r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8010
Expires: Sat, 19 Nov 2022 17:31:32 GMT
Date: Sat, 19 Nov 2022 15:18:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 916
Cache-Control: max-age=156507
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:02 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 10:46:29 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15250
Expires: Sat, 19 Nov 2022 19:32:12 GMT
Date: Sat, 19 Nov 2022 15:18:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 14:44:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1986
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Qg26btJzoH5pCGn8YOJGZqUQZhdK7aTB53GduICTB+1CdtEVs0r4SFWcQTAhEYFNPBaBiOI48To=
x-amz-request-id: YC0G20RG226JBKRM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 15:16:05 GMT
age: 117
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 15:18:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 14:44:49 GMT
cache-control: public,max-age=3600
age: 1994
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5852
Cache-Control: max-age=156381
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:03 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:44:24 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
www.photosurfbusniagara.com/
199.34.228.77200 OK 7.4 kB URL HTTP/1.1 www.photosurfbusniagara.com/
IP 199.34.228.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1350), with CRLF, LF line terminators
Hash 9a7d5825f945071415c95f64a634a27a
5498bbe05f14f4fd7fce66f5f50d6b4603d19019
291562683e9297282546a563c9bf67933a05baef17beb99497cfecabefc765a3
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 15:18:03 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.photosurfbusniagara.com
language=en; expires=Sat, 03-Dec-2022 15:18:03 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"6616eab06f7330b6bb8eea980d4c1492-gzip"
Content-Encoding: gzip
X-Host: grn71.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7413
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
142.250.74.10200 OK 521 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
IP 142.250.74.10:0
Hash b52e405858cd07e929b5387c0ed0d1de
8dc157b5ece5222f0f175eee9379a699dee76cd8
e289bd897465ef8c6c74d81d09ee98cf500d744073df727158f6323caf335547
GET /css?family=Montserrat:400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 19 Nov 2022 15:18:03 GMT
Date: Sat, 19 Nov 2022 15:18:03 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 558 B URL HTTP/1.1 fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
Hash de2df5765e9a8a64221d1bef18ff7825
6ba2e1fc90d3b8d134761cc55c21c84a8cf0fe3b
43737a44af8b68628ee3ef39ecab4749dfd0ca4808e78fdec75bc7be7d96a387
GET /css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 19 Nov 2022 15:18:03 GMT
Date: Sat, 19 Nov 2022 15:18:03 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 50EA0/BkI8DP0ecA7uNphg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lJUSSP9Ch0SEIAH73f+ttPxisnE=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 00:57:43 GMT
expires: Wed, 15 Nov 2023 00:57:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 397220
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.photosurfbusniagara.com/files/main_style.css?1656592588
199.34.228.77200 OK 7.4 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/main_style.css?1656592588
IP 199.34.228.77:0
File type ASCII text, with very long lines (1061)
Hash 7ef5319b9b45d1c1fce9714d6058a857
802824a1944d7405f2ca63fcc6f7ed4df8bb67e0
11b535ea7db6f3c0f4fa07db5dcfa050a4b6b6aff504c3141db2eebc43fc3eaf
Analyzer Verdict Alert fortinet Malware
GET /files/main_style.css?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu13.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.photosurfbusniagara.com/files/theme/plugins.js?1565969634
199.34.228.77200 OK 16 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/plugins.js?1565969634
IP 199.34.228.77:0
Hash 43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
GET /files/theme/plugins.js?1565969634 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b40535-0062847a75-b9fbc64-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu61.sf2p.intern.weebly.net
Content-Encoding: gzip
www.photosurfbusniagara.com/files/theme/custom.js?1565969634
