firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X5mJX0J1OdB4f6UJw2TkAyPN2gKcUEg6hZZK98eSZaue7M4NavqgWw==
Age: 152905
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7926
Expires: Fri, 07 Oct 2022 12:27:49 GMT
Date: Fri, 07 Oct 2022 10:15:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Fri, 07 Oct 2022 11:19:08 GMT
Date: Fri, 07 Oct 2022 10:15:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fVRaJe1dz1b8prTXR8Hv/GMVR9KBQMb/R7q7YAhsruW4IZnNsmb7OtRsfsBkQXhMbCeBoG2zmWs=
x-amz-request-id: 93VZPJF91F1S1KYQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 09:59:07 GMT
age: 996
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
workplacemassageandwellbeing.com/
199.34.228.41301 Moved Permanently 252 B URL HTTP/1.1 workplacemassageandwellbeing.com/
IP 199.34.228.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash deef3a408d26b18103542c30c8ee8f1a
c9273f69a517fb74fbb41d9bb32e132ef56f054e
a5e75e751f4fd914a278068caabbc033e032a3bf202d7d9f452e54d0a92a355a
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 10:15:43 GMT
Server: Apache
Location: http://www.workplacemassageandwellbeing.com/
Content-Length: 252
Keep-Alive: timeout=10, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 10:15:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 09:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 10:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jOyeu57pryPnpVi9spcn2Ux1zRcdD1NJScZ7R4UtQmIbsa7Y_K4QQg==
Age: 2762
www.workplacemassageandwellbeing.com/
199.34.228.41301 Moved Permanently 426 B URL HTTP/1.1 www.workplacemassageandwellbeing.com/
IP 199.34.228.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c4e36f6e83beeb04c716bf8bc3c3a5ab
0485d937691929363be3ab9ba340727d43a042b9
a8a8791015621e473ff13abb188fd20103876e8c514b892c68eaeae4e22133b2
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 10:15:43 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.workplacemassageandwellbeing.com
Vary: X-W-SSL,User-Agent
Location: https://www.workplacemassageandwellbeing.com/
X-Host: grn52.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 426
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3983
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:43 GMT
Last-Modified: Fri, 07 Oct 2022 09:09:20 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lc4em2/RqZpYTgUgUmdYBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xjizht0UkK8d+Icy3vOzh2FhD/Y=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d8f8fbb39504e5acee3522b58a7ec8e
15fe90aca2d82961a67b2cf8470a494e71bb508c
6c5f7604d849ebff7773675cd078183ebec3c92766bb19532709494abd122ca7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C5F7604D849EBFF7773675CD078183EBEC3C92766BB19532709494ABD122CA7"
Last-Modified: Thu, 06 Oct 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21500
Expires: Fri, 07 Oct 2022 16:14:04 GMT
Date: Fri, 07 Oct 2022 10:15:44 GMT
Connection: keep-alive
www.workplacemassageandwellbeing.com/
199.34.228.41200 OK 12 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/
IP 199.34.228.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2439), with CRLF, LF line terminators
Hash 8850fa6bcce1c5eae9f8d3b2430770c0
4f5b703215b992d7915ea3da0d5d6d6c37f184cb
dd19a5ddf034596b195eedb4cfaf070cd3a9101dd444e54965c7f7e2bf2f136c
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 10:15:44 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.workplacemassageandwellbeing.com
language=en; expires=Fri, 21-Oct-2022 10:15:44 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"e111073e04d536c1d5bdc4b50c9a6fa8-gzip"
Content-Encoding: gzip
X-Host: blu80.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11909
Keep-Alive: timeout=10, max=65
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/sites.css?buildTime=1664981234
151.101.85.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1664981234
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1664981234 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 05 Oct 2022 13:57:33 GMT
etag: W/"633d8d4d-347ac"
expires: Wed, 19 Oct 2022 14:50:31 GMT
cache-control: max-age=1209600
x-host: blu61.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156312
x-served-by: cache-sjc10077-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 24
x-timer: S1665137745.758371,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/slideshow/slideshow.css?1664981234
151.101.85.46200 OK 1.5 kB URL HTTP/2 cdn2.editmysite.com/css/old/slideshow/slideshow.css?1664981234
IP 151.101.85.46:0
File type ASCII text, with very long lines (7352)
Hash ba9bbd4df86b5b255f5ef44658e52130
3970cecb6939475f95556c2d32d17de0d1645f32
244b7b062e6e558009c622e46008d5542604b9163315220199a2ac50868ff3e5
GET /css/old/slideshow/slideshow.css?1664981234 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 05 Oct 2022 13:57:52 GMT
etag: W/"633d8d60-1cb9"
expires: Wed, 19 Oct 2022 14:50:38 GMT
cache-control: max-age=1209600
x-host: grn21.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156306
x-served-by: cache-sjc10073-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 71, 2
x-timer: S1665137745.758761,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1488
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1664981234&
151.101.85.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1664981234&
IP 151.101.85.46:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Hash 36b7cdc28226704202934db7c0814442
a449b0b9bb405990edb566559e90079a7d81cc73
ca8fa387cfac9ae189ba1143b20cdc14df863eb5145f3e04c25a2396141dbeb5
GET /js/lang/en/stl.js?buildTime=1664981234& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:56:35 GMT
etag: "633d8d13-2c727"
expires: Wed, 19 Oct 2022 14:50:32 GMT
cache-control: max-age=1209600
x-host: grn117.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156313
x-served-by: cache-sjc10020-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 23, 9
x-timer: S1665137745.758864,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 33000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1665093950
151.101.85.46200 OK 1.4 kB URL HTTP/2 cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1665093950
IP 151.101.85.46:0
File type ASCII text, with very long lines (3600), with no line terminators
Hash 121a5b9688d8e70ee7bb06cc79491f76
3a28220baa7d8879270c8311bed7dddefa7e43e9
181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
GET /js/site/footerSignup.js?buildTime=1665093950 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 06 Oct 2022 21:51:17 GMT
etag: "633f4dd5-e10"
expires: Thu, 20 Oct 2022 22:09:12 GMT
cache-control: max-age=1209600
x-host: blu81.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 43592
x-served-by: cache-sjc10063-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 28, 118
x-timer: S1665137745.762073,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1372
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/theme-plugins.js?buildTime=1664981234
151.101.85.46200 OK 3.7 kB URL HTTP/2 cdn2.editmysite.com/js/site/theme-plugins.js?buildTime=1664981234
IP 151.101.85.46:0
File type ASCII text, with very long lines (12622), with no line terminators
Hash 326fac3bf2f5a48ddb695ce00260efd8
