Overview

URLsafeway-sh.com/
IP 125.65.113.54 (China)
ASN#4134 Chinanet
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 06:58:29 UTC
StatusLoading report..
IDS alerts0
Blocklist alert28
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
hm.baidu.com (2) 8254 2012-05-26 08:38:45 UTC 2020-02-11 02:47:13 UTC 103.235.46.191
r3.o.lencr.org (5) 344 No data No data 95.101.11.115
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
safeway-sh.com (1) 0 2022-06-08 23:14:50 UTC 2022-06-08 23:14:53 UTC 125.65.113.54 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.162.50.16
www.safeway-sh.com (51) 0 No data No data 125.65.113.54 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 safeway-sh.com/ Phishing
2022-12-06 2 www.safeway-sh.com/ Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/jquery-migrate-3.0.0.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/easing.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/jquery-ui.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/colors.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/popper.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/jquery.nav.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/slicknav.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/jquery.scrollup.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/niceselect.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/jquery.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/bootstrap-datepicker.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/tilt.jquery.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/owl-carousel.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/jquery.counterup.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/steller.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/wow.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/jquery.magnific-popup.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/waypoints.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/bootstrap.min.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/js/main.js Phishing
2022-12-06 2 www.safeway-sh.com/skin/fonts/pxibyp8kv8jhgfvrlgt9z1xlfq.woff2 Phishing
2022-12-06 2 www.safeway-sh.com/skin/fonts/pxieyp8kv8jhgfvrjjfecg.woff2 Phishing
2022-12-06 2 www.safeway-sh.com/skin/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2 Phishing
2022-12-06 2 www.safeway-sh.com/skin/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2 Phishing
2022-12-06 2 www.safeway-sh.com/skin/fonts/fontawesome-webfont.woff2 Phishing
2022-12-06 2 www.safeway-sh.com/skin/fonts/icofont.woff2 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 125.65.113.54
Date UQ / IDS / BL URL IP
2022-12-06 06:58:29 +0000 0 - 0 - 28 safeway-sh.com/ 125.65.113.54


Last 5 reports on ASN: Chinanet
Date UQ / IDS / BL URL IP
2023-01-31 04:20:40 +0000 0 - 0 - 1 soft.xitongxz.net/202110/MicrosoftToolkit_V2. (...) 218.76.79.58
2023-01-31 02:54:06 +0000 0 - 0 - 1 i31.lanzoug.com/0129180099237303bb/2023/01/29 (...) 218.92.227.228
2023-01-31 02:48:17 +0000 0 - 0 - 0 wallet.zju4h.com/ 122.227.55.154
2023-01-31 02:46:00 +0000 0 - 0 - 1 patch1.51lg.com/2012/Prototype2.dlc.unlock.rar 61.153.183.103
2023-01-31 00:14:40 +0000 0 - 2 - 1 cmps.58sky.com/index/getcfg?id=287564 119.97.143.63


Last 1 reports on domain: safeway-sh.com
Date UQ / IDS / BL URL IP
2022-12-06 06:58:29 +0000 0 - 0 - 28 safeway-sh.com/ 125.65.113.54


No other reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (74)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9021
Expires: Tue, 06 Dec 2022 09:28:36 GMT
Date: Tue, 06 Dec 2022 06:58:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6374
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 06:58:15 GMT
Last-Modified: Tue, 06 Dec 2022 05:12:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9802
Expires: Tue, 06 Dec 2022 09:41:37 GMT
Date: Tue, 06 Dec 2022 06:58:15 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 06:18:36 GMT
cache-control: public,max-age=3600
age: 2379
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: aYyfkZMQEzLKhto3kFF7GciHjAbIaq4HG+6DMILFaEpUax5FdkMGenpJ4997BpXrp7uY9ubfLpA=
x-amz-request-id: 80XCXXP5D3V6HCER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 06:48:49 GMT
age: 566
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 06:58:15 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         125.65.113.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 06:58:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.safeway-sh.com/
Server: wts/1.6


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Size:   149
Md5:    180ef2fcab7d6aabb5fde56d8115b0bc
Sha1:   86f7c8eee1a9e8ee44976a952c264b66f61aae92
Sha256: 89a7ae024f0a727fa693d4edc0a3a92450968fd993c677181e948bf976417c66