199.34.228.77200 OK 1.8 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/custom.js?1565969634
IP 199.34.228.77:0
Hash 1f7d51d1b0acc9268e8aa57af11ee258
df55901d31c5b1de0181820e1bf123d61b5ec6c6
44ecca81c81024cd199ad979fd0ca46a379978a73a1c9ce09b6dfc9393cceff0
Analyzer Verdict Alert fortinet Malware
GET /files/theme/custom.js?1565969634 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Apr 2022 15:56:37 GMT
x-rgw-object-type: Normal
ETag: W/"48e887857aec23f184b0aa49c18d2445"
x-amz-request-id: tx000000000000001b1eaf5-0062847a75-b9fbc7f-sfo1
X-Storage-Bucket: z0567
X-Storage-Object: 0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a
X-Host: grn34.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/css/social-icons.css?buildtime=1656538743
151.101.85.46200 OK 1.6 kB URL HTTP/1.1 cdn2.editmysite.com/css/social-icons.css?buildtime=1656538743
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash 76ab16c86bc6140a89ed35c3c3608cce
87732e4b0ceba546e713dfb558e123ad71966b58
00ab98e90df85fb46e3de326adc8c4cb2b6ff22bae6da659f2c80e93028de35a
GET /css/social-icons.css?buildtime=1656538743 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1640
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 08 Nov 2022 22:59:47 GMT
ETag: W/"636adf63-3319"
Expires: Wed, 23 Nov 2022 08:13:11 GMT
Cache-Control: max-age=1209600
X-Host: blu75.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:04 GMT
Age: 889493
X-Served-By: cache-sjc10073-SJC, cache-bma1651-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 491, 1
X-Timer: S1668871085.658789,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/old/fancybox.css?1656538743
151.101.85.46200 OK 1.2 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/fancybox.css?1656538743
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1656538743 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1218
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 11 Nov 2022 17:05:17 GMT
ETag: "636e80cd-f47"
Expires: Tue, 29 Nov 2022 10:40:52 GMT
Cache-Control: max-age=1209600
X-Host: blu138.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:04 GMT
Age: 362232
X-Served-By: cache-sjc10067-SJC, cache-bma1632-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 324, 1
X-Timer: S1668871085.658950,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656538743&
151.101.85.46200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1656538743&
IP 151.101.85.46:0
File type ASCII text, with very long lines (65024)
Hash 3509bf8ad201306c460b51d1b8336f95
4b90d370c53fddaa24dc3166321f1356d22649eb
0cb564014e9a0e535dc7970da451d2decdb8c57785fc934b1a4c5406bd982351
GET /js/lang/en/stl.js?buildTime=1656538743& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 33036
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 09 Nov 2022 00:30:12 GMT
ETag: "636af494-2c7b5"
Expires: Thu, 24 Nov 2022 11:24:28 GMT
Cache-Control: max-age=1209600
X-Host: grn143.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:04 GMT
Age: 791616
X-Served-By: cache-sjc10037-SJC, cache-bma1624-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 1
X-Timer: S1668871085.658608,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/sites.css?buildTime=1656538743
151.101.85.46200 OK 30 kB URL HTTP/1.1 cdn2.editmysite.com/css/sites.css?buildTime=1656538743
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1656538743 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29746
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 11 Nov 2022 17:05:10 GMT
ETag: W/"636e80c6-347ac"
Expires: Tue, 29 Nov 2022 09:06:29 GMT
Cache-Control: max-age=1209600
X-Host: grn18.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:04 GMT
Age: 367895
X-Served-By: cache-sjc10047-SJC, cache-bma1632-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 41, 1
X-Timer: S1668871085.658859,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1656538743
151.101.85.46200 OK 159 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1656538743
IP 151.101.85.46:0
File type ASCII text, with very long lines (32007)
Size 159 kB (158930 bytes)
Hash f740fdfbcf394f270a9b176029fa6f37
5f20c49627104282744508eb0278d7185128532e
3021f0f944c9bd7c6e995601f25b3d970e0bd41f9a411f08b2871bb5415a8707