824134c8f3cbfc5b0ce818dcb0befc99842e4fa6
8fa81dbf4afb7142ee09f89d14e23fd44928c782bced6ef6c44fe9515429af50
GET /js/site/theme-plugins.js?buildTime=1664981234 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:57:57 GMT
etag: "633d8d65-314e"
expires: Wed, 19 Oct 2022 14:50:37 GMT
cache-control: max-age=1209600
x-host: grn44.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156307
x-served-by: cache-sjc10047-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 41, 4
x-timer: S1665137745.759208,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 3747
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Raleway/font.css?2
151.101.85.46200 OK 318 B URL HTTP/2 cdn2.editmysite.com/fonts/Raleway/font.css?2
IP 151.101.85.46:0
Hash 2ad8307758bc44c36781537e65c682df
d11b12c6899d51858b94a1e244c1de96ff9ebec6
86d13d47326e5c4024a04dc04c67a7d084a86c4ab5384446a4ee5981aa730540
GET /fonts/Raleway/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 20 Sep 2022 22:41:04 GMT
etag: "632a4180-6b1"
expires: Tue, 11 Oct 2022 10:01:23 GMT
cache-control: max-age=1209600
x-host: grn8.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 864861
x-served-by: cache-sjc10049-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 37
x-timer: S1665137745.766301,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 318
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1664981234
151.101.85.46200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1664981234
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash 27c13d2789423c9e613e60957df662c3
35f8373fb4ab01e6043968bfc9b8fb108041f5d2
e58d1becd1ee4b78747f37c91e6f8c03a42b19c9ca9976fceb201d605e69ac02
GET /css/social-icons.css?buildtime=1664981234 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 05 Oct 2022 13:57:33 GMT
etag: W/"633d8d4d-3319"
expires: Wed, 19 Oct 2022 14:50:32 GMT
cache-control: max-age=1209600
x-host: grn117.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156313
x-served-by: cache-sjc10076-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 66, 22
x-timer: S1665137745.766321,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1664981234
151.101.85.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1664981234
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1664981234 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Wed, 05 Oct 2022 13:57:39 GMT
etag: "633d8d53-f47"
expires: Wed, 19 Oct 2022 14:50:36 GMT
cache-control: max-age=1209600
x-host: grn117.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156309
x-served-by: cache-sjc10036-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 53, 25
x-timer: S1665137745.766371,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Source_Sans_Pro/font.css?2
151.101.85.46200 OK 404 B URL HTTP/2 cdn2.editmysite.com/fonts/Source_Sans_Pro/font.css?2
IP 151.101.85.46:0
Hash dcdc778275d0a4faa830ef279f0e2481
930fcab007b065780a71c0428eb78cf132d18943
8e92423d8a8ddc705b8e62d8e5f2867057b29cc3feebfb1505add954b9d098a1
GET /fonts/Source_Sans_Pro/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 20 Sep 2022 22:41:04 GMT
etag: "632a4180-df8"
expires: Mon, 10 Oct 2022 13:20:24 GMT
cache-control: max-age=1209600
x-host: blu149.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 939320
x-served-by: cache-sjc10037-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-timer: S1665137745.766346,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 404
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Roboto_Condensed/font.css?2
151.101.85.46200 OK 373 B URL HTTP/2 cdn2.editmysite.com/fonts/Roboto_Condensed/font.css?2
IP 151.101.85.46:0
Hash ca19f5e06d367ac0ce1343ba6edc3045
61f4f2304a76d3a511906bab431f677a0830a401
e3d8bc3d3484b6bf52273243879ff7954752fdc82a224036bd35d0e04c15b416
GET /fonts/Roboto_Condensed/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 04 Oct 2022 22:15:59 GMT
etag: "633cb09f-a54"
expires: Wed, 19 Oct 2022 15:55:08 GMT
cache-control: max-age=1209600
x-host: blu111.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 152436
x-served-by: cache-sjc10027-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 1
x-timer: S1665137745.774787,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 373
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1664981234
151.101.85.46200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1664981234
IP 151.101.85.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1664981234 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:57:57 GMT
etag: "633d8d65-74804"
expires: Wed, 19 Oct 2022 14:50:31 GMT
cache-control: max-age=1209600
x-host: blu110.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156312
x-served-by: cache-sjc10083-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 19, 5
x-timer: S1665137745.758956,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
151.101.85.46200 OK 9.7 kB URL HTTP/2 cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP 151.101.85.46:0
File type PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Hash 6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdujQNpHaXULXK5hWOudOsrFbrCOJBmkXkf6lNHnzHxB1q3PphW4yFVZQbxms7rfGEwEu0IdDaAyLbpAPqDN6NvCrqCgiKDD
cache-control: public, max-age=86400, s-maxage=259200
expires: Thu, 06 Oct 2022 22:59:09 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
content-type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
via: 1.1 varnish
age: 40589
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 113
x-timer: S1665137745.763041,VS0,VE0
access-control-allow-origin: *
content-length: 9677
X-Firefox-Spdy: h2
www.workplacemassageandwellbeing.com/files/main_style.css?1665049075
199.34.228.41200 OK 6.9 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/files/main_style.css?1665049075
IP 199.34.228.41:0
File type ASCII text, with very long lines (427)
Hash b5624198fdb981b9fb44179a94bd23f1
ab3c3b898b5ea55e0a10a733f94d49f89876139f
93eaa1fa64e58a9cb2a57fccdd34d780876a774615518727fafbc2293c9cae26
Analyzer Verdict Alert quad9 Sinkholed
GET /files/main_style.css?1665049075 HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn142.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.workplacemassageandwellbeing.com/files/theme/custom.js?1476300631
199.34.228.41200 OK 1.6 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/files/theme/custom.js?1476300631
IP 199.34.228.41:0
Hash 7045ed5143bcd8b0f33841ebc82c2bc1
22c2e48f080d12115d367e8a94bf8ebf986dcbb1
71265e36f9d462522b4b641744227ea63906e3b529a031c7f5b7e2ee36f4e9c1
Analyzer Verdict Alert quad9 Sinkholed
GET /files/theme/custom.js?1476300631 HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 12:22:05 GMT
ETag: W/"84b32f3588ac7a3a06daafa2cbb2f893"
x-amz-request-id: tx0000000000000b6239681-006092e487-177c75c-las
X-Storage-Bucket: z2f1e
X-Storage-Object: 2f1eb6ddf279fcb40059ea29abd6b53cd323fe255a7754f0410aa93d777d3a45
X-Host: blu22.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/fonts/Raleway/bold.woff2
151.101.85.46200 OK 21 kB URL HTTP/2 cdn2.editmysite.com/fonts/Raleway/bold.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 21440, version 1.0\012- data
Hash 94fafbcc94523bdae26461e70966bae3
2225772fffa5f225d427cbcf27348c5eed29dcd2
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
