r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4100
Expires: Thu, 10 Nov 2022 08:32:11 GMT
Date: Thu, 10 Nov 2022 07:23:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5474
Cache-Control: max-age=103107
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 07:23:51 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:02:18 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11685
Expires: Thu, 10 Nov 2022 10:38:36 GMT
Date: Thu, 10 Nov 2022 07:23:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VyjtH8abI0mT+5zL+baIbZfq4S++dGYL9BYwzc6Nj4waiP75xg6qxSiHk3Ccfv2CtpwA9xzd3zJQ4hiKHIdo0g==
x-amz-request-id: 37QGRZ328YX20F2V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 07:12:03 GMT
age: 708
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
wenzelcontracting.com/
45.60.97.221301 Moved Permanently 247 B IP 45.60.97.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6680a14149bb0eb9ab07cff933e576a3
6107edb8730c2ad5ca5aab14e6aa066b8fad88ad
f65e8e0af5029e67d33097b46c01b4759885039df8e69997d1c8646f709623c6
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 10 Nov 2022 07:23:51 GMT
Server: Apache
Location: http://wenzelcontracting.com/index.html
Content-Length: 247
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; expires=Fri, 10 Nov 2023 06:34:08 GMT; HttpOnly; path=/; Domain=.wenzelcontracting.com
incap_ses_677_2508144=ybsuSfgtBzxGd4LPaTBlCQenbGMAAAAA75Q5q+x4RSz9Epgl6dK1HQ==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=kjNhZkpXxeu; path=/; Max-Age=900
___utmvaOKuoNovZ=djAEOOM; path=/; Max-Age=900
___utmvbOKuoNovZ=iZw XKBOfalr: JtN; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 5-464264-464265 NNNN CT(45 -1 0) RT(1668065031153 1) q(0 0 1 0) r(1 1) U11
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 07:23:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wenzelcontracting.com/index.html
45.60.97.221200 OK 5.5 kB URL HTTP/1.1 wenzelcontracting.com/index.html
IP 45.60.97.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1352), with CRLF, LF line terminators
Hash 8f8e06defeb338ab1c35f24326cd73b7
c8265e95fe9876d3fed6bceaa738029d2581ed76
c86230662d46017817636f35024405c89d8870cc9c03b772b39e81d37c7f41a7
Analyzer Verdict Alert fortinet Phishing
GET /index.html HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; incap_ses_677_2508144=ybsuSfgtBzxGd4LPaTBlCQenbGMAAAAA75Q5q+x4RSz9Epgl6dK1HQ==; ___utmvmOKuoNovZ=kjNhZkpXxeu; ___utmvbOKuoNovZ=iZw XKBOfalr: JtN
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:51 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 06:48:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5470
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html
Set-Cookie: is_mobile=0; path=/; domain=wenzelcontracting.com
visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; expires=Fri, 10 Nov 2023 06:34:08 GMT; HttpOnly; path=/; Domain=.wenzelcontracting.com
incap_ses_677_2508144=ybsuSfgtBzxGd4LPaTBlCQenbGMAAAAA75Q5q+x4RSz9Epgl6dK1HQ==; path=/; Domain=.wenzelcontracting.com
___utmvbOKuoNovZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 06:21:19 GMT
___utmvmOKuoNovZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 06:21:19 GMT
X-CDN: Imperva
X-Iinfo: 5-464264-464265 SNNN RT(1668065031153 328) q(0 0 0 -1) r(1 1) U18
cdn2.editmysite.com/css/old/slideshow/slideshow.css?1660681333
151.101.85.46200 OK 1.5 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/slideshow/slideshow.css?1660681333
IP 151.101.85.46:0
File type ASCII text, with very long lines (7352)
Hash ba9bbd4df86b5b255f5ef44658e52130
3970cecb6939475f95556c2d32d17de0d1645f32
244b7b062e6e558009c622e46008d5542604b9163315220199a2ac50868ff3e5
GET /css/old/slideshow/slideshow.css?1660681333 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1488
Server: nginx
Content-Type: text/css
Last-Modified: Mon, 07 Nov 2022 17:13:01 GMT
ETag: W/"63693c9d-1cb9"
Expires: Tue, 22 Nov 2022 10:48:34 GMT
Cache-Control: max-age=1209600
X-Host: grn76.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:51 GMT
Age: 160518
X-Served-By: cache-sjc10071-SJC, cache-bma1663-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1
X-Timer: S1668065032.932517,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1660681333
151.101.85.46200 OK 13 kB URL HTTP/1.1 cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1660681333
IP 151.101.85.46:0
File type ASCII text, with very long lines (32013)
Hash da04d4da36c827437eb064334cf40561
b54b259c2dce4a00e265deddf2ee0941dda6ed40
0064ed54b2f6244cda5252037026ceb744b58067811265aa1a10c3f7cd937b3a
GET /js/old/slideshow-jq.js?buildTime=1660681333 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 13265
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 28 Oct 2022 22:29:29 GMT
ETag: "635c57c9-9e0b"
Expires: Mon, 14 Nov 2022 13:15:59 GMT