GET /js/site/main-customer-accounts-site.js?buildTime=1656538743 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 158930
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 18:36:01 GMT
ETag: "6373dc11-8250f"
Expires: Wed, 30 Nov 2022 08:10:47 GMT
Cache-Control: max-age=1209600
X-Host: blu62.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:04 GMT
Age: 284837
X-Served-By: cache-sjc10036-SJC, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 16, 1
X-Timer: S1668871085.658744,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/1.1 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25752
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 09 Nov 2022 00:31:12 GMT
ETag: "636af4d0-124fe"
Expires: Thu, 24 Nov 2022 08:38:41 GMT
Cache-Control: max-age=1209600
X-Host: grn91.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:04 GMT
Age: 801563
X-Served-By: cache-sjc10061-SJC, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 49, 9163
X-Timer: S1668871085.942970,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.photosurfbusniagara.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 17 Nov 2022 16:55:19 GMT
Expires: Fri, 17 Nov 2023 16:55:19 GMT
Cache-Control: public, max-age=31536000
Age: 166965
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
216.58.207.195200 OK 36 kB URL HTTP/1.1 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.photosurfbusniagara.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35764
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 17 Nov 2022 09:17:32 GMT
Expires: Fri, 17 Nov 2023 09:17:32 GMT
Cache-Control: public, max-age=31536000
Age: 194432
Last-Modified: Mon, 18 Jul 2022 19:06:36 GMT
Content-Type: font/woff2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7119
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 15:18:05 GMT
Connection: keep-alive
cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1667948387818
151.101.85.46200 OK 2.6 kB URL HTTP/1.1 cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1667948387818
IP 151.101.85.46:0
File type Web Open Font Format, TrueType, length 2636, version 1.0\012- data
Hash 0e88795b66eeac48b209209aa0179411
983e16566390f9167c6c4fbbdb052623fc01a631
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
GET /fonts/wSocial/wsocial.woff?ts=1667948387818 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.photosurfbusniagara.com
Connection: keep-alive
Referer: http://cdn2.editmysite.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2636
Server: nginx
Content-Type: font/woff
Last-Modified: Tue, 08 Nov 2022 21:15:06 GMT
ETag: "636ac6da-a4c"
Expires: Tue, 22 Nov 2022 23:24:35 GMT
Cache-Control: max-age=1209600
X-Host: blu71.sf2p.intern.weebly.net
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:05 GMT
Age: 921210
X-Served-By: cache-sjc10045-SJC, cache-bma1671-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 80, 1
X-Timer: S1668871085.018694,VS0,VE1
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7119
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 15:18:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35da1192dcadc6e329a9e60c16904301
90a146aef85765630a5e09e46a0a8682e204bec1
816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 48wUhxwMgsEj2J01EWOTCfWLNZPwFrjjXd6V_uSp8yae4YtGTTVlxA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 22:26:49 GMT
age: 60676
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf981b1ea47b981c73aa1f291be4d8a
d18b869e1940841e9b03f66f5608e381f1727b37
3352a04b9596b594aeb5de3dc70047196a830e3ca79babf7c1b72ff1103b2d26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7754
x-amzn-requestid: 2c21447c-03bb-4e50-9eeb-a8ae86c0d204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRmFuiIAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa70-7a7e65fc5d443a1d70feb62b;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MFN-Yhp70fPLS4R_tVxEvzt-YQ7COwXaXrmifEfXfpiC0epJHSJq7w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 63700
etag: "d18b869e1940841e9b03f66f5608e381f1727b37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7119
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 15:18:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 63700
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7119
