsTlBST0pVVlpoVldsRmowcnNGU1d4azRNQis2Y1VKSGF4eERVazFEN2hBallHU0ZJTW40RTBlanlhY0NWQ1lrMUJDWHJ6bFEiLCJtYWMiOiJjNzMzNzdiNTdiYjBiMTc1ZDM3Zjk2OGE4ZWZkYjdiMmZjMzA3Yzg2ZmYzNWQ3NWQyOGEwMGM5NGVhNDY5NzIxIn0%3D; xtuselsaqe76_session=eyJpdiI6Ijd2YktkanBnSjNnZWlRWDlaZUJIY1E9PSIsInZhbHVlIjoiZE8zVFlzV3pcL0cranJqa3hHa1JzM3ZtR0VVVkdXXC9hd1JEMTdLRjFZYk5uNjNGYkNoOCtNVGhEZE5ab3lRMlNtdlZpQWhtdXArK2xmbk5YTzk2bVN4aVhlS3lyVWg4YnlYYkNcLzJtZ0lUVkhtSUthbE5YNm4yYmc0MSt5RzVYTEgiLCJtYWMiOiIwOGM3ZjA2NTM1YWM3NDRkODlhZjkwNWRhMWJhNGRlZGFjMjlmODIyZmEwYWIxZGI5Zjg0YTc0YWY5Mzk3MjE3In0%3D; session_uuid=f84356447a1f4a01898f046e8c48669agrrW21RZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
content-type: application/json
date: Fri, 09 Dec 2022 04:31:19 GMT
etag: "f2d0c8854a385d00943d541734c80cdfed38d764"
set-cookie: XSRF-TOKEN=eyJpdiI6InJNSDRaK2h1WGtQSVZ5MWZtTXVUbnc9PSIsInZhbHVlIjoiaVdMVHdyb1VhXC9UYlpEVkRWZ2dES1hIR0dmS1NKNXB6UUxoZFBwbndLUE1TQ1FZb1ZxdkQ1VXRjZmpEUnl5QW5jc2hkVzgwc2dMcWh1ckt5ZnlLWjVcL25NeHpmdmxqdmZtTTdyUm9mRGVrUW9oOVV1WE9lY3dpNjAwall1ZjlpcSIsIm1hYyI6IjdiMmMyMjEwMjQ5MDJmOWI5MGM5NDYyMDg2OTUxNDg5NzU1YzIxZmI3YzU2YWMwZDI3ZjQwZDViZWVmNTYyMWIifQ%3D%3D; expires=Sat, 10-Dec-2022 00:31:19 GMT; Max-Age=72000; path=/
xtuselsaqe76_session=eyJpdiI6ImNhTHFxZ0hudHRKd3luR2RiT0c0bnc9PSIsInZhbHVlIjoiN2NHQnFtYVlVdE5LVXVuYkhaR0pKVXVcL2RzeHI4TjdoYTN1NTNvcUtGcEE1dkZFZTRjUTVqQVlGZUJCTDJZZW9KdjBnZzZjeU13NTNMZ0hVbjVadnJGRFZPYlJQWUg4UU1NT3krUmFRVm9tUTAyTTI2UjFtQWRjZEh3dkhRbTZuIiwibWFjIjoiMTVlMTEyNTlmOTJlYTk3YjNkN2E1NmY0MzVjMDkzOWYzYTMzYjY5ZWVjMzE3MzMxNzlhMmEzNmQzZmQxYmFhOSJ9; expires=Sat, 10-Dec-2022 00:31:19 GMT; Max-Age=72000; path=/; httponly
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
18.217.107.127
93.184.220.29
23.36.77.32
31.13.72.36
104.18.21.226