Cache-Control: max-age=1209600
X-Host: blu126.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:51 GMT
Age: 842872
X-Served-By: cache-sjc10063-SJC, cache-bma1620-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 68, 1
X-Timer: S1668065032.933034,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/sites.css?buildTime=1660681333
151.101.85.46200 OK 30 kB URL HTTP/1.1 cdn2.editmysite.com/css/sites.css?buildTime=1660681333
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1660681333 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29746
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 25 Oct 2022 21:36:25 GMT
ETag: W/"635856d9-347ac"
Expires: Thu, 10 Nov 2022 07:39:31 GMT
Cache-Control: max-age=1209600
X-Host: blu66.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:51 GMT
Age: 1208660
X-Served-By: cache-sjc10023-SJC, cache-bma1662-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1268, 1
X-Timer: S1668065032.932926,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1560461714&
151.101.85.46200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1560461714&
IP 151.101.85.46:0
File type ASCII text, with very long lines (65024)
Hash 47ecd46fdd9dc84622ce1294541d92ef
7aeda09a697e41f88f4cbad0843d94bb3fdb7a50
ec251328b1cb905ffb368b273ab84ca8cf4f451218ed3412024ab56b48d0fbd0
GET /js/lang/en/stl.js?buildTime=1560461714& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 32708
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 28 Oct 2022 22:27:53 GMT
ETag: "635c5769-2c1b7"
Expires: Tue, 15 Nov 2022 07:13:43 GMT
Cache-Control: max-age=1209600
X-Host: blu105.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:51 GMT
Age: 778208
X-Served-By: cache-sjc10039-SJC, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 18, 1
X-Timer: S1668065032.932777,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/old/fancybox.css?1560461714
151.101.85.46200 OK 1.2 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/fancybox.css?1560461714
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1560461714 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1218
Server: nginx
Content-Type: text/css
Last-Modified: Wed, 02 Nov 2022 00:21:51 GMT
ETag: "6361b81f-f47"
Expires: Wed, 16 Nov 2022 10:36:40 GMT
Cache-Control: max-age=1209600
X-Host: blu85.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:51 GMT
Age: 679631
X-Served-By: cache-sjc10064-SJC, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 19, 1
X-Timer: S1668065032.932972,VS0,VE10
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1660681333&
151.101.85.46200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1660681333&
IP 151.101.85.46:0
File type ASCII text, with very long lines (65024)
Hash 47ecd46fdd9dc84622ce1294541d92ef
7aeda09a697e41f88f4cbad0843d94bb3fdb7a50
ec251328b1cb905ffb368b273ab84ca8cf4f451218ed3412024ab56b48d0fbd0
GET /js/lang/en/stl.js?buildTime=1660681333& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 32708
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 07 Nov 2022 17:11:35 GMT
ETag: "63693c47-2c1b7"
Expires: Tue, 22 Nov 2022 08:52:02 GMT
Cache-Control: max-age=1209600
X-Host: grn145.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:51 GMT
Age: 167509
X-Served-By: cache-sjc10078-SJC, cache-bma1663-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 549, 1
X-Timer: S1668065032.942311,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/site/main.js?buildTime=1660681333
151.101.85.46200 OK 146 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main.js?buildTime=1660681333
IP 151.101.85.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1660681333 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 146400
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 07 Nov 2022 17:13:03 GMT
ETag: "63693c9f-74804"
Expires: Tue, 22 Nov 2022 11:45:57 GMT
Cache-Control: max-age=1209600
X-Host: grn123.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:51 GMT
Age: 157075
X-Served-By: cache-sjc10065-SJC, cache-bma1666-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 16, 1
X-Timer: S1668065032.932841,VS0,VE9
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 07:23:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wenzelcontracting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 16:26:29 GMT
expires: Wed, 08 Nov 2023 16:26:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 140243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2d46cc53a1538ba2f6bb280da629e041
2ef714b4f668272bd5ab9c1a27a7e5441c975b53
178465070084aced449db36199915decc6517938c9261ca1a9a0bf5b7d95a94d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 07:23:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4424
Cache-Control: max-age=97001