GET /fonts/Raleway/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Tue, 20 Sep 2022 22:41:04 GMT
etag: "632a4180-53c0"
expires: Thu, 06 Oct 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: grn5.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 870807
x-served-by: cache-sjc10038-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 5
x-timer: S1665137745.050781,VS0,VE0
access-control-allow-origin: *
content-length: 21440
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Source_Sans_Pro/italic.woff2
151.101.85.46200 OK 13 kB URL HTTP/2 cdn2.editmysite.com/fonts/Source_Sans_Pro/italic.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash eaf55d1d3b7c4a30203d2d5226c49b6d
11b63b740965603ef544f261ef036d24e6bb1fb5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
GET /fonts/Source_Sans_Pro/italic.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Tue, 27 Sep 2022 12:21:33 GMT
etag: "6332eacd-3124"
expires: Tue, 11 Oct 2022 12:54:13 GMT
cache-control: max-age=1209600
x-host: blu34.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 854491
x-served-by: cache-sjc10077-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1665137745.050750,VS0,VE1
access-control-allow-origin: *
content-length: 12580
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Source_Sans_Pro/regular.woff2
151.101.85.46200 OK 13 kB URL HTTP/2 cdn2.editmysite.com/fonts/Source_Sans_Pro/regular.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /fonts/Source_Sans_Pro/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Mon, 03 Oct 2022 17:44:06 GMT
etag: "633b1f66-32ec"
expires: Tue, 18 Oct 2022 08:11:53 GMT
cache-control: max-age=1209600
x-host: grn125.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 266631
x-served-by: cache-sjc10056-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1995, 1
x-timer: S1665137745.050780,VS0,VE1
access-control-allow-origin: *
content-length: 13036
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Source_Sans_Pro/bold.woff2
151.101.85.46200 OK 13 kB URL HTTP/2 cdn2.editmysite.com/fonts/Source_Sans_Pro/bold.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /fonts/Source_Sans_Pro/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Tue, 04 Oct 2022 22:15:59 GMT
etag: "633cb09f-327c"
expires: Wed, 19 Oct 2022 10:07:00 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 173324
x-served-by: cache-sjc10064-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 367, 1
x-timer: S1665137745.058491,VS0,VE1
access-control-allow-origin: *
content-length: 12924
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1664978253965
151.101.85.46200 OK 2.6 kB URL HTTP/2 cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1664978253965
IP 151.101.85.46:0
File type Web Open Font Format, TrueType, length 2636, version 1.0\012- data
Hash 0e88795b66eeac48b209209aa0179411
983e16566390f9167c6c4fbbdb052623fc01a631
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
GET /fonts/wSocial/wsocial.woff?ts=1664978253965 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff
last-modified: Tue, 04 Oct 2022 22:15:59 GMT
etag: "633cb09f-a4c"
expires: Wed, 19 Oct 2022 14:16:41 GMT
cache-control: max-age=1209600
x-host: grn127.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 158343
x-served-by: cache-sjc10052-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 55, 11
x-timer: S1665137745.066486,VS0,VE0
access-control-allow-origin: *
content-length: 2636
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Source_Sans_Pro/ultralight.woff2
151.101.85.46200 OK 13 kB URL HTTP/2 cdn2.editmysite.com/fonts/Source_Sans_Pro/ultralight.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 12680, version 1.0\012- data
Hash 7996b24caa1cfc66f4f15a949e974826
2523f1ff45314e977722ef1e477e34d0b2390a07
570fccbb23e47f3f48767d3b6199198988328bac118fd6933def8f5fb4478472
GET /fonts/Source_Sans_Pro/ultralight.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Mon, 03 Oct 2022 17:44:06 GMT
etag: "633b1f66-3188"
expires: Tue, 18 Oct 2022 12:30:05 GMT
cache-control: max-age=1209600
x-host: blu150.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 251139
x-served-by: cache-sjc10055-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 32, 1
x-timer: S1665137745.066501,VS0,VE1
access-control-allow-origin: *
content-length: 12680
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6af338bde588ece73ce5a3680dbc91b6
d30e8365b7b80e4dd8ac657840117077837e1534
7bf76c0623f26b1591c972559f0a2870da25ca39d3abe5454a0cebf637c63292
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5085
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:45 GMT
Last-Modified: Fri, 07 Oct 2022 08:51:00 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.workplacemassageandwellbeing.com/files/theme/mobile.js?1476300631
199.34.228.41200 OK 3.1 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/files/theme/mobile.js?1476300631
IP 199.34.228.41:0
Hash c722d787ab49f248e68aaa3f175fcee5
5167e9b1f1583d977e2890858b91cd6dc4579b4e
6b34c51431f8c6782f27e85c464e0f47a7decc0650e3ddc4fe10ff78ff43b88b
Analyzer Verdict Alert quad9 Sinkholed
GET /files/theme/mobile.js?1476300631 HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 23 Nov 2019 09:56:21 GMT
ETag: W/"021be8d3df6ba8a7f71564e4e9440fd9"
x-amz-request-id: tx0000000000000031b527e-00612bddfc-a803088-sfo1
X-Storage-Bucket: zf349
X-Storage-Object: f34994f1541b2aa9e8eeb12f8881e6fc3e3d8ccf1a17716a59b1f5f756f5d1a6
X-Host: grn42.sf2p.intern.weebly.net
Content-Encoding: gzip
www.workplacemassageandwellbeing.com/files/theme/plugins.js?1476300631
199.34.228.41200 OK 16 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/files/theme/plugins.js?1476300631
IP 199.34.228.41:0
Hash 43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
Analyzer Verdict Alert quad9 Sinkholed
GET /files/theme/plugins.js?1476300631 HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001ae94c4-006284793b-b9fbc20-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: grn28.sf2p.intern.weebly.net
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 10:15:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 10:15:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 10:15:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b10a2c23d975a25e56610bef9644086f
8a67a3f5b1b3a4cf8009e7ed005d3a35fba26710
175ee7cf5908324bce2b244ee9e4a1c93139bb6813fb61d4423509161f4b8961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4396
x-amzn-requestid: 0dd4fb48-52fd-4a26-b40b-0f6b263bffa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmi-dGSpoAMF87Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b8f-75df75ca36fbf230397bdcb2;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:41:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: tcMpMcrC5NQAUhc4zfKjsFsMm1Aa1F6aqxajvY8N5GwCrNeZ7CyyHw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 43615
etag: "8a67a3f5b1b3a4cf8009e7ed005d3a35fba26710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa74f37d774e88f35e8d28397e066dc
6864ffbbeba98f1afdcc89c6588a21868bd33b4c