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 06:11:20 GMT
cache-control: public,max-age=3600
age: 2815
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6362
Cache-Control: max-age=100478
Date: Tue, 06 Dec 2022 06:58:16 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:52:54 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FtDiCLKZXNxdJ68boPQSVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.162.50.16
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g66/0Vi13b3RqmE83/xQwcw7aQ8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10538
Expires: Tue, 06 Dec 2022 09:53:55 GMT
Date: Tue, 06 Dec 2022 06:58:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10538
Expires: Tue, 06 Dec 2022 09:53:55 GMT
Date: Tue, 06 Dec 2022 06:58:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10538
Expires: Tue, 06 Dec 2022 09:53:55 GMT
Date: Tue, 06 Dec 2022 06:58:17 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:49 GMT
age: 32968
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8749
Md5:    dcb8fe0c4ba323ab2483fa290c291051
Sha1:   6706e02d6b95edc3a33c951f07d04b0fb7415b77
Sha256: 6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 33071
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8997
Md5:    9fda84db003d0cfc70d73dcb6a3763dd
Sha1:   5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
Sha256: f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 32986
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6920
Md5:    f4193f05dfd1de8bf795f433d4387243
Sha1:   b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
Sha256: b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4827
x-amzn-requestid: 26ac5a48-3e41-4638-88d6-c94ba8b7a6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS3nFxPoAMFcpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64fd-28f8cb92130706e3652eb971;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUk1Nt1XioDColWXDiEZsL8BmFpyWaV5tRbsbmAiR6A2psM_Gx3j_A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 33388
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4827
Md5:    73b9f329cd3a39d0756de62dd5f190b7
Sha1:   0f1c7567b89cc3de60196e47e37879296359bc78
Sha256: e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4905
x-amzn-requestid: c1a43d09-3653-422d-99a2-fe6469bc4bcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzsG7BoAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e4-27f51f1e5f786838157d1ee5;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VkYlpfFF-t9c_vWc14oqmL9Z6o6lA1_TqgXk4VUtZmHTkZwuMT5C6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 33071
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4905
Md5:    17c7b7e3a4e6f3ad9ccf7f42c400749c
Sha1:   76432db96e8280e24da56670fba8f8f80a95ab31
Sha256: f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 31729
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET / HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 13888
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
X-Powered-By: PbootCMS
Set-Cookie: lg=cn; path=/ PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7; path=/; HttpOnly
Server: wts/1.6


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2362), with CRLF line terminators
Size:   13888
Md5:    fa50709a008db6509a5dff43a0a0a9df
Sha1:   e53bd6b00e3243c6b5d6b33a94f8029008154772
Sha256: 0e812a1d5719466fc49a1e1db559256a47934ca0293667ecf25f62ce8d2d38b4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/css/css.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 1237
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "793ba3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text
Size:   1237
Md5:    265a11d07475341f73e19f499b6873f1
Sha1:   8f169f8d198650be6c1a8744a94d8c1b86971ea4
Sha256: 4f472c407bcb1eb22560bea4d6fdcf1b212efcf703b7bc7488763d2e0554819b
                                        
                                            GET /skin/css/nice-select.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 1339
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "76a913a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1339
Md5:    3403c987bbc423b39e88784f82ae4eac
Sha1:   7a1cc9fc0d1aff1303c8edbb0d4f66fcc1cfdd81
Sha256: 2b07bf04cbdfbf4fbd6968e2e87ef3dc1727b9e96be595ecfc1fc5b18ca8fd7e
                                        
                                            GET /skin/css/font-awesome.min.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 8300
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "1b3015a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (30763)
Size:   8300
Md5:    f355a1127340b7b52e0aaf5b3706b475
Sha1:   2b411f9f5a29cba62ab400ef7349f3a758d640c9
Sha256: 7cdda72a16502aee8f82befb236d4ab9b9fdd1790fa42229cf5f89d12f2a3070
                                        
                                            GET /skin/css/slicknav.min.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 959
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "ca2719a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (2144), with CRLF line terminators
Size:   959
Md5:    98e860ac2106c867ed89634e84a8cb5f
Sha1:   9e1905b986d44cc8d220053ecfa814e2e69c20d1
Sha256: a77b8d65cb79ee31ca004138bef7c6a2fc750ab9f6b94f9c57ab46139a4d32ac
                                        