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 07:23:52 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:20:33 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
wenzelcontracting.com/files/main_style.css?1560521817
45.60.97.221200 OK 3.6 kB URL HTTP/1.1 wenzelcontracting.com/files/main_style.css?1560521817
IP 45.60.97.221:0
File type ASCII text, with very long lines (332)
Hash 94170953b4aa13b8b32fc019ce69fd7b
7c521b1e25ac374231cdbdeeb4ba9ef8c2bf21fb
4f7318446ac018ca61521671601b5adafabba88cc9ed5237ba5dd13c63b689ee
Analyzer Verdict Alert fortinet Phishing
GET /files/main_style.css?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; incap_ses_677_2508144=ybsuSfgtBzxGd4LPaTBlCQenbGMAAAAA75Q5q+x4RSz9Epgl6dK1HQ==; is_mobile=0
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 14 Jun 2019 14:17:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3637
Keep-Alive: timeout=5, max=75
Content-Type: text/css
X-CDN: Imperva
X-Iinfo: 5-464264-218522 2NNN RT(1668065031153 620) q(0 0 0 -1) r(1 1) U18
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A+7WgQVDFG/rx4/uLEO28g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RtlPz3eFFGV+ng72SgiD1ZNMRYM=
wenzelcontracting.com/gdpr/gdprscript.js?buildTime=1660681333&hasRemindMe=true&stealth=false
45.60.97.221200 OK 7.8 kB URL HTTP/1.1 wenzelcontracting.com/gdpr/gdprscript.js?buildTime=1660681333&hasRemindMe=true&stealth=false
IP 45.60.97.221:0
File type HTML document text\012- HTML document text\012- C source, ASCII text, with very long lines (17520)
Hash 71fdd455e05ce4cfd32a86a74bc27003
98ddbac6a60c755580c43ac24c5f8b7510a48045
87f5d8c73539ef9b5d074f98995ee3006b443ee0bc1e8cd0876a270ae2b15c4a
GET /gdpr/gdprscript.js?buildTime=1660681333&hasRemindMe=true&stealth=false HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; incap_ses_677_2508144=ybsuSfgtBzxGd4LPaTBlCQenbGMAAAAA75Q5q+x4RSz9Epgl6dK1HQ==; is_mobile=0
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:52 GMT
Server: Apache
X-DS-Version: 1560521818
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7780
Keep-Alive: timeout=5, max=75
Content-Type: text/javascript;;charset=UTF-8
X-CDN: Imperva
X-Iinfo: 9-265066-46341 2NNN RT(1668065031241 531) q(0 0 0 -1) r(10 10) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/1357742662.png
45.60.97.221200 OK 8.7 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/1357742662.png
IP 45.60.97.221:0
File type PNG image data, 406 x 118, 8-bit gray+alpha, non-interlaced\012- data
Hash 56b68083c89c0f835551eaf86e56275d
f8b56674020de71e80c6893516fff1cc62a833fc
38cee16dc33cfc4bc67606f33dcdfe26e9d2329d1361ec48e6ab6c6eefcaefd1
GET /uploads/3/5/1/6/35163940/1357742662.png HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; incap_ses_677_2508144=ybsuSfgtBzxGd4LPaTBlCQenbGMAAAAA75Q5q+x4RSz9Epgl6dK1HQ==; is_mobile=0
HTTP/1.1 200 OK
Etag: "dfccec42"
Last-Modified: Thu, 16 Nov 2017 18:31:24 GMT
Content-Type: image/png
Content-Length: 8721
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
X-CDN: Imperva
X-Iinfo: 5-464264-448628 2CNN RT(1668065031153 1728) q(0 0 0 -1) r(0 0) U18
cdn2.editmysite.com/images/old/slideshow/control_icons.gif
151.101.85.46200 OK 187 B URL HTTP/1.1 cdn2.editmysite.com/images/old/slideshow/control_icons.gif
IP 151.101.85.46:0
File type GIF image data, version 89a, 25 x 13\012- data
Hash 88041de02e278ceedcd7de52bcdb8156
775bf1f3464e006b3f644512e52477ecc9385222
00bd643d7b1cd928b72aa4b6d69df8d5838a8f07e26294fda69ab365fa454c3f
GET /images/old/slideshow/control_icons.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1660681333
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 187
X-GUploader-UploadID: ADPycdszrKqZVlGm8g_bucHInabmug1Yu_TBTqFaNwSf6uyBStUDyJUr8SBTCkbnIXBO_T3CzsjhkyieYRCCSuogJTkdZg
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Fri, 14 Oct 2022 00:49:31 GMT
Last-Modified: Thu, 25 May 2017 18:53:05 GMT
ETag: "88041de02e278ceedcd7de52bcdb8156"
x-goog-generation: 1495738385881388
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 187
Content-Type: image/gif
x-goog-hash: crc32c=P9yuOw==, md5=iAQd4C4njO7c195SvNuBVg==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:53 GMT
Via: 1.1 varnish
Age: 22976
X-Served-By: cache-bma1620-BMA
X-Cache: HIT
X-Cache-Hits: 20
X-Timer: S1668065033.207142,VS0,VE0
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/images/old/loading.gif
151.101.85.46200 OK 3.0 kB URL HTTP/1.1 cdn2.editmysite.com/images/old/loading.gif
IP 151.101.85.46:0
File type GIF image data, version 89a, 30 x 30\012- data
Hash 0b0212ec4e07451700c88a335ebba854
e62e40bbd31145dc64c0a555991a5dc5696d1943
37f5bf015ade9651005d72bcfdbb48838014c1c357f848585df731bc7eaff120
GET /images/old/loading.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1660681333
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2964
X-GUploader-UploadID: ADPycducMdWWPXXJMiNEYpt6yoeOvosCD6SmTTxRFSW9bghqzZJxsoV6UapBMYHrhV8AVkS_PAytcl1uIushc6lvZ8Xmbg