1c2f63843f2699f1c7a1df149d048dcc265387cbac9e6e9ca89ee7487a166ed8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 82d6eec9-0b0a-4342-9805-da201179818c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zd9izGiRIAMF_rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633bdc78-4a82b86b2d75b9127b12415b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 07:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d4GkQkVlHcLruEBQvyZ6T5ZSc7quxUully07xJ7_v4X3j2G_l7sbbw==
via: 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 07:11:13 GMT
age: 11072
etag: "6864ffbbeba98f1afdcc89c6588a21868bd33b4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 45125
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fb155a5d0fa0cebfa4cd03606f1f48c
c44cac382e2f2eb2b6ce35da6dfb37747d436d60
ca79a1bcc80f4e6fece82a0efb71a6c9af2b0b3d67b8f8c010a7f02ded6d2cfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6900
x-amzn-requestid: 9c86242f-70de-4484-90eb-ef6d9e7cde10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmpMaFCIoAMFYdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f5582-79871c575f974721675e9cd2;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 22:24:02 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: dbKiRZRm7d978ZvK90nLjT8yFRQatSZvrjDdbCXtedMWi9DgMbhSjQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 04:22:08 GMT
age: 21217
etag: "c44cac382e2f2eb2b6ce35da6dfb37747d436d60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3a09d5d16b53ee4490d882ed48c0075
ce9546b225787f1c765be9bbef42f585c83a10d3
ac27484dba78ee6657f5aa791999d4958ccdfba8e67a011f4ab4034fa235a26f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6847
x-amzn-requestid: 9af16d4c-106c-4e8d-912b-e6f4fa44daa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkjcNHkAIAMFsDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e7f81-35fc285b7639a1a879d89f00;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 07:10:57 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 4d5W1LjWo-F3wimuYTXZo_pEZ8vIyXPZub9qQGHa5dmOGU_RBXlArw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 07:20:20 GMT
age: 10525
etag: "ce9546b225787f1c765be9bbef42f585c83a10d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae567a6922213a56f35ddc5d5cc1d0f1
fc49df76e8625d8542b0634bfcf12b8d6cda445c
135f25c0350ad26235447cdfba53a45e5d0f9f4c07a6c1e66dd2ed4a4a487f86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9995
x-amzn-requestid: 46d789c8-c830-4003-a752-472ee853a14b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-GRZIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-5d69f864308ea18c0440203e;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: AhetYWEoOD9HJelPo3_Uo1Jng9xDy_qbIwt1H-_Qyxxtcf0O52pYmw==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 45125
etag: "fc49df76e8625d8542b0634bfcf12b8d6cda445c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 21:45:07 GMT
etag: "6334c063-124fe"
expires: Thu, 13 Oct 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu29.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 697024
x-served-by: cache-sjc10077-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 7786
x-timer: S1665137745.478562,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/old/slideshow/control_icons.gif
151.101.85.46200 OK 187 B URL HTTP/2 cdn2.editmysite.com/images/old/slideshow/control_icons.gif
IP 151.101.85.46:0
File type GIF image data, version 89a, 25 x 13\012- data
Hash 88041de02e278ceedcd7de52bcdb8156
775bf1f3464e006b3f644512e52477ecc9385222
00bd643d7b1cd928b72aa4b6d69df8d5838a8f07e26294fda69ab365fa454c3f
GET /images/old/slideshow/control_icons.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1664981234
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdshi5dyZeH9UESInyD9J5g_61Wg2R1_PTIghVnPr9VsZH5-xUfxzdiSYpFlocOZGdRzMZc_6S5r_-c8Jq5Aqjw_4jDvyx18
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 16 Sep 2022 01:10:40 GMT
last-modified: Thu, 25 May 2017 18:53:05 GMT
etag: "88041de02e278ceedcd7de52bcdb8156"
x-goog-generation: 1495738385881388
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 187
content-type: image/gif
x-goog-hash: crc32c=P9yuOw==, md5=iAQd4C4njO7c195SvNuBVg==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
via: 1.1 varnish
age: 32334
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 36
x-timer: S1665137746.561378,VS0,VE0
access-control-allow-origin: *
content-length: 187
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/old/loading.gif
151.101.85.46200 OK 3.0 kB URL HTTP/2 cdn2.editmysite.com/images/old/loading.gif
IP 151.101.85.46:0
File type GIF image data, version 89a, 30 x 30\012- data
Hash 0b0212ec4e07451700c88a335ebba854
e62e40bbd31145dc64c0a555991a5dc5696d1943
37f5bf015ade9651005d72bcfdbb48838014c1c357f848585df731bc7eaff120
GET /images/old/loading.gif HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1664981234
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsAPX9t63Z52N0sdiVUmM_grIUV0m5jmdEhedV_CNGUN3rWj7y_kDSks9iloJ6KseRswErEYSWd5x4rOSADBCmvfjSRvsI4
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 16 Sep 2022 03:29:09 GMT
last-modified: Thu, 25 May 2017 18:45:50 GMT
etag: "0b0212ec4e07451700c88a335ebba854"
x-goog-generation: 1495737950396999
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2964
content-type: image/gif
x-goog-hash: crc32c=F+8alw==, md5=CwIS7E4HRRcAyIozXruoVA==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
via: 1.1 varnish
age: 24035
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 39
x-timer: S1665137746.583009,VS0,VE0
access-control-allow-origin: *
content-length: 2964
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1665093950
151.101.85.46200 OK 886 B URL HTTP/2 cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1665093950
IP 151.101.85.46:0
File type ASCII text, with very long lines (2632)
Hash 5c465ace654da8d0e367f91e7751ae62
f218f483eccbba5be90abf97eff819569329f8b7
0c91c8e311bc809644913a2ff023585ba587ecfc834ba3cd152544e75d422bd9
GET /css/free-footer-v3.css?buildtime=1665093950 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 06 Oct 2022 21:50:50 GMT
etag: "633f4dba-a49"
expires: Thu, 20 Oct 2022 22:09:12 GMT
cache-control: max-age=1209600
x-host: blu128.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 43593
x-served-by: cache-sjc10056-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 110
x-timer: S1665137746.585374,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 886
X-Firefox-Spdy: h2
www.workplacemassageandwellbeing.com/files/theme/images/icons.woff?-h6wei0?1665049075
199.34.228.41200 OK 1.5 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/files/theme/images/icons.woff?-h6wei0?1665049075
IP 199.34.228.41:0
File type Web Open Font Format, TrueType, length 1548, version 0.0\012- data
Hash faa6ed0315d9808836928ecd032e126b
45a2b269dc10182b8ed72477cd4b8e040b9732fa
fc7c1fa418ac31d6c6ea48b85bb4e23f7740b6f91542890a0e1fd766d7aa8bd1
Analyzer Verdict Alert quad9 Sinkholed
GET /files/theme/images/icons.woff?-h6wei0?1665049075 HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/files/main_style.css?1665049075
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: font/woff
Content-Length: 1548
Connection: keep-alive
Last-Modified: Sun, 29 Dec 2019 04:16:27 GMT
x-rgw-object-type: Normal
ETag: "faa6ed0315d9808836928ecd032e126b"
x-amz-request-id: tx00000000000000c4ef481-006333c61e-c699baa-sfo1