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 15:18:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7119
Expires: Sat, 19 Nov 2022 17:16:44 GMT
Date: Sat, 19 Nov 2022 15:18:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 28823
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e9f6e24e829065d4f201b4c9d9c8fd1
317ec439968641329b83210f7fcab59023310077
d1d304d12f3e1c2ad9cf9279bbb7cab4a954942ab86f41d5333e030cdc7a55c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3842
x-amzn-requestid: 8effd7ec-299f-471f-8746-3cb81d94998b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: boYBREE6oAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63733a07-46160f6159dfb4a729e5d688;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 37fj6lqvqFTCEPkclxpI6OuYvlIB57GI2bS4wySNP3X4eQ3Lwy3WQA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 10:26:23 GMT
age: 17502
etag: "317ec439968641329b83210f7fcab59023310077"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 41652
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?_=1668871085015
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1668871085015
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js?_=1668871085015 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 19 Nov 2022 15:18:05 GMT
date: Sat, 19 Nov 2022 15:18:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a00fff9dd1711061b285e2136c973d13
66548ac11fc58024c6994539ab81804add41d2f2
4b87c5468c15817686a8497324c2a06d18fd5574141aa0476bf98aa3b8395a8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.232.247.128200 OK 0 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.232.247.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.photosurfbusniagara.com/
Origin: http://www.photosurfbusniagara.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.photosurfbusniagara.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 600
www.photosurfbusniagara.com/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1656592588
199.34.228.77200 OK 17 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1656592588
IP 199.34.228.77:0
File type Web Open Font Format (Version 2), TrueType, length 16560, version 2.6553\012- data
Hash 27958408325380d903e67d87768563b8
d728e699c79072f1c7b9602c771e241b8c04c8a4
83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/woff2
Content-Length: 16561
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:03 GMT
x-rgw-object-type: Normal
ETag: "27958408325380d903e67d87768563b8"
x-amz-request-id: tx000000000000001b8df36-0062847be8-b9fbc29-sfo1
X-Storage-Bucket: z83f8
X-Storage-Object: 83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
X-Host: blu137.sf2p.intern.weebly.net
Accept-Ranges: bytes
cdn2.editmysite.com/js/site/main.js?buildTime=1656538743
151.101.85.46200 OK 19 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main.js?buildTime=1656538743
IP 151.101.85.46:0
Hash 0ac58a0612212cd4760c70bc1ebf2cda
3caf3a4a7c4fb7ca982862322958321a6c754e85
535c244c6becd1b714bfb604ebe78f454a9e0922cae76af51b751318e5d24448
GET /js/site/main.js?buildTime=1656538743 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 146400
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 18:36:01 GMT
ETag: "6373dc11-74804"
Expires: Wed, 30 Nov 2022 11:33:29 GMT
Cache-Control: max-age=1209600
X-Host: grn69.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 19 Nov 2022 15:18:04 GMT
Age: 272675
X-Served-By: cache-sjc10052-SJC, cache-bma1675-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 24, 1
X-Timer: S1668871085.658587,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.photosurfbusniagara.com/files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1656592588
199.34.228.77200 OK 19 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1656592588
IP 199.34.228.77:0
File type Web Open Font Format (Version 2), TrueType, length 18964, version 2.6553\012- data
Hash 03eed84923bfc319da88de04298fa495
9b4e82ce10dc1ae528d53e22045df8610e5f3dcc
0f7cae04d4ab4ba9c1bceb2a59ab9dcd925103f186c6c430cf5d9ab032c18128
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/woff2
Content-Length: 18965
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:13 GMT
x-rgw-object-type: Normal
ETag: "03eed84923bfc319da88de04298fa495"
x-amz-request-id: tx000000000000001ac6203-00628479bb-b9fbc77-sfo1
X-Storage-Bucket: z0f7c