                                            GET /skin/css/bootstrap.min.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 33366
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "443413a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text
Size:   33366
Md5:    d82b64c6e2f0c29e7aa7028d29107f69
Sha1:   dcc3580f838d1309a08fb0a3a1ee67243850aa4b
Sha256: 2bda52ef715279793e70dec89394d505fa8eb0b5b939d1cbc6cf7e1533fa9ec5
                                        
                                            GET /skin/css/owl-carousel.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 1830
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "cc419a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1830
Md5:    876d6eddf6b929f9c20ee9fd10cea491
Sha1:   1b85f19e06b4b3542cf599045cf329573a13d863
Sha256: 8ee47e79517e746d53b4e60d717d3b42ce187b2fef85e61954bfbbea967ecd5c
                                        
                                            GET /skin/css/datepicker.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 1095
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "2e121aa3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text
Size:   1095
Md5:    b3557b327787fdd950e145be164f59bd
Sha1:   5e3e8089f760bd9834b999eda41d7edb328c4b04
Sha256: da20d43f3b79ed6a2e30d8b8a523af6dd2f325ed7c7865a4f1a8d41e11d38ce5
                                        
                                            GET /skin/css/icofont.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:20 GMT
Content-Length: 20050
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "a9d918a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (65364)
Size:   20050
Md5:    e28b5153faf386b708246c7b13171118
Sha1:   36e064005d65ee36344f99ff28607811342dc6fe
Sha256: db5216242295ae0630e317c1c012e34adc20a40d4636deaff018d7ddd1534778
                                        
                                            GET /skin/css/animate.min.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 3542
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "91fc1aa3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (16755)
Size:   3542
Md5:    4bdcd9f501642a8a274b06acb2816ec5
Sha1:   0e4afe44752dee4d08ab069ac7fc967aa4a52c92
Sha256: 7bb6d9ce79c2b39ae58efd3255bb3f806bd46f3ac569527b53ae050e7127a6b7
                                        
                                            GET /skin/css/magnific-popup.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 2257
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "d3981ba3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text
Size:   2257
Md5:    e6a050d2e329edeade1aba57374b3cac
Sha1:   16cd306b02a963efa1389fe790b217d67823aa94
Sha256: 5471ab32464923458deaf0d579246eb16ed5359ef53f9ceeca68d249c1035613
                                        
                                            GET /skin/css/normalize.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 5899
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 04 Nov 2021 05:58:51 GMT
Accept-Ranges: bytes
ETag: "809f80a41d1d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text
Size:   5899
Md5:    520ed4d5fd5f748f12f38863026beec5
Sha1:   a99294df414697b11a66c18275bf565986565682
Sha256: e22e2e410b39ce406077c8bbc766067c193e8b6461f4f02a586adba87c2f8a30
                                        
                                            GET /skin/css/responsive.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 6108
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 13 May 2022 06:05:09 GMT
Accept-Ranges: bytes
ETag: "80584b668f66d81:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   6108
Md5:    37bcfa4ebbd1a0476a7f3f09489df30c
Sha1:   8d7f98c51e6e58b964537e126faaf04033c246ef
Sha256: 8c6ca7a31827ade3d62fa5a562c795555ee450acfb57e7ce4ab6e642646f2ef8
                                        
                                            GET /skin/js/jquery-migrate-3.0.0.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 3234
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "e3e5cea3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (6986), with CRLF line terminators
Size:   3234
Md5:    8ab8a232dc96265f7f13a3c52caf38d0
Sha1:   f7d24c2df93c9f67eff369786aa36cf1b47767d3
Sha256: b4e35593356a3173ed9d8b2a8ad31376c9157d4b15864620a91c065271484652

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/easing.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 1013
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "d3becea3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (2280), with CRLF line terminators
Size:   1013
Md5:    d16ce86ecb8ea300b43b4a8077b5dd92
Sha1:   a7967e1e0365621f490d2847730e78a19522effa
Sha256: 8d9093baf527d1dc947c446b9900a6796aef03ddec2cb2ca5943d088bccccfea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/jquery-ui.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 11094
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "33353a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (30728), with CRLF line terminators
Size:   11094
Md5:    b41a1f9914c5a8ed5d571bbcc6e5faa0
Sha1:   6b40c91c08f5da6473cd7b680f342e5aecbb2890
Sha256: 9062e02b9f2c39000cec847b3cb46e1131716d2398b5fb33b0341398c21000ab