X-Storage-Bucket: zfc7c
X-Storage-Object: fc7c1fa418ac31d6c6ea48b85bb4e23f7740b6f91542890a0e1fd766d7aa8bd1
X-Host: blu86.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=601006116735032276&ineditor=0&control=0&width=auto&height=450px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=10&long=-2.714956&lat=51.651829&domain=www&point=1&align=2&reseller=false
74.115.50.109302 Found 0 B URL HTTP/1.1 www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=601006116735032276&ineditor=0&control=0&width=auto&height=450px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=10&long=-2.714956&lat=51.651829&domain=www&point=1&align=2&reseller=false
IP 74.115.50.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /weebly/apps/generateMap.php?map=google&elementid=601006116735032276&ineditor=0&control=0&width=auto&height=450px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=10&long=-2.714956&lat=51.651829&domain=www&point=1&align=2&reseller=false HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 07 Oct 2022 10:15:45 GMT
Server: Apache
Location: https://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=601006116735032276&ineditor=0&control=0&width=auto&height=450px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=10&long=-2.714956&lat=51.651829&domain=www&point=1&align=2&reseller=false
X-Host: blu117.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-editor=ECHABNAK; Domain=weebly.com; Path=/
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/screenshot-20221006-103358_orig.jpg
199.34.228.41200 OK 91 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/screenshot-20221006-103358_orig.jpg
IP 199.34.228.41:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1079x726, components 3\012- data
Hash 338fe249a3dd5d53815ef3a9d5213ee0
6e82e996c3a3b70fabcd8a00b9629787c7e6c29e
4391fe2f419c8e30f90eeff2e3d236db7a4398e9a78e93b69cc21dd35ee217ca
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/screenshot-20221006-103358_orig.jpg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/jpeg
Content-Length: 91318
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 09:34:05 GMT
x-rgw-object-type: Normal
ETag: "338fe249a3dd5d53815ef3a9d5213ee0"
x-amz-request-id: tx000000000000012d3150f-00633ea19d-c699baa-sfo1
X-Storage-Bucket: z4391
X-Storage-Object: 4391fe2f419c8e30f90eeff2e3d236db7a4398e9a78e93b69cc21dd35ee217ca
X-Host: grn49.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/772646986.jpg
199.34.228.41200 OK 73 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/772646986.jpg
IP 199.34.228.41:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x532, components 3\012- data
Hash 4c7c69a346d63195757b1d79d1130403
343ae461e73733bf7603360945a1c98fb50837e7
d17fea618dee9c77a2eab7696bfc843aac4954f931f2e7e052e81c2ba36aab6b
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/background-images/772646986.jpg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/jpeg
Content-Length: 73407
Connection: keep-alive
Last-Modified: Mon, 02 Aug 2021 15:08:12 GMT
x-rgw-object-type: Normal
ETag: "4c7c69a346d63195757b1d79d1130403"
x-amz-request-id: tx000000000000011b04c6b-00633e2e4e-c6aed46-sfo1
X-Storage-Bucket: zd17f
X-Storage-Object: d17fea618dee9c77a2eab7696bfc843aac4954f931f2e7e052e81c2ba36aab6b
X-Host: grn150.sf2p.intern.weebly.net
Accept-Ranges: bytes
cdn2.editmysite.com/images/landing-pages/global/logotype.svg
151.101.85.46200 OK 1.5 kB URL HTTP/2 cdn2.editmysite.com/images/landing-pages/global/logotype.svg
IP 151.101.85.46:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2858)
Hash 0d1c9fb7005532e7b245cfdf1280d805
2466421992f1fb0e44829833aaee7afc0e5ac7cc
8691b92eed1360903b2182d81e491c80141d0cd051366ce3e8c4f359538eb1ff
GET /images/landing-pages/global/logotype.svg HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1665093950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduITtRhv_5h862549JhDllw6e8s6BnV_OXwumpJRf4tFUCeyTwCkktV2dvyagvDEGSph_ZPdebwS4sUYTbNDwxM4yW9wl-L
cache-control: public, max-age=86400, s-maxage=259200
expires: Sat, 17 Sep 2022 00:08:57 GMT
last-modified: Wed, 10 Oct 2018 21:37:00 GMT
etag: "bc61dcb431a14c508075eeff4f74523a"
x-goog-generation: 1539207420450301
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3507
content-type: image/svg+xml
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
x-goog-storage-class: STANDARD
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
via: 1.1 varnish
age: 209123
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 974
x-timer: S1665137746.771520,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1488
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
151.101.85.46200 OK 31 kB URL HTTP/2 cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 30768, version 1.393\012- data
Hash 2344124773c71bf4fa4ad407e7c3a467
3394a43ab1efab8a22a1f07222f7f02a9e12cbb8
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
GET /fonts/SQ_Market/sqmarket-medium.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Tue, 20 Sep 2022 22:41:04 GMT
etag: "632a4180-7830"
expires: Tue, 11 Oct 2022 09:22:37 GMT
cache-control: max-age=1209600
x-host: grn42.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:45 GMT
age: 867188
x-served-by: cache-sjc10053-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2249
x-timer: S1665137746.772406,VS0,VE0
access-control-allow-origin: *
content-length: 30768
X-Firefox-Spdy: h2
www.workplacemassageandwellbeing.com/files/theme/images/menu-trigger-v1.png?1665049075
199.34.228.41200 OK 1.0 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/files/theme/images/menu-trigger-v1.png?1665049075
IP 199.34.228.41:0
File type PNG image data, 26 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 68a689937f05dd8d7dfdd615d8d5360d
3892246a091c9d0e13c822ee439a629a909949e1
24e04cb047e6de56e75c304a58b397c8f9d767984768de37445eb0fe48de743b
Analyzer Verdict Alert quad9 Sinkholed
GET /files/theme/images/menu-trigger-v1.png?1665049075 HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/files/main_style.css?1665049075
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/png; charset=binary
Content-Length: 1027
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 00:27:21 GMT
ETag: "68a689937f05dd8d7dfdd615d8d5360d"
x-amz-request-id: tx0000000000000031cd803-00612bde59-a51841d-sfo1
X-Storage-Bucket: z24e0
X-Storage-Object: 24e04cb047e6de56e75c304a58b397c8f9d767984768de37445eb0fe48de743b
X-Host: grn42.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/bespoke-dance_orig.jpg
199.34.228.41200 OK 8.7 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/bespoke-dance_orig.jpg
IP 199.34.228.41:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 334x151, components 3\012- data
Hash 6a23143945eb18e30fa091f7fcc04812
59aab94296a6fdba406435ef1d59a74648587057
a6c64a7fc43b1348be2c7ac04b2e5d6bf9009b6b83a0a1932ae71cbcd5d33857
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/bespoke-dance_orig.jpg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/jpeg
Content-Length: 8668
Connection: keep-alive
Last-Modified: Sun, 26 May 2019 15:47:52 GMT
x-rgw-object-type: Normal
ETag: "6a23143945eb18e30fa091f7fcc04812"
x-amz-request-id: tx000000000000012193843-00633d5eab-c669cc6-sfo1