X-Storage-Object: 0f7cae04d4ab4ba9c1bceb2a59ab9dcd925103f186c6c430cf5d9ab032c18128
X-Host: grn122.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.232.247.128200 OK 2 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.232.247.128:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1780
Origin: http://www.photosurfbusniagara.com
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=55465c0c-d3dc-4e87-bdda-c384da8cd3ea; Expires=Sun, 19 Nov 2023 15:18:05 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.photosurfbusniagara.com
Access-Control-Allow-Credentials: true
www.photosurfbusniagara.com/uploads/6/8/1/0/68103121/published/img-f90041e07a08-1.jpeg?1656592380
199.34.228.77200 OK 298 kB URL HTTP/1.1 www.photosurfbusniagara.com/uploads/6/8/1/0/68103121/published/img-f90041e07a08-1.jpeg?1656592380
IP 199.34.228.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1052x762, components 3\012- data
Size 298 kB (297457 bytes)
Hash 77aeea3d32edb0761f53db0f6033a972
1c2f0390f06d73b310922a3720ca7265a78f2e00
c576624be154340a56070f3f1bb1758e529b475fd8fbd02c6bef6fd7d5f2b37c
GET /uploads/6/8/1/0/68103121/published/img-f90041e07a08-1.jpeg?1656592380 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:04 GMT
Content-Type: image/jpeg
Content-Length: 297457
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 12:33:00 GMT
x-rgw-object-type: Normal
ETag: "77aeea3d32edb0761f53db0f6033a972"
x-amz-request-id: tx000000000000035811a3b-006378f3ac-c669cc6-sfo1
X-Storage-Bucket: zc576
X-Storage-Object: c576624be154340a56070f3f1bb1758e529b475fd8fbd02c6bef6fd7d5f2b37c
X-Host: grn34.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
www.photosurfbusniagara.com/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1656592588
199.34.228.77200 OK 19 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1656592588
IP 199.34.228.77:0
File type Web Open Font Format (Version 2), TrueType, length 18760, version 2.6553\012- data
Hash 88f6742055e6eecac07f296cbd45214b
621e90fee4799ffa9e7cd33f089bc8d79590ce28
663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/woff2
Content-Length: 18761
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:04 GMT
x-rgw-object-type: Normal
ETag: "88f6742055e6eecac07f296cbd45214b"
x-amz-request-id: tx000000000000000044b69-006258b627-4d5d368-las
X-Storage-Bucket: z663f
X-Storage-Object: 663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
X-Host: grn57.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.photosurfbusniagara.com/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1656592588
199.34.228.77200 OK 21 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1656592588
IP 199.34.228.77:0
File type Web Open Font Format, TrueType, length 20709, version 1.0\012- data
Hash 9df5efadcd24b83511f3c339178210d8
74f67081083ebd94979f50e681df20bfbdc4cd8d
0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/woff
Content-Length: 20710
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "9df5efadcd24b83511f3c339178210d8"
x-amz-request-id: tx000000000000001b8df16-0062847d23-b9fbc63-sfo1
X-Storage-Bucket: z0d88
X-Storage-Object: 0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
X-Host: grn134.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.photosurfbusniagara.com/files/theme/fonts/8344e877-560d-44d4-82eb-9822766676f9.woff?1656592588
199.34.228.77200 OK 25 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/8344e877-560d-44d4-82eb-9822766676f9.woff?1656592588
IP 199.34.228.77:0
File type Web Open Font Format, TrueType, length 25421, version 1.0\012- data
Hash f389c4b917fe1cffdc8b47ae322a4ca6
026ed0873777d0ff8839acff6e2957477ab485e3
7e51b6128b1a4148b840d92a6d5778f4a67cdc7a10814926a0eaca530feb75bc
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/8344e877-560d-44d4-82eb-9822766676f9.woff?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/woff
Content-Length: 25422
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
ETag: "f389c4b917fe1cffdc8b47ae322a4ca6"
x-amz-request-id: tx0000000000000004fb928-005eaa6da7-1100fc6-las
X-Storage-Bucket: z7e51
X-Storage-Object: 7e51b6128b1a4148b840d92a6d5778f4a67cdc7a10814926a0eaca530feb75bc
X-Host: blu48.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.photosurfbusniagara.com/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1656592588