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/css/style.css HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 18804
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 02:26:00 GMT
Accept-Ranges: bytes
ETag: "0ac5bc7276bd81:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text
Size:   18804
Md5:    c3f1002f340b9d887e22ac7efea6573e
Sha1:   be35aa1c96bee5bfcf904e6fb468d33bc418127e
Sha256: a75c2c8c9f077bc071d034a6ae8f992dd9fcd3df62d18503732e6e95f24067a5
                                        
                                            GET /skin/js/colors.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 402
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "392ebfa3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   402
Md5:    9aadcadc5b6c73115df2f65be08d604d
Sha1:   ad50e07a74776c950f03c3e3448182e7df08427b
Sha256: 320c9dae4afc473297520cc0816d20f0ae7c828a2b104df7d778908a50d49f04

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/popper.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 8456
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "9af014a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (19063), with CRLF line terminators
Size:   8456
Md5:    51e146abde88f204b9ee37a46072a36c
Sha1:   7e925f1548df89268de1ce8597a484da3d3ebdec
Sha256: 1c1bdffc9f6e4c3e417755b470b064fa0a68d83105890d22a3556e9137daebe9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/jquery.nav.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 2255
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "d488da3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text
Size:   2255
Md5:    442f373d447322cdebf90935447d9f7b
Sha1:   0933577b4b1b079961e6c58a23e0f5413f5450e7
Sha256: 95cc9af6941845b48b5df336d5df997bc313a5b4ca4cf0d863b938e10fc3f054

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/slicknav.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 3129
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "145a53a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (8316), with CRLF line terminators
Size:   3129
Md5:    524912469b810d4fd2d967052029fa94
Sha1:   554d7c26d4426e98146d68ea7c42570ba0d97960
Sha256: b0fba3fb3d1d436ea887c059e69699a7f5f423b0cacaeb1d8ea84e2da97afe10

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/jquery.scrollup.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 1153
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "373da5a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1872)
Size:   1153
Md5:    b9f2df0dd4e5cfdf8c5ea04c6f9a545a
Sha1:   04d3002aaa2063b7b65d806244db188dc0213755
Sha256: 2dd28c90ff3395d95545f8be6e95b9bd1b5729c5c9ac15511bc41964980b3721

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/niceselect.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 1294
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "2cdaca4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2822), with CRLF line terminators
Size:   1294
Md5:    2abf26d44f7e8eb6c7b8efaf1f04ec86
Sha1:   154221f444a176731d0ff0a0f10a754ecb81be52
Sha256: 204df6939c25f3928d6b00fdb0a9646f65dc0a5e44208d86d1759ebd2512783d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 05:37:20 GMT
ETag: "addbbb50f6119b2e458ee7d772a1dbafc5052950"
Last-Modified: Tue, 06 Dec 2022 05:37:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1883
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775321fc3e68b518-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    88ada4cbd9705ede681ddf730db573e8
Sha1:   addbbb50f6119b2e458ee7d772a1dbafc5052950
Sha256: 94be8e474bb9a3333ec4a1de2671346f728a6956fcffd0bf32a8d00044d9e4fd
                                        
                                            GET /skin/js/jquery.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 38740
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "6132bda3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058), with CRLF line terminators
Size:   38740
Md5:    03d850a327d882cd28e47b1e22e739bc
Sha1:   d64a174bf8103f94b59f7cd7e54b14622be53d30
Sha256: 05e47d1f3b120b61b0160f6d8468ef9f1e06ffc52bcb305de45c70afdb96d7d1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/bootstrap-datepicker.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 4881
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "8f5767a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   4881
Md5:    0cd1100caa9df575ed5f46c8c0198b7a
Sha1:   c28f79b7d4357d752b80116465176d38dd4e3384
Sha256: b117c1e80186524eee5d2d70d58f7a2923c29c0a5fd62c2dcef2f50e152f909e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/images/slider2.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 96065
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "f56a8fa3d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=836, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1600x830, components 3\012- data
Size:   96065
Md5:    38313722ecd80014a41ebe6e21602832
Sha1:   9badb614d1b067b4595ab56ace7dbaf3884e0644
Sha256: c39733a6c3f761a324f6d50c31a32cee06aa69f197eac1420bdd60ef1af67e95
                                        