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Fri, 11 Nov 2022 01:42:41 GMT
Last-Modified: Thu, 25 May 2017 18:45:50 GMT
ETag: "0b0212ec4e07451700c88a335ebba854"
x-goog-generation: 1495737950396999
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2964
Content-Type: image/gif
x-goog-hash: crc32c=F+8alw==, md5=CwIS7E4HRRcAyIozXruoVA==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 07:23:53 GMT
Via: 1.1 varnish
Age: 193272
X-Served-By: cache-bma1620-BMA
X-Cache: HIT
X-Cache-Hits: 209
X-Timer: S1668065033.219483,VS0,VE0
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
wenzelcontracting.com/files/theme/body-bg.png?1560521817
45.60.97.221200 OK 968 B URL HTTP/1.1 wenzelcontracting.com/files/theme/body-bg.png?1560521817
IP 45.60.97.221:0
File type PNG image data, 3 x 286, 8-bit/color RGB, non-interlaced\012- data
Hash f42ead35e79446f7a3f24ccadede100f
7965a96e65a8bb71b29ea9cb9c488b0c46f0d3dc
b2564c66c36227efa56e262a662f008a8bdd9469918b51cb0addc8cbb95eb2b9
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/body-bg.png?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/files/main_style.css?1560521817
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 23 May 2014 12:25:31 GMT
Accept-Ranges: bytes
Content-Length: 968
Keep-Alive: timeout=5, max=75
Content-Type: image/png
Set-Cookie: incap_ses_677_2508144=pLG5EYTSkn0ieILPaTBlCQmnbGMAAAAAAI7hZHi7eITLimbRzRD/+Q==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=ukvslhTCQHj; path=/; Max-Age=900
___utmvaOKuoNovZ=NihJytp; path=/; Max-Age=900
___utmvbOKuoNovZ=sZE XbFOlalc: Gtt; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 9-265066-150399 2NNN RT(1668065031241 1771) q(0 0 0 0) r(1 1) U18
wenzelcontracting.com/files/theme/main-content-bg.png?1560521817
45.60.97.221200 OK 302 B URL HTTP/1.1 wenzelcontracting.com/files/theme/main-content-bg.png?1560521817
IP 45.60.97.221:0
File type PNG image data, 1015 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c7a7ec5a8d1ffb212b81537675fd9f3
6b098d851a797328884a28cf22b1da28c60baf44
2bd2e8d05158fe4bb95f0c6bc25769939a4af23b019f6a3cc5ee28236d56f113
GET /files/theme/main-content-bg.png?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/files/main_style.css?1560521817
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Last-Modified: Fri, 23 May 2014 12:25:31 GMT
Content-Type: image/png
Content-Length: 302
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
Set-Cookie: incap_ses_677_2508144=Pa0/WnrJSTIieILPaTBlCQmnbGMAAAAABVqDPQXEAueVulkTgd6v5w==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=qsEKDKJJjfL; path=/; Max-Age=900
___utmvaOKuoNovZ=WhLHfmF; path=/; Max-Age=900
___utmvbOKuoNovZ=FZd XshOEalM: ItG; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 4-312151-173672 2CNN RT(1668065033172 0) q(0 0 0 0) r(0 0) U18
wenzelcontracting.com/files/theme/main-bg.jpg?1560521817
45.60.97.221200 OK 318 B URL HTTP/1.1 wenzelcontracting.com/files/theme/main-bg.jpg?1560521817
IP 45.60.97.221:0
File type JPEG image data, baseline, precision 8, 4x288, components 3\012- data
Hash 1c6fe48971e74754e5f7313cd4fb8171
95cf8215151a60ae7f9a3b0016d37756e18947d7
2ccce84f0ced18145a23af249708b2521f1883771f0b51ff9ab874bcb124d2b2
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/main-bg.jpg?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/files/main_style.css?1560521817
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Last-Modified: Fri, 23 May 2014 12:25:31 GMT
Content-Type: image/jpeg
Content-Length: 318
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
Set-Cookie: incap_ses_677_2508144=h02cFpURiVEieILPaTBlCQmnbGMAAAAAcsfW4Kz/yj078/lK2SZMkQ==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=XjFHprzTJwv; path=/; Max-Age=900
___utmvaOKuoNovZ=KTbsUji; path=/; Max-Age=900
___utmvbOKuoNovZ=LZR XzpOOalI: DtZ; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 9-265240-46341 2CNN RT(1668065033177 0) q(0 0 0 0) r(0 0) U18
wenzelcontracting.com/files/theme/content-top-bg.png?1560521817
45.60.97.221200 OK 160 B URL HTTP/1.1 wenzelcontracting.com/files/theme/content-top-bg.png?1560521817
IP 45.60.97.221:0
File type PNG image data, 960 x 5, 4-bit colormap, non-interlaced\012- data
Hash 4c25afcd0c3300f1ce20b4112cec170c
5dd6fa2de9692c341253b0bbb536c16bc88d228d
4fae7342d99883b4a838186ae5fca56c76267ca3d00e588b99498fa4218684ce
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/content-top-bg.png?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/files/main_style.css?1560521817
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Last-Modified: Fri, 23 May 2014 12:25:31 GMT
Content-Type: image/png
Content-Length: 160
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