199.34.228.77200 OK 25 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1656592588
IP 199.34.228.77:0
File type Web Open Font Format, TrueType, length 24865, version 1.0\012- data
Hash 0f12c575e08f164252dbddaf87f03c35
46c9ee5775217080e1e40f2b8aae84157ef44d47
e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/woff
Content-Length: 24866
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "0f12c575e08f164252dbddaf87f03c35"
x-amz-request-id: tx000000000000001c28470-0062848c74-b9fbc20-sfo1
X-Storage-Bucket: ze0bc
X-Storage-Object: e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
X-Host: grn134.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.photosurfbusniagara.com/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1656592588
199.34.228.77200 OK 39 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1656592588
IP 199.34.228.77:0
File type TrueType Font data, 16 tables, 1st "GPOS", 26 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 98f6dacde86ebbaac7cc62b34a6e54cf
d232a9249b6f39e7d35ce6a555e070987357acc9
65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
GET /files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/ttf
Content-Length: 39185
Connection: close
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
ETag: "98f6dacde86ebbaac7cc62b34a6e54cf"
x-amz-request-id: tx0000000000000004976c1-005eaa6ae2-1100fc6-las
X-Storage-Bucket: z6503
X-Storage-Object: 65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
X-Host: blu48.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.photosurfbusniagara.com/files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1656592588
199.34.228.77200 OK 25 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1656592588
IP 199.34.228.77:0
File type Web Open Font Format, TrueType, length 25168, version 1.0\012- data
Hash 2f4c2c07910a4f4c70e95bbb7859f28e
1e95b73f1e87373b532928dd4a298a904ee440e9
f78c119c0807a2140e669a0e114ae2addcd782c948c91c25639e6eccfa6d08af
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/woff
Content-Length: 25169
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
ETag: "2f4c2c07910a4f4c70e95bbb7859f28e"
x-amz-request-id: tx00000000000000051c00f-005eaa6e9e-1100fc6-las
X-Storage-Bucket: zf78c
X-Storage-Object: f78c119c0807a2140e669a0e114ae2addcd782c948c91c25639e6eccfa6d08af
X-Host: blu13.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=680178835722179811&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-79.2508558&lat=42.88652039999999&domain=www&point=1&align=1&reseller=false
74.115.50.110302 Found 0 B URL HTTP/1.1 www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=680178835722179811&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-79.2508558&lat=42.88652039999999&domain=www&point=1&align=1&reseller=false
IP 74.115.50.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /weebly/apps/generateMap.php?map=google&elementid=680178835722179811&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-79.2508558&lat=42.88652039999999&domain=www&point=1&align=1&reseller=false HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 15:18:05 GMT
Server: Apache
Location: http://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=680178835722179811&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-79.2508558&lat=42.88652039999999&domain=www&point=1&align=1&reseller=false
X-Host: blu10.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-editor=FDDEBNAK; Domain=weebly.com; Path=/
www.photosurfbusniagara.com/uploads/6/8/1/0/68103121/bus5_orig.jpg
199.34.228.77200 OK 317 kB URL HTTP/1.1 www.photosurfbusniagara.com/uploads/6/8/1/0/68103121/bus5_orig.jpg
IP 199.34.228.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1100x796, components 3\012- data
Size 317 kB (316906 bytes)
Hash 7e894e71aa81ee6fc4885ffc0e2d1bec
018faf272f07cab60bdacfe7c84e7685fda7eb06
9ce267bb4f27030e705ef77b375e77095ca323d16fd4e6ac0ec772d24d995ac8
GET /uploads/6/8/1/0/68103121/bus5_orig.jpg HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:04 GMT
Content-Type: image/jpeg
Content-Length: 316906
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 12:34:00 GMT
x-rgw-object-type: Normal
ETag: "7e894e71aa81ee6fc4885ffc0e2d1bec"
x-amz-request-id: tx0000000000000357a8514-006378f3ac-c699baa-sfo1