X-Storage-Bucket: za6c6
X-Storage-Object: a6c64a7fc43b1348be2c7ac04b2e5d6bf9009b6b83a0a1932ae71cbcd5d33857
X-Host: grn142.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/screenshot-20221006-102007_orig.jpg
199.34.228.41200 OK 91 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/screenshot-20221006-102007_orig.jpg
IP 199.34.228.41:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1079x731, components 3\012- data
Hash 1fb5976f3459f13e4c19285d9b2970b5
e46b13590b3eb6d75124a7fd0553ea0e125610ff
1ba588c12c03a8a4a2dbf7ae1a708aff8a233f67ab840150eabd0a6083128202
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/screenshot-20221006-102007_orig.jpg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/jpeg
Content-Length: 90862
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 09:20:18 GMT
x-rgw-object-type: Normal
ETag: "1fb5976f3459f13e4c19285d9b2970b5"
x-amz-request-id: tx000000000000012b9212a-00633ffc51-c6aed46-sfo1
X-Storage-Bucket: z1ba5
X-Storage-Object: 1ba588c12c03a8a4a2dbf7ae1a708aff8a233f67ab840150eabd0a6083128202
X-Host: blu139.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/chep-racecourse_orig.png
199.34.228.41200 OK 12 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/chep-racecourse_orig.png
IP 199.34.228.41:0
File type PNG image data, 441 x 114, 8-bit colormap, non-interlaced\012- data
Hash d603303fc748b33b50f6532434de8f1a
1a87ee4c8bbf23c7db7f1104bd74fe1caa82682c
3ec9467a4f35693871a8171c57044b856d7f96c225ee59c9e50849a496c94dea
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/chep-racecourse_orig.png HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/png
Content-Length: 11626
Connection: keep-alive
Last-Modified: Sun, 27 Jan 2019 18:04:56 GMT
x-rgw-object-type: Normal
ETag: "d603303fc748b33b50f6532434de8f1a"
x-amz-request-id: tx000000000000012c3701e-00633e570b-c669cc6-sfo1
X-Storage-Bucket: z3ec9
X-Storage-Object: 3ec9467a4f35693871a8171c57044b856d7f96c225ee59c9e50849a496c94dea
X-Host: blu86.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74905346dba6db68640ef1d1f1a0c5b9
363eb2ab53a8089dcb7bb868e1888b721f74763a
257ab5b036e09ed647c9e0ac48e2a24cadaa6194cb3a210d6dfb2858249b91d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:46 GMT
Last-Modified: Fri, 07 Oct 2022 08:46:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/creo_orig.png
199.34.228.41200 OK 17 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/creo_orig.png
IP 199.34.228.41:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f05555e829af55c425eaea23c77c332b
8b3eea8cc9d7c4a187ff5b25726bb15f4758fc84
e706a42236c8715aeebd03606c72fd8f1ee60c7a8bc9a632cf3e9bf51615342a
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/creo_orig.png HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/png
Content-Length: 16809
Connection: keep-alive
Last-Modified: Sun, 26 May 2019 16:06:32 GMT
x-rgw-object-type: Normal
ETag: "f05555e829af55c425eaea23c77c332b"
x-amz-request-id: tx00000000000001124baa9-00633d3dcf-c67eadd-sfo1
X-Storage-Bucket: ze706
X-Storage-Object: e706a42236c8715aeebd03606c72fd8f1ee60c7a8bc9a632cf3e9bf51615342a
X-Host: blu34.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 08670fc811f0f7d8ba20f16cb886824f
c15674485142f5a5bc0108859839f8902b0586ff
f9fdc24b2694c3dc0da58bef985ffb7b5c387369bbe924e5fc81d67d2fa91eca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 10:15:46 GMT
Last-Modified: Fri, 07 Oct 2022 09:28:50 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DVbQM2IO8-_bALWHGUjXUSYnCd1s14SOAdd0I4mfrw0_tz6_5T_67Q==
Age: 2816
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 08670fc811f0f7d8ba20f16cb886824f
c15674485142f5a5bc0108859839f8902b0586ff
f9fdc24b2694c3dc0da58bef985ffb7b5c387369bbe924e5fc81d67d2fa91eca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 10:15:46 GMT
Last-Modified: Fri, 07 Oct 2022 09:25:50 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QILZfi8CS8Dt_Xy5qv9N_NmpjFXc6AmVwYF9CB88qww4shxA_HDU6A==
Age: 2996
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/dcn_orig.png
199.34.228.41200 OK 6.0 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/dcn_orig.png
IP 199.34.228.41:0
File type PNG image data, 219 x 166, 8-bit colormap, non-interlaced\012- data
Hash 45c3ad9e331eea0ea10ee670f1e30204
ef48b199d64eab324dbb93731e14794c7fde7ed3
00cdf7a44d75a7e0491cd5cdcda0252df7e0a855d89a997e5a3e79518e7972bd
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/dcn_orig.png HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:46 GMT
Content-Type: image/png
Content-Length: 5992
Connection: keep-alive
Last-Modified: Sun, 27 Jan 2019 18:04:57 GMT
x-rgw-object-type: Normal
ETag: "45c3ad9e331eea0ea10ee670f1e30204"
x-amz-request-id: tx00000000000000fbc465e-00633b4c87-c6aed46-sfo1
X-Storage-Bucket: z00cd
X-Storage-Object: 00cdf7a44d75a7e0491cd5cdcda0252df7e0a855d89a997e5a3e79518e7972bd
X-Host: blu29.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.workplacemassageandwellbeing.com/
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:46 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.workplacemassageandwellbeing.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/1659867740.jpg
199.34.228.41200 OK 344 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/1659867740.jpg
IP 199.34.228.41:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2280x1667, components 3\012- data
Size 344 kB (344083 bytes)
Hash f5ce846d39cf4aa8547ec435b2bf8430
97b8aac23430d87cd581916ee1ccb26f0b77f400
e8b46e080e9d6eb39119e7a9b87c5eb11b7a7e1d06004a13505867d19d5f687e
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/background-images/1659867740.jpg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/jpeg
Content-Length: 344083
Connection: keep-alive
Last-Modified: Wed, 23 Jan 2019 16:11:53 GMT
x-rgw-object-type: Normal
ETag: "f5ce846d39cf4aa8547ec435b2bf8430"
x-amz-request-id: tx0000000000000129a8203-00633e32ae-c699baa-sfo1
X-Storage-Bucket: ze8b4
X-Storage-Object: e8b46e080e9d6eb39119e7a9b87c5eb11b7a7e1d06004a13505867d19d5f687e
X-Host: grn148.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=601006116735032276&ineditor=0&control=0&width=auto&height=450px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=10&long=-2.714956&lat=51.651829&domain=www&point=1&align=2&reseller=false
74.115.50.67200 OK 12 kB URL HTTP/1.1 www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=601006116735032276&ineditor=0&control=0&width=auto&height=450px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=10&long=-2.714956&lat=51.651829&domain=www&point=1&align=2&reseller=false
IP 74.115.50.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Hash 62b51e74231801c72630145e1f3d7586
0837ad194599bf872d297f5c6fff457ba2670b34
33b779632396bca14404399801496353bcd1c1f42bcbc9a16860fbaddc456626
GET /ajax/apps/generateMap.php?map=google&elementid=601006116735032276&ineditor=0&control=0&width=auto&height=450px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=10&long=-2.714956&lat=51.651829&domain=www&point=1&align=2&reseller=false HTTP/1.1
Host: www.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.workplacemassageandwellbeing.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 10:15:46 GMT