Set-Cookie: incap_ses_677_2508144=Rxr1J2LgmHQieILPaTBlCQmnbGMAAAAAb37uArmJdzB/Dhjlm5rQ2Q==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=qFgxGHsEHRz; path=/; Max-Age=900
___utmvaOKuoNovZ=PZWLHDd; path=/; Max-Age=900
___utmvbOKuoNovZ=NZD XeQOXalg: atq; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 5-464552-464553 2CNN RT(1668065033180 0) q(0 0 0 0) r(0 0) U18
wenzelcontracting.com/files/theme/main-bot-bg.png?1560521817
45.60.97.221200 OK 796 B URL HTTP/1.1 wenzelcontracting.com/files/theme/main-bot-bg.png?1560521817
IP 45.60.97.221:0
File type PNG image data, 1015 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 258f4140d751227caa9812dae274eabd
1675760bb9dd389c810ef364667ec18c7dc5d01a
1ac177a0c4723685848b24bbae5630e5856852f52d04f0ecfa94d3ce70c3a7b4
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/main-bot-bg.png?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/files/main_style.css?1560521817
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:53 GMT
Server: Apache
Last-Modified: Fri, 23 May 2014 12:25:31 GMT
Accept-Ranges: bytes
Content-Length: 796
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: incap_ses_677_2508144=u362NjXhNVQieILPaTBlCQmnbGMAAAAAFeSyFgWcqdQOB4ZK1VhBCw==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=URzzLwMOoPe; path=/; Max-Age=900
___utmvaOKuoNovZ=nPIkISB; path=/; Max-Age=900
___utmvbOKuoNovZ=bZJ XkROWalc: ZtY; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 9-265066-265256 2NNN RT(1668065031241 2029) q(0 0 0 0) r(1 1) U18
wenzelcontracting.com/files/theme/main-top-bg.png?1560521817
45.60.97.221200 OK 910 B URL HTTP/1.1 wenzelcontracting.com/files/theme/main-top-bg.png?1560521817
IP 45.60.97.221:0
File type PNG image data, 1015 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash e3d0105a52252cd607be5551c1669128
a622e26e04e1ad0e7fd8e57df61d4b7188cfb768
b075ef735cbb8a0f0b56528ba7e4220dbdc666cb665120311f745f50921f32a8
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/main-top-bg.png?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/files/main_style.css?1560521817
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Last-Modified: Fri, 23 May 2014 12:25:31 GMT
Content-Type: image/png
Content-Length: 910
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
Set-Cookie: incap_ses_677_2508144=aH8HCvOm0iwieILPaTBlCQmnbGMAAAAA9UTA0wzVv/kVh0UWAdPvOg==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=hfaMZrHdPHB; path=/; Max-Age=900
___utmvaOKuoNovZ=cYaOuBE; path=/; Max-Age=900
___utmvbOKuoNovZ=bZw XXYOralW: itf; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 4-312151-173672 2CNN RT(1668065033172 159) q(0 0 0 0) r(0 0) U18
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14820
Expires: Thu, 10 Nov 2022 11:30:53 GMT
Date: Thu, 10 Nov 2022 07:23:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14820
Expires: Thu, 10 Nov 2022 11:30:53 GMT
Date: Thu, 10 Nov 2022 07:23:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14820
Expires: Thu, 10 Nov 2022 11:30:53 GMT
Date: Thu, 10 Nov 2022 07:23:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14820
Expires: Thu, 10 Nov 2022 11:30:53 GMT
Date: Thu, 10 Nov 2022 07:23:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14820
Expires: Thu, 10 Nov 2022 11:30:53 GMT
Date: Thu, 10 Nov 2022 07:23:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 34843
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1631e1f0-6fa1-464b-a40b-00a9866b7b25.webp
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1631e1f0-6fa1-464b-a40b-00a9866b7b25.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7edb51fa0fbe8bf317da2d9091b9e21b
02a9b9bec9d4392bbbabb6cabb129c1fb12d01f6
80c9dd829626ec07aa750aa3154eaf27ef79de25d3181e020a13bc9f8e9d8676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1631e1f0-6fa1-464b-a40b-00a9866b7b25.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5314
x-amzn-requestid: ad6e7919-c033-4361-8e3d-0badbb9f6fc7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWnb0GTrIAMF4xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1f7e-0524b86652bbacde023deb2a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bau3xXgpMJavWBFqC_X7hBaA4UZHRKrwlFW_uyimScF0nqfzFRc-gg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:56:35 GMT
age: 34038
etag: "02a9b9bec9d4392bbbabb6cabb129c1fb12d01f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F571618d6-4a7c-4655-9a3f-1a43863258d2.webp
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F571618d6-4a7c-4655-9a3f-1a43863258d2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ce8780a7be7c6df77fe53398560075f
7392dfd49233a2653b99feed8b73a8deea709d24