X-Storage-Bucket: z9ce2
X-Storage-Object: 9ce267bb4f27030e705ef77b375e77095ca323d16fd4e6ac0ec772d24d995ac8
X-Host: grn67.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
www.photosurfbusniagara.com/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1656592588
199.34.228.77200 OK 52 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1656592588
IP 199.34.228.77:0
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 53427fd099b7a52f111705d7c7558f14
c2da00f48ed2d059802433cad18062cbe1a9f0d1
56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
GET /files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/ttf
Content-Length: 51501
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "53427fd099b7a52f111705d7c7558f14"
x-amz-request-id: tx000000000000000cb117d-0061a70896-a9f6a62-sfo1
X-Storage-Bucket: z56e2
X-Storage-Object: 56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
X-Host: grn67.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.photosurfbusniagara.com/files/theme/fonts/b28b01d9-78c5-46c6-a30d-9a62c8f407c5.ttf?1656592588
199.34.228.77200 OK 52 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/b28b01d9-78c5-46c6-a30d-9a62c8f407c5.ttf?1656592588
IP 199.34.228.77:0
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 36747c117e011d2c33c0cb1bb48e50b5
61e24ce2133c1ced416d8f161b20925de3e2ed1c
45b90462b6cc09e92f3e4ad818823ee61ddfd2db618d2ddb3372d19893b38d41
GET /files/theme/fonts/b28b01d9-78c5-46c6-a30d-9a62c8f407c5.ttf?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: font/ttf
Content-Length: 52165
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:42 GMT
x-rgw-object-type: Normal
ETag: "36747c117e011d2c33c0cb1bb48e50b5"
x-amz-request-id: tx000000000000001b35194-0062847d8c-b9fbc20-sfo1
X-Storage-Bucket: z45b9
X-Storage-Object: 45b90462b6cc09e92f3e4ad818823ee61ddfd2db618d2ddb3372d19893b38d41
X-Host: grn86.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=680178835722179811&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-79.2508558&lat=42.88652039999999&domain=www&point=1&align=1&reseller=false
74.115.50.67200 OK 12 kB URL HTTP/1.1 www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=680178835722179811&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-79.2508558&lat=42.88652039999999&domain=www&point=1&align=1&reseller=false
IP 74.115.50.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Hash 874d7a6dad21837072a4b1f1ca27d3b0
909af2b3b9a489e6a11aa31b33e9ce68e4919595
10ce8dbd41567a72c4808b43570ecd4be10763dbdc9145ab16c5492fb3680f06
GET /ajax/apps/generateMap.php?map=google&elementid=680178835722179811&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-79.2508558&lat=42.88652039999999&domain=www&point=1&align=1&reseller=false HTTP/1.1
Host: www.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.photosurfbusniagara.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 15:18:06 GMT
Server: Apache
X-Host: grn146.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11574
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-designer=KHAOBMAK; Domain=editmysite.com; Path=/
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sat, 19 Nov 2022 15:05:53 GMT
Expires: Sat, 19 Nov 2022 17:05:53 GMT
Cache-Control: public, max-age=7200
Age: 733
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.photosurfbusniagara.com
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 15:30:33 GMT
expires: Fri, 17 Nov 2023 15:30:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 172053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 15:18:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.photosurfbusniagara.com/favicon.ico
199.34.228.77200 OK 17 kB URL HTTP/1.1 www.photosurfbusniagara.com/favicon.ico
IP 199.34.228.77:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 7af9224d23146d94a83580b3edc0bb6d
397b77f2b62c74e84c43875057053a459bf57670
add3aac3da9bb402aa810f5c170c7a36a70cd8b0ad3fa0ec9edf550323a06620
GET /favicon.ico HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:06 GMT
Content-Type: image/x-icon
Content-Length: 16958
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 16:10:34 GMT
x-rgw-object-type: Normal
ETag: "7af9224d23146d94a83580b3edc0bb6d"
x-amz-request-id: tx000000000000035bab448-006378f3ae-c695612-sfo1