Server: Apache
X-Host: blu28.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11504
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-designer=FCDNBNAK; Domain=editmysite.com; Path=/
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1807
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:46 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=e9065b11-b794-4acc-8b85-8643a92b47af; Expires=Sat, 07 Oct 2023 10:15:46 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.workplacemassageandwellbeing.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/hh_orig.png
199.34.228.41200 OK 56 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/hh_orig.png
IP 199.34.228.41:0
File type PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash 3855e0a81783048bd6b18bc098a7bebf
e9f56c471d3b12c977b7cd03efb0a146cad25aec
ea10f01a5bbd92dcc32c8ff353dbb1f3facaaa5142b93590e3971ad9216c03bd
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/hh_orig.png HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:46 GMT
Content-Type: image/png
Content-Length: 55785
Connection: keep-alive
Last-Modified: Sun, 26 May 2019 16:06:37 GMT
x-rgw-object-type: Normal
ETag: "3855e0a81783048bd6b18bc098a7bebf"
x-amz-request-id: tx00000000000000fbc4665-00633b4c87-c6aed46-sfo1
X-Storage-Bucket: zea10
X-Storage-Object: ea10f01a5bbd92dcc32c8ff353dbb1f3facaaa5142b93590e3971ad9216c03bd
X-Host: blu139.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/622570585.jpeg
199.34.228.41200 OK 831 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/622570585.jpeg
IP 199.34.228.41:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1500, components 3\012- data
Size 831 kB (830871 bytes)
Hash c4dbb71be12ca5b3093766f1afc0cfc4
95ce7b7ae025b7378946eaa960b91cc3f6216af1
1ca629653f194d34ac89d26abc6f05d34c71339645680e79a7f2070f983f70ce
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/background-images/622570585.jpeg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/jpeg
Content-Length: 830871
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 13:47:24 GMT
x-rgw-object-type: Normal
ETag: "c4dbb71be12ca5b3093766f1afc0cfc4"
x-amz-request-id: tx000000000000011c76d2b-00633e303f-c67eadd-sfo1
X-Storage-Bucket: z1ca6
X-Storage-Object: 1ca629653f194d34ac89d26abc6f05d34c71339645680e79a7f2070f983f70ce
X-Host: blu22.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/1457748582.jpeg
199.34.228.41200 OK 1.6 MB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/background-images/1457748582.jpeg
IP 199.34.228.41:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2937x1427, components 3\012- data
Size 1.6 MB (1600250 bytes)
Hash 332f46555c6ec22a36c883746ff4ff65
0ec6c795f5d131e70444f5cee6b8c625b6153520
8d1c7472261b501c3b368b86aea67df2c56c6a7d8ccbb52b7d4c88058f7dfa9e
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/background-images/1457748582.jpeg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:45 GMT
Content-Type: image/jpeg
Content-Length: 1600250
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 13:09:14 GMT
x-rgw-object-type: Normal
ETag: "332f46555c6ec22a36c883746ff4ff65"
x-amz-request-id: tx0000000000000116dc16f-00633c7102-c696eea-sfo1
X-Storage-Bucket: z8d1c
X-Storage-Object: 8d1c7472261b501c3b368b86aea67df2c56c6a7d8ccbb52b7d4c88058f7dfa9e
X-Host: grn148.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.72200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.72:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Fri, 07 Oct 2022 08:29:22 GMT
expires: Fri, 07 Oct 2022 10:29:22 GMT
cache-control: public, max-age=7200
age: 6384
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zbcdn2.net/__lnfmta/asset/bundle.js
104.21.49.138200 OK 98 kB URL HTTP/2 static.zbcdn2.net/__lnfmta/asset/bundle.js
IP 104.21.49.138:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7d15b5d51ef77e51763842c8b056117c
65c32bb2b057472a4bd34c4246d148b08e128771
0efe2cb83702c2a39ecb3b3033e70028b382c1310e37957d3ebe9ab538ef3139
GET /__lnfmta/asset/bundle.js HTTP/1.1
Host: static.zbcdn2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 07 Oct 2022 03:55:37 GMT
vary: Accept-Encoding
etag: W/"633fa339-421ce"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
z-server: Setting
cache-control: max-age=691200
cf-cache-status: HIT
age: 149
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se5AerdhvuLHgjuu9QKftp5n%2B%2BmFBoMUeb%2BqkqSaiE8juPaWR7NrJHqN0m4aUUh%2FzYkmUpb7MhR9oJrDhpukZ0hYC2PzU9FloRGR02VBDT7dsDiSq836ijnE4UFympI4vPe5Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7565e09eac1bb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.workplacemassageandwellbeing.com/favicon.ico
199.34.228.41200 OK 4.3 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/favicon.ico
IP 199.34.228.41:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en; _snow_ses.3bbc=*; _snow_id.3bbc=39711b2c-d5d5-403a-ae53-ca7ddf2531f8.1665137746.1.1665137746.1665137746.af81c51e-a939-4c82-8acb-f47f21ef23a9; _ZB_STATIC_924271_TS=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:46 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000000c54fe5-0061a705c2-a9f1ce7-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: grn50.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.workplacemassageandwellbeing.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.41200 OK 348 B URL HTTP/1.1 www.workplacemassageandwellbeing.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.41:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en; _snow_ses.3bbc=*; _snow_id.3bbc=39711b2c-d5d5-403a-ae53-ca7ddf2531f8.1665137746.1.1665137746.1665137746.af81c51e-a939-4c82-8acb-f47f21ef23a9; _ZB_STATIC_924271_TS=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 10:15:46 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu57.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=64
Connection: Keep-Alive
Content-Type: application/json
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/transparent.png
142.250.74.163200 OK 68 B URL HTTP/2 maps.gstatic.com/mapfiles/transparent.png
IP 142.250.74.163:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 8327a6037ae00a5be9f75e63ee1b9fbe
a812c79b0d125e4946b33446eae0353f518627e2
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Fri, 07 Oct 2022 10:15:47 GMT
expires: Fri, 07 Oct 2022 10:15:47 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 10:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.10:0
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 10:15:48 GMT
date: Fri, 07 Oct 2022 10:15:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zbcdn2.net/__lnfmta/contact_form/default.js
104.21.49.138200 OK 95 kB URL HTTP/2 static.zbcdn2.net/__lnfmta/contact_form/default.js
IP 104.21.49.138:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bd3da083d7abc020c8b7925b5765f46a
9bbdcd9f01f00e8c486fb578793e97d2c62fb1eb
426b5a76d989dc16c6c692a4ed8998ddd6d256ea5646ed448d28aa7bc387abaf
GET /__lnfmta/contact_form/default.js HTTP/1.1
Host: static.zbcdn2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 06 Oct 2022 09:10:24 GMT
vary: Accept-Encoding
etag: W/"633e9b80-3b736"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
z-server: Setting
cache-control: max-age=691200
cf-cache-status: HIT
age: 137
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WJOBmLQfZJZY2z6hYq5wTax2wsx9c5AMrpcLmWm9XIX8cVH6EW%2FIEb48XmLbSK21Z8B43Bh1rElPurFhy3e33Lip3pAkIS3PfiwBJ2nujgz%2B6EtYvpI%2FprCSAzi5L%2BLizYGjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7565e09eac21b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/robins_1_orig.jpg
199.34.228.41200 OK 13 kB URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/robins_1_orig.jpg
IP 199.34.228.41:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash 285a05b4a2a13f798fae389ffc52457b
528a04355e328fc6bd6d4ddc6a2a9f783df43fe2
5a6c0476d2d9cc418be5d54eac1cd38899c427b0d25ac15da2bd91dd298b4f46
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/robins_1_orig.jpg HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en; _snow_ses.3bbc=*; _snow_id.3bbc=39711b2c-d5d5-403a-ae53-ca7ddf2531f8.1665137746.1.1665137746.1665137746.af81c51e-a939-4c82-8acb-f47f21ef23a9; _ZB_STATIC_924271_TS=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:52 GMT
Content-Type: image/jpeg
Content-Length: 13115
Connection: keep-alive
Last-Modified: Sun, 26 May 2019 15:49:34 GMT
x-rgw-object-type: Normal
ETag: "285a05b4a2a13f798fae389ffc52457b"
x-amz-request-id: tx00000000000001159d511-00633d9bcb-c67eadd-sfo1
X-Storage-Bucket: z5a6c
X-Storage-Object: 5a6c0476d2d9cc418be5d54eac1cd38899c427b0d25ac15da2bd91dd298b4f46
X-Host: blu29.sf2p.intern.weebly.net
Accept-Ranges: bytes
stats.zotabox.com/api/1.0/event/multi
172.67.20.217200 OK 0 B URL HTTP/2 stats.zotabox.com/api/1.0/event/multi
IP 172.67.20.217:0
POST /api/1.0/event/multi HTTP/1.1
Host: stats.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:47 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7565e0a7aa2eb51e-OSL
X-Firefox-Spdy: h2
static.zbcdn2.net/__lnfmta/social_mobile_tool/default.js
104.21.49.138200 OK 0 B URL HTTP/2 static.zbcdn2.net/__lnfmta/social_mobile_tool/default.js
IP 104.21.49.138:0
GET /__lnfmta/social_mobile_tool/default.js HTTP/1.1
Host: static.zbcdn2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 06 Oct 2022 09:10:24 GMT
vary: Accept-Encoding
etag: W/"633e9b80-6bcd"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
z-server: Setting
cache-control: max-age=691200
cf-cache-status: HIT
age: 5291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN2lbDl4ckeKXptBmlfDug4lkoRAPyZgqdOS1aybrXvv2pIo8n7OqqrLrJKDBlpoBpR2qNhUeRexgfVYrEKsYDQQLkOyjN2akP%2FETLxDZIyNQh4lo2i12Xtja%2FP4h%2FC9y4x4Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7565e09eac1eb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zotabox.com/d/e/de62ee8e599269cf3336fa7eda1838e6/widgets.js
104.22.54.216200 OK 0 B URL HTTP/2 static.zotabox.com/d/e/de62ee8e599269cf3336fa7eda1838e6/widgets.js
IP 104.22.54.216:0
GET /d/e/de62ee8e599269cf3336fa7eda1838e6/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 07 Oct 2022 04:55:28 GMT
vary: Accept-Encoding
etag: W/"633fb140-13a07"
expires: Fri, 07 Oct 2022 11:15:45 GMT
cache-control: max-age=3600, public, max-age=3600
access-control-allow-origin: *
access-control-allow-methods: GET, POST
content-encoding: gzip
z-server: mariadb
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7565e09a6b55b4f7-OSL
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1664981234
151.101.85.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1664981234
IP 151.101.85.46:0
GET /js/site/main-customer-accounts-site.js?buildTime=1664981234 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:57:57 GMT
etag: "633d8d65-8250f"
expires: Wed, 19 Oct 2022 14:50:32 GMT
cache-control: max-age=1209600
x-host: grn7.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 07 Oct 2022 10:15:44 GMT
age: 156312
x-served-by: cache-sjc10073-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 7519
x-timer: S1665137745.762915,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158975
X-Firefox-Spdy: h2
www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/gl-vets_orig.png
199.34.228.41200 OK 0 B URL HTTP/1.1 www.workplacemassageandwellbeing.com/uploads/1/2/0/0/120057015/gl-vets_orig.png
IP 199.34.228.41:0
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/1/2/0/0/120057015/gl-vets_orig.png HTTP/1.1
Host: www.workplacemassageandwellbeing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 10:15:46 GMT
Content-Type: image/png
Content-Length: 36461
Connection: keep-alive
Last-Modified: Sun, 26 May 2019 15:47:55 GMT
x-rgw-object-type: Normal
ETag: "ea2daa993142bb199b84662c4dde5c92"
x-amz-request-id: tx000000000000012ab1a89-00633e2e4a-c669cc6-sfo1
X-Storage-Bucket: z6ae7
X-Storage-Object: 6ae76cba58b6f0a7aae2635fb177c607a5d726c03241626a152b63c9fc2d1783
X-Host: blu99.sf2p.intern.weebly.net
Accept-Ranges: bytes
stats.zotabox.com/api/1.0/event/multi
172.67.20.217200 OK 0 B URL HTTP/2 stats.zotabox.com/api/1.0/event/multi
IP 172.67.20.217:0
POST /api/1.0/event/multi HTTP/1.1
Host: stats.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:47 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7565e0a7ba46b51e-OSL
X-Firefox-Spdy: h2
static.zbcdn2.net/__lnfmta/social_tab/temp2.js
104.21.49.138200 OK 0 B URL HTTP/2 static.zbcdn2.net/__lnfmta/social_tab/temp2.js
IP 104.21.49.138:0
GET /__lnfmta/social_tab/temp2.js HTTP/1.1
Host: static.zbcdn2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 06 Oct 2022 09:10:24 GMT
vary: Accept-Encoding
etag: W/"633e9b80-3a5e9"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
z-server: Setting
cache-control: max-age=691200
cf-cache-status: HIT
age: 5291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3R5F%2FHtnMoyjV%2BP4DYfxARdljudqitzXBEhTp19WGKca1JB5eFDum%2FnXGnfThEh3HGSk4YoIdTh%2BTUl9tbh1bwO%2B0gKbWbHh17Jz6yT7PXL2864%2BW40itu0Tdh4c81d%2FrUuxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7565e09eac22b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zbcdn2.net/d/e/de62ee8e599269cf3336fa7eda1838e6/data.js?1665118528386
104.21.49.138200 OK 0 B URL HTTP/2 static.zbcdn2.net/d/e/de62ee8e599269cf3336fa7eda1838e6/data.js?1665118528386
IP 104.21.49.138:0
GET /d/e/de62ee8e599269cf3336fa7eda1838e6/data.js?1665118528386 HTTP/1.1
Host: static.zbcdn2.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 07 Oct 2022 04:55:28 GMT
vary: Accept-Encoding
etag: W/"633fb140-53fc7"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
z-server: Setting
cache-control: max-age=691200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJxDJY9qn6MG8Xe5Cyqfyap6fJ2ACot%2BRgw6fV69HsbZ5cr96fNaxKf%2FzXjy3Ok%2FENH2An6SmULCPq5bQINd%2FZkn%2B%2Ba0%2Bpe68FdOs7dZEqnZNO5pjMIg0JCdMR3fk7wayxIFrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7565e09eac26b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.zotabox.com/api/1.0/event/multi
172.67.20.217200 OK 0 B URL HTTP/2 stats.zotabox.com/api/1.0/event/multi
IP 172.67.20.217:0
POST /api/1.0/event/multi HTTP/1.1
Host: stats.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 113
Origin: https://www.workplacemassageandwellbeing.com
Connection: keep-alive
Referer: https://www.workplacemassageandwellbeing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 10:15:47 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7565e0a7aa2bb51e-OSL
X-Firefox-Spdy: h2