                                            GET /skin/images/slider.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 99780
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "65624fa4d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=836, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1600x830, components 3\012- data
Size:   99780
Md5:    6bbc56cf5eeeb5ff588c4fed666e9d6a
Sha1:   4da325d2551975b88aedee30d343a7dc6ab37033
Sha256: 5b467fe16b91971bdb6bc3993b03ed7dbcbdf48f427a86d2a25394c3a729e0be
                                        
                                            GET /skin/js/tilt.jquery.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 2108
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "345af5a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (5318), with no line terminators
Size:   2108
Md5:    3670adc0ade2c2d698624eadb1e8df7a
Sha1:   0ba456bbc732a3a220bf3a3cbc2100d568aa8591
Sha256: 78f0b37a3d3757a1c6c872050ced6e79d1b2965e6f49efb82cd411f5721142cd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/images/slider3.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:21 GMT
Content-Length: 86328
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "2716a5a3d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=836, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1600x830, components 3\012- data
Size:   86328
Md5:    4d2eab34496864457fc1153c05e8cd45
Sha1:   4cd07b3a85503ec63639a18749d067204741ee24
Sha256: a96032388408b690ac15096cd6d28cb7f7e5e5711254b4d03d22e223fc7f0de8
                                        
                                            GET /skin/js/owl-carousel.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 15974
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "63a74aa4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (1559), with CRLF line terminators
Size:   15974
Md5:    5a14283596aa9f98b315febaa7df6c01
Sha1:   a1f34848c9ecb749de50f9064b579c7bc95955e0
Sha256: eca23d8c94c6c8ce5471fe8c10d05bf283046bfafedca954d65b01cf841d2f10

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/jquery.counterup.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:22 GMT
Content-Length: 756
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "bfb41ea4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (917)
Size:   756
Md5:    c63cf71ec726f01aba5e9b45cfaa8993
Sha1:   0026dec98cfd45722edd1d27b4c4f322e7fbdea4
Sha256: f87c8b81ea50670331c51046a8e49ccff7f4468a507507231a11ad5270a55dbe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/steller.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 6352
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:55 GMT
Accept-Ranges: bytes
ETag: "32af52a3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (310), with CRLF line terminators
Size:   6352
Md5:    4fd8728b089cd27c2d5708167d2d2c11
Sha1:   41c314c98e0cb274e7981864a1f978e943768ff6
Sha256: fd066ee7d8782e42367faf9e43cca7a23dca28a92fd21993b1e08f92aef40b93

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/wow.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 3281
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "c297cea3d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (8152), with CRLF line terminators
Size:   3281
Md5:    6673733728c659430ed9e02ce924f556
Sha1:   29768205f66b00456efdbd6d9f294f9d057a4b48
Sha256: c3486ca29d9f9a4001dfd4af78e1d26590e983d75fee11c8f56ca3fca906f473

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/jquery.magnific-popup.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 9028
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "6e967a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (20092)
Size:   9028
Md5:    817c5d96413404c7547d7ab1936ee34a
Sha1:   860739b067e7808c022c1043b16779016cad3117
Sha256: 4b0ea68d4c11f99870f9f12894032f7a350156204b22d44f05e1016f39ff20c7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/waypoints.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 3148
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "92a641a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (7808)
Size:   3148
Md5:    fa7b7d49873f672e72d1a90832a5cc6c
Sha1:   9765feeb68a9f43bedf9da512971db71ecc0d5ab
Sha256: 773cff049e4b7235d7612a4342ce03159180aee6852e73250c1aa66309ee015a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/bootstrap.min.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 23129
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "817f41a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with very long lines (509)
Size:   23129
Md5:    4ec01e4a10ee7864ca0f7874d6a57ea6
Sha1:   a3aa0e04f34ed74ccde11cc7825f4250fb0b4754
Sha256: 9663ccb4db9f8fb8a90664afe5d90f8ae5d9936f0eb516ddc59b79e109aad90b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/js/main.js HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 2383
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "34b739a4d0c0d71:0"
Vary: Accept-Encoding
Server: wts/1.6


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2383
Md5:    f0adb8fd137b9e7320a27b3af27121e1
Sha1:   b3683407126b169c50c52926bedc0511112ba008
Sha256: 68ffcbe799878bc5bb3c718a38fdd64d259484d8116cdca9c874a082f8b0fd38