e6d97c56796c69609430d9e1d802fd8b1169e3fceb749d034aa827fda30383a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F571618d6-4a7c-4655-9a3f-1a43863258d2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 065bcafb-c718-4313-a11e-86c96f43fb88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmCeF3gIAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d42-16886ef54cf2da932a8cefad;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -fb11i9f64lRjQC9zVcwaPKYp1e3IevIt4pPAk1LDts9o0vwVrbvpQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:02:51 GMT
age: 33662
etag: "7392dfd49233a2653b99feed8b73a8deea709d24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 34843
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d398b5d30ea461015a3abba3b028ef97
9036a9a8a0904abf68a8f6046505a806c840e056
2cf47136f257e9484ea11928b181976c4961a58b95020d1abb8e68d280099931
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: 8c503d98-3659-40e7-9337-9f02502e9536
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniH4YoAMFfBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-6feb60720a37636e21e1be8f;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: L6GG4yINgps8PfnOb72tBcW34IcJKiQ9xjPZeZ_aI_HFHN1KYZbYOw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 34843
etag: "9036a9a8a0904abf68a8f6046505a806c840e056"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e56265e-d6d4-44c5-9a3e-19cd4a194fac.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e56265e-d6d4-44c5-9a3e-19cd4a194fac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fc636f2fd6c21b7bb012c0d93e101d
de6e1f022de8a2c6749f381c2d8c3f27a3f2c11b
06201c860a44c552f2b10628e4189df194829a3901f7fc263610a5cf6824ffad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e56265e-d6d4-44c5-9a3e-19cd4a194fac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5947
x-amzn-requestid: 3af515a7-7c49-42e1-a2f8-5689cffa3fbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuDdGCFIAMF3Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d49-46935ab231e3e36a4c3b29cc;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6oYVuUJkpDw41ezMsWONZTALM38eToqt8NQbweVmOTyr11f6EknpLw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:14:56 GMT
age: 32937
etag: "de6e1f022de8a2c6749f381c2d8c3f27a3f2c11b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wenzelcontracting.com/uploads/3/5/1/6/35163940/6908279_orig.jpg
45.60.97.221200 OK 14 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/6908279_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, baseline, precision 8, 232x174, components 3\012- data
Hash 27f4d5238c985bfae0fce19e950d33c0
b43f81cd36d39e13f819229a86ecbebe96bd4385
17d018b93e1fe249dbc951b0aaacd2ad096ce2903100cff0323ec3531e4390cf
GET /uploads/3/5/1/6/35163940/6908279_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Etag: "2a59f529"
Last-Modified: Thu, 16 Nov 2017 18:32:04 GMT
Content-Type: image/jpeg
Content-Length: 13791
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
Set-Cookie: incap_ses_677_2508144=6ikYB/UaX1wieILPaTBlCQmnbGMAAAAAdDdHho++XAzTrDLpyj5I/Q==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=xKCKfeaEoIh; path=/; Max-Age=900
___utmvaOKuoNovZ=yWhqfBa; path=/; Max-Age=900
___utmvbOKuoNovZ=OZW XDbOTali: tto; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 9-265066-46341 2CNN RT(1668065031241 2237) q(0 0 0 0) r(0 0) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/9637667_orig.jpg
45.60.97.221200 OK 12 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/9637667_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, baseline, precision 8, 232x174, components 3\012- data
Hash c3779d4d0bf485ea5e5e4574fa5ff09e
bacd2676babb8a939432780e1e491b5d13cdec73
c8963fad3a987cb30e4052ebcbf2d55a12078c5ba1b8b94921f7c2467f8a2c3a
GET /uploads/3/5/1/6/35163940/9637667_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Etag: "1d9bff82"
Last-Modified: Thu, 16 Nov 2017 18:32:04 GMT
Content-Type: image/jpeg
Content-Length: 12447
Cache-Control: max-age=51234, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:53 GMT
Set-Cookie: incap_ses_677_2508144=72KKHWF2pF8ieILPaTBlCQmnbGMAAAAAtvh3MWk9bfugjSVUVP6kCQ==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=mFwQPNxsTzw; path=/; Max-Age=900
___utmvaOKuoNovZ=mEPqSPm; path=/; Max-Age=900
___utmvbOKuoNovZ=kZT XVAOXalR: Ntl; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 4-312151-173672 2CNN RT(1668065033172 317) q(0 0 0 0) r(0 0) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/3417207_orig.jpg
45.60.97.221200 OK 195 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/3417207_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, baseline, precision 8, 1100x620, components 3\012- data
Size 195 kB (194969 bytes)
Hash 9acb6f96848960f33b362da9d0962cb9
d50ac8fd7d5a333f15b269f7f43d60da909f78ae
ca025e5c859af1f903325e3b847749577e7be4b0417205d43424ea0a3ed94d1b
GET /uploads/3/5/1/6/35163940/3417207_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Etag: "5eab61d2"
Last-Modified: Thu, 16 Nov 2017 18:32:04 GMT
Content-Type: image/jpeg