X-Storage-Bucket: zadd3
X-Storage-Object: add3aac3da9bb402aa810f5c170c7a36a70cd8b0ad3fa0ec9edf550323a06620
X-Host: grn40.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
www.photosurfbusniagara.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.77200 OK 348 B URL HTTP/1.1 www.photosurfbusniagara.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.77:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.photosurfbusniagara.com
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 15:18:06 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu50.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=65
Connection: Keep-Alive
Content-Type: application/json
www.photosurfbusniagara.com/files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1656592588
199.34.228.77200 OK 52 kB URL HTTP/1.1 www.photosurfbusniagara.com/files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1656592588
IP 199.34.228.77:0
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 0e7e6446b2256e0cab1eda85655b253e
db15e8b7df5ee737e4960e0190af1ceaed74d5ac
a4e7a777a8d0e1a06feffaff42f025b9d8d890ca1df6f46d84f5da810109f5c0
GET /files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1656592588 HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/files/main_style.css?1656592588
Cookie: is_mobile=0; language=en; _snow_ses.d598=*; _snow_id.d598=1d0929a1-0a30-4a86-99e0-24dc96cad2f4.1668871085.1.1668871085.1668871085.c346616c-6e68-4c23-8774-43355bbdb1ef
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:06 GMT
Content-Type: font/ttf
Content-Length: 52433
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
ETag: "0e7e6446b2256e0cab1eda85655b253e"
x-amz-request-id: tx000000000000009218140-005eaa5677-10e2649-las
X-Storage-Bucket: za4e7
X-Storage-Object: a4e7a777a8d0e1a06feffaff42f025b9d8d890ca1df6f46d84f5da810109f5c0
X-Host: grn33.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.10:0
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.editmysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 15:18:07 GMT
date: Sat, 19 Nov 2022 15:18:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.photosurfbusniagara.com/uploads/6/8/1/0/68103121/background-images/1408853430.jpeg
199.34.228.77200 OK 844 kB URL HTTP/1.1 www.photosurfbusniagara.com/uploads/6/8/1/0/68103121/background-images/1408853430.jpeg
IP 199.34.228.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1500, components 3\012- data
Size 844 kB (844389 bytes)
Hash ea2aab02203b2f551688b875f1f32557
bac2d37266f2ec549f634fffea47a723c8209bb2
24f5dce7ebeddc0971cc282c4fe10dfe010ca098843bd2f492c71518f89be0da
Analyzer Verdict Alert fortinet Malware
GET /uploads/6/8/1/0/68103121/background-images/1408853430.jpeg HTTP/1.1
Host: www.photosurfbusniagara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.photosurfbusniagara.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 15:18:05 GMT
Content-Type: image/jpeg
Content-Length: 844389
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 13:20:27 GMT
x-rgw-object-type: Normal
ETag: "ea2aab02203b2f551688b875f1f32557"
x-amz-request-id: tx00000000000003561b7ef-006378f3ad-c696eea-sfo1
X-Storage-Bucket: z24f5
X-Storage-Object: 24f5dce7ebeddc0971cc282c4fe10dfe010ca098843bd2f492c71518f89be0da
X-Host: blu152.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5af431deee2fb28fcc08b25f5162944
6dac89954db5946b9ac1fdca3196d8b6bb3f54c3
b22d9111361ebce06d55d14d05f4a5206ca7097b059bbe6bc02b10391b61f458
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: 60bd00c0-6808-4bc5-a0cb-e4390d353d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: befxSFJOIAMF6Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f466e-514b3be121f077d559acdb86;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:08:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E-bkNv53D_wWbPQkwNATrkuxsci_F32QIg7NCRL8yL8BoF_3lV-q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 11:33:44 GMT
age: 13467
etag: "6dac89954db5946b9ac1fdca3196d8b6bb3f54c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.10:0
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.editmysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 15:18:07 GMT
date: Sat, 19 Nov 2022 15:18:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2