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/fonts/pxibyp8kv8jhgfvrlgt9z1xlfq.woff2 HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.safeway-sh.com/skin/css/css.css
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 7776
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "ecf98ca3d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7776, version 1.0\012- data
Size:   7776
Md5:    84780596e268aa0cb2be48af2ed5c375
Sha1:   d67ccd32f8c790a746d64d06145882a2f7b06560
Sha256: d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hm.js?f1bbe917caf59505311f982ed00c235c HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Date: Tue, 06 Dec 2022 06:58:23 GMT
Etag: fb00b2772b2efe6fd6e9bdba04e2be08
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B701891BCA60BE78; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (624)
Size:   11262
Md5:    d1daf7e1cc652bfc2df12db27e6c5557
Sha1:   3a962f83b9a413a24e8c622a2541157c42d9905e
Sha256: 8e9f9f519f81093f0b6e6f549e7fb3b36a929d2bfb0e6c10d84272bb0b9a2d4c
                                        
                                            GET /skin/fonts/pxieyp8kv8jhgfvrjjfecg.woff2 HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.safeway-sh.com/skin/css/css.css
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 7900
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "389ae9a3d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size:   7900
Md5:    9ed361bba8488aeb2797b82befda20f1
Sha1:   6f80d965a066aff81c0a344d4b7297bd009cc099
Sha256: 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/fonts/pxibyp8kv8jhgfvrlej6z1xlfq.woff2 HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.safeway-sh.com/skin/css/css.css
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 7988
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "472d14a4d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7988, version 1.0\012- data
Size:   7988
Md5:    087457026965f98466618a478c4b1b07
Sha1:   00b024ccb35e3694de662d180d6ea7f56de6d654
Sha256: b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/fonts/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2 HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.safeway-sh.com/skin/css/css.css
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 7832
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "b66a4ba4d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7832, version 1.0\012- data
Size:   7832
Md5:    f4f17fd53c7d040e56f91a3ecb692b22
Sha1:   1b51342175762634835645ba2f99cd3ab0ac615c
Sha256: b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /static/upload/image/20220113/1642038722989635.png HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 37567
Connection: keep-alive
Last-Modified: Thu, 13 Jan 2022 01:52:02 GMT
Accept-Ranges: bytes
ETag: "f95c1b29208d81:0"
Server: wts/1.6


--- Additional Info ---
Magic:  PNG image data, 1000 x 282, 8-bit/color RGBA, non-interlaced\012- data
Size:   37567
Md5:    129d2e2ea4bffca5316bd66ba7fcb5e9
Sha1:   8ac23dd5251db86df7426a34ed1998616fd34d51
Sha256: 9103d5d88b37fb68a5c712c32df279098d9accfa9149f557622603a3f9b6c6da
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1276679910&si=f1bbe917caf59505311f982ed00c235c&v=1.3.0&lv=1&sn=19356&r=0&ww=1280&u=http%3A%2F%2Fwww.safeway-sh.com%2F&tt=%E5%AE%89%E5%85%A8%E8%B4%A7%E6%9E%B6%7C%E8%B4%A7%E6%9E%B6%E5%AE%89%E8%A3%85%7C%E8%B4%A7%E6%9E%B6%E7%9B%91%E6%B5%8B%7C%E8%B4%A7%E6%9E%B6%E9%98%B2%E6%8A%A4-%E5%A8%81%E8%B5%9B%E5%AD%9A%E7%89%A9%E6%B5%81%E5%B7%A5%E7%A8%8B%E6%8A%80%E6%9C%AF%EF%BC%88%E4%B8%8A%E6%B5%B7%EF%BC%89%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Tue, 06 Dec 2022 06:58:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F3E7F1570C26C4D1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /skin/fonts/fontawesome-webfont.woff2 HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.safeway-sh.com/skin/css/font-awesome.min.css
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "92702ca4d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /skin/images/call-bg.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/skin/css/style.css
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 195416
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:57 GMT
Accept-Ranges: bytes
ETag: "7ac943a4d0c0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=928, bps=0, PhotometricIntepretation=RGB, description=Double exposure image of many business people conference group meeting on city office building in background showing partnershi, orientation=upper-left, width=1920], progressive, precision 8, 1920x900, components 3\012- data
Size:   195416
Md5:    816ac97bacdbd4bf8a9bdc52844d49bd
Sha1:   4ef5a1270723b914faf4874c11145d50ed04b33b
Sha256: 64e7a91793f93ca33fc0517c981cd34beb11e8ee47d45c6a2eb5b6e21f004bcd
                                        