Content-Length: 194969
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
Set-Cookie: incap_ses_677_2508144=7S6cVJEFnQIieILPaTBlCQmnbGMAAAAAMOHEMq41GwjDupHVsn1HYQ==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=WgEYetcYQZC; path=/; Max-Age=900
___utmvaOKuoNovZ=umEIUxE; path=/; Max-Age=900
___utmvbOKuoNovZ=cZu XUaODalj: dtp; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 5-464264-448628 2CNN RT(1668065031153 1925) q(0 0 0 0) r(0 0) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/8467327_orig.jpg
45.60.97.221200 OK 9.0 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/8467327_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, baseline, precision 8, 232x174, components 3\012- data
Hash 6cc4add5584748e641b8aae618df5d6e
19301c3670bba3c4f451068c2a7caf49e56fbd85
fdaf3e1b4dc81d2796d76e6c0cd94e9212d0c143c135d2a5673bf842c92b67f2
GET /uploads/3/5/1/6/35163940/8467327_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Etag: "fabfd8c2"
Last-Modified: Thu, 16 Nov 2017 18:32:04 GMT
Content-Type: image/jpeg
Content-Length: 8990
Cache-Control: max-age=51234, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:53 GMT
Set-Cookie: incap_ses_677_2508144=Tg8Re6CYBz0ieILPaTBlCQmnbGMAAAAAytzpXduih17znMSCHRekog==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=CaAllahfVjM; path=/; Max-Age=900
___utmvaOKuoNovZ=IjPWNMj; path=/; Max-Age=900
___utmvbOKuoNovZ=iZW XgOOkals: Cto; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 9-265066-46341 2CNN RT(1668065031241 2397) q(0 0 0 0) r(0 0) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/1341559_orig.jpg
45.60.97.221200 OK 63 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/1341559_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, baseline, precision 8, 409x360, components 3\012- data
Hash 6f2c69f863847a5ec9f891fcc85a0a8e
3c69a5d63ed5b437ead6d609fb7c049424057ab0
c822ee9ef43b7f66f4497fd6a9c1feece44fb4e667867da4061e87b2ed179455
GET /uploads/3/5/1/6/35163940/1341559_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Etag: "f6059541"
Last-Modified: Thu, 16 Nov 2017 18:32:04 GMT
Content-Type: image/jpeg
Content-Length: 62749
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:47 GMT
Date: Thu, 10 Nov 2022 07:23:52 GMT
Set-Cookie: incap_ses_677_2508144=/0D7NgPm/T8ieILPaTBlCQmnbGMAAAAA9DAiG7rE1z9sSdCMzdjQqw==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=iPFtekDbMeT; path=/; Max-Age=900
___utmvaOKuoNovZ=RBgJgdR; path=/; Max-Age=900
___utmvbOKuoNovZ=cZU XofOeala: gty; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 5-464552-464553 2CNN RT(1668065033180 166) q(0 0 0 0) r(0 0) U18
www.weebly.com/uploads/reseller/assets/1014-favicon.ico
74.115.50.109200 OK 422 B URL HTTP/1.1 www.weebly.com/uploads/reseller/assets/1014-favicon.ico
IP 74.115.50.109:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 25d86b36263d026015339fff3b5310ac
4d85411873d253f082c87ef7fcd5a14bbd2e71fb
1ae4fad7ee108e525d431f5228aa1fe67315438636b29234524ae6493939379f
GET /uploads/reseller/assets/1014-favicon.ico HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 07:23:54 GMT
Content-Type: image/x-icon
Content-Length: 422
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 16:35:06 GMT
ETag: "25d86b36263d026015339fff3b5310ac"
x-amz-request-id: tx00000000000000571f79a-0061689394-1ff9432-las
X-Storage-Bucket: z1ae4
X-Storage-Object: 1ae4fad7ee108e525d431f5228aa1fe67315438636b29234524ae6493939379f
X-Host: blu47.sf2p.intern.weebly.net
Accept-Ranges: bytes
X-W-DC: SFO
wenzelcontracting.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
45.60.97.221200 OK 191 B URL HTTP/1.1 wenzelcontracting.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 45.60.97.221:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 80c55d52eead559b9113dab81abde7d2
af1784f0580f0379ea89b338a946351208403e53
f5f97198612e102a7bc2f7189a3366175f5f90ff3785797f3732e8af27ec9619
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://wenzelcontracting.com
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; incap_ses_677_2508144=Tg8Re6CYBz0ieILPaTBlCQmnbGMAAAAAytzpXduih17znMSCHRekog==; ___utmvmOKuoNovZ=CaAllahfVjM; ___utmvbOKuoNovZ=iZW XgOOkals: Cto
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:54 GMT
Server: Apache
Vary: X-W-SSL,User-Agent,Accept-Encoding
X-Host: grn83.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive, Keep-Alive
X-DS-Version: 1560521818
Content-Encoding: gzip
Content-Length: 191
Content-Type: application/json
Set-Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; expires=Fri, 10 Nov 2023 06:34:08 GMT; HttpOnly; path=/; Domain=.wenzelcontracting.com
incap_ses_677_2508144=Tg8Re6CYBz0ieILPaTBlCQmnbGMAAAAAytzpXduih17znMSCHRekog==; path=/; Domain=.wenzelcontracting.com
___utmvbOKuoNovZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 06:21:19 GMT
___utmvmOKuoNovZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 06:21:19 GMT
X-CDN: Imperva
X-Iinfo: 5-464552-464265 PNNN RT(1668065033180 855) q(0 0 0 -1) r(3 3) U6
wenzelcontracting.com/files/theme/content-bot-bg.png?1560521817
45.60.97.221200 OK 225 B URL HTTP/1.1 wenzelcontracting.com/files/theme/content-bot-bg.png?1560521817
IP 45.60.97.221:0
File type PNG image data, 960 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 7de735cf4af083f20f39f8d33f26db70
1f217762a5023c74fef9e138c644b5ca4f16c185
89e087a51ed8e5944fd409051360e163d4acb928cb95617c59e02d790a0f7169
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/content-bot-bg.png?1560521817 HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/files/main_style.css?1560521817
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:55 GMT
Server: Apache
Last-Modified: Fri, 23 May 2014 12:25:31 GMT
Accept-Ranges: bytes
Content-Length: 225
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
Set-Cookie: incap_ses_677_2508144=9apFOXqyixAieILPaTBlCQunbGMAAAAA4qpcKqvwjfyCSKct1O2wLg==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=eZOtHbByyhk; path=/; Max-Age=900
___utmvaOKuoNovZ=PRwNqRf; path=/; Max-Age=900
___utmvbOKuoNovZ=nZe XWCONaln: HtK; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 9-265241-150399 2NNN RT(1668065033177 1) q(0 0 0 0) r(20 20) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/5442473_orig.jpg
45.60.97.221200 OK 17 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/5442473_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 232x174, components 3\012- data
Hash c1eaf9e42fcfe636e517c9d5e3a17be6
607aefb2b2350fa3e74d137a1d0909c07d8ebaa0
21c04e301a055315812a22c120027f99f29b20f779b78c3eb83c5f4ce95b0ac9
GET /uploads/3/5/1/6/35163940/5442473_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:55 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2017 18:32:04 GMT
Accept-Ranges: bytes
Content-Length: 16792
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: incap_ses_677_2508144=JX3lJKYE6CQieILPaTBlCQunbGMAAAAA7dcc3xTQPtsIR+feczlFfQ==; path=/; Domain=.wenzelcontracting.com
___utmvmOKuoNovZ=NeghPntXxbc; path=/; Max-Age=900
___utmvaOKuoNovZ=zHYBKLx; path=/; Max-Age=900
___utmvbOKuoNovZ=zZW XbBONalt: Wts; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 9-265240-265256 2NNN RT(1668065033177 164) q(0 0 0 0) r(18 18) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/9817377_orig.jpg
45.60.97.221200 OK 257 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/9817377_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1100x621, components 3\012- data
Size 257 kB (257190 bytes)
Hash 3762e34086e81c067eecb2a5a2dc9e53
5e6ee1c6ae0cb40551a227fcb46319a1823f0d64
4c440d82c925e2917091282784cc02ab00ce4f911304f6de4ec247cb6777d382
GET /uploads/3/5/1/6/35163940/9817377_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; incap_ses_677_2508144=9apFOXqyixAieILPaTBlCQunbGMAAAAA4qpcKqvwjfyCSKct1O2wLg==; ___utmvmOKuoNovZ=eZOtHbByyhk; ___utmvbOKuoNovZ=nZe XWCONaln: HtK
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 07:23:56 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2017 18:32:10 GMT
Accept-Ranges: bytes
Content-Length: 257190
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; expires=Fri, 10 Nov 2023 06:34:08 GMT; HttpOnly; path=/; Domain=.wenzelcontracting.com
incap_ses_677_2508144=9apFOXqyixAieILPaTBlCQunbGMAAAAA4qpcKqvwjfyCSKct1O2wLg==; path=/; Domain=.wenzelcontracting.com
___utmvbOKuoNovZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 06:21:19 GMT
___utmvmOKuoNovZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 06:21:19 GMT
X-CDN: Imperva
X-Iinfo: 5-464552-218522 2NNN RT(1668065033180 3558) q(0 0 0 -1) r(0 0) U18
wenzelcontracting.com/uploads/3/5/1/6/35163940/5061888_orig.jpg
45.60.97.221200 OK 37 kB URL HTTP/1.1 wenzelcontracting.com/uploads/3/5/1/6/35163940/5061888_orig.jpg
IP 45.60.97.221:0
File type JPEG image data, baseline, precision 8, 300x175, components 3\012- data
Hash 055cddf171018bc8d906e9ab4e7d4729
4894216d06e9b0790312055a92f491e25327a9b4
42704ea6058ac7a4166566e0a6638bf49055cc8c94003641b00db42e726e3d65
GET /uploads/3/5/1/6/35163940/5061888_orig.jpg HTTP/1.1
Host: wenzelcontracting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wenzelcontracting.com/index.html
Cookie: visid_incap_2508144=WPilmkedRx66npSdAcCTegenbGMAAAAAQUIPAAAAAADRhtx5322fFFZ8YRbd1yAy; incap_ses_677_2508144=9apFOXqyixAieILPaTBlCQunbGMAAAAA4qpcKqvwjfyCSKct1O2wLg==
HTTP/1.1 200 OK
Etag: "4999f793"
Last-Modified: Thu, 16 Nov 2017 18:32:13 GMT
Content-Type: image/jpeg
Content-Length: 36593
Cache-Control: max-age=51235, public
Expires: Thu, 10 Nov 2022 21:37:54 GMT
Date: Thu, 10 Nov 2022 07:23:59 GMT
X-CDN: Imperva
X-Iinfo: 5-464552-448628 2CNN RT(1668065033180 6562) q(0 0 0 -1) r(0 0) U18