                                            GET /static/upload/image/20220425/1650872643627418.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:24 GMT
Content-Length: 52836
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 07:44:03 GMT
Accept-Ranges: bytes
ETag: "5d8ad03b7858d81:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 800x500, components 3\012- data
Size:   52836
Md5:    51d7ca4ca19d6871468b3cfcf805fd56
Sha1:   730c806f594655f11fd650f5880180835b8c4899
Sha256: f905429231b26fa99d0fd0624bbb75f58932096e12a8a285ba0e0cef0f4ff40b
                                        
                                            GET /static/upload/image/20220425/1650872408762892.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:24 GMT
Content-Length: 67789
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 07:40:08 GMT
Accept-Ranges: bytes
ETag: "cbe417b07758d81:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 800x500, components 3\012- data
Size:   67789
Md5:    706aab2034a4c43e401125924ca36d2a
Sha1:   4175f1fe4e84c44a8daca974a00d42c3ce0b51be
Sha256: bcfadf486d58486ec22c971bc77a3483e0569b045409bdd1ec33504c8851e695
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:20 GMT
age: 32644
etag: "9a26884875abb0652c568c50438b65f801779f9a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12293
Md5:    53afd826523f4c18bf968764818d7ca7
Sha1:   9a26884875abb0652c568c50438b65f801779f9a
Sha256: 4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
                                        
                                            GET /static/upload/image/20211103/1635929363871652.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:24 GMT
Content-Length: 41446
Connection: keep-alive
Last-Modified: Wed, 03 Nov 2021 08:49:23 GMT
Accept-Ranges: bytes
ETag: "af616b38fd0d71:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 430x430, components 3\012- data
Size:   41446
Md5:    2091240be7c7b09ce2279c47e0a0d801
Sha1:   57b94cb1e506b41ba5ee027186259c87f57e2167
Sha256: a9c9fc83122a824ea8ef4271902a76d0c05a3f686185fe74d5733b19d919b148
                                        
                                            GET /static/upload/image/20220425/1650875357998574.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:24 GMT
Content-Length: 161642
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 08:29:17 GMT
Accept-Ranges: bytes
ETag: "5539818d7e58d81:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=www.meitu.com, datetime=2022:04:01 17:12:56], baseline, precision 8, 800x500, components 3\012- data
Size:   161642
Md5:    f6dae12f6305ef4ac9078872aba64bb0
Sha1:   307ef053bb3bb0d602e874326d88ff888e5220e4
Sha256: 4c67a0247d2b43b610cdfa56a52fc4c92f47373a67b3e976a1a2103be2430593
                                        
                                            GET /skin/images/yujingyufang1.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 219922
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 06:49:18 GMT
Accept-Ranges: bytes
ETag: "0ab38919566d81:0"
Server: wts/1.6


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1124, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1500], baseline, precision 8, 878x569, components 3\012- data
Size:   219922
Md5:    09300e10f90a81013147e25f332708fb
Sha1:   32007097e30e001921fac41b9c9d2299c781af6b
Sha256: d6e57de48c0319a2ffa9d475c2fe9b71078378b39cd0500b06e4be745a560af6
                                        
                                            GET /static/upload/image/20220905/1662347132258015.jpg HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.safeway-sh.com/
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 06:58:24 GMT
Content-Length: 86232
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 03:05:32 GMT
Accept-Ranges: bytes
ETag: "cc63635cd4c0d81:0"
Server: wts/1.6


--- Additional Info ---
                                        
                                            GET /skin/fonts/icofont.woff2 HTTP/1.1 
Host: www.safeway-sh.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.safeway-sh.com/skin/css/icofont.css
Cookie: lg=cn; PbootSystem=ct46q06mkfvfi2vas6tu7kh1m7

search
                                         125.65.113.54
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Date: Tue, 06 Dec 2022 06:58:23 GMT
Content-Length: 537868
Connection: keep-alive
Last-Modified: Thu, 14 Oct 2021 07:53:56 GMT
Accept-Ranges: bytes
ETag: "df7eaba3d0c0d71:0"
Server: wts/1.6


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing