r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sun, 05 Feb 2023 23:24:05 GMT
Date: Sun, 05 Feb 2023 22:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10994
Expires: Mon, 06 Feb 2023 01:47:17 GMT
Date: Sun, 05 Feb 2023 22:44:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 22:33:59 GMT
content-type: application/json
age: 604
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18675
Expires: Mon, 06 Feb 2023 03:55:18 GMT
Date: Sun, 05 Feb 2023 22:44:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n27ls8orfvbNJBoXfeGfbe88siAf9rWVJ16ziWWeEcYwHAjuKrN+eozDGsTSplXvdkVmccuDhvg=
x-amz-request-id: KE21NVPW90QZ9CEE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 22:24:40 GMT
age: 1164
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
pdf-sharefile-doc.weeblysite.com/
199.34.228.96302 Found 406 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/
IP 199.34.228.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f0c230a336a5338e46242f74a22138f1
f376a3ef7acf03982620f320771a11aacbffb954
4ef4523d83df8d9be2ea05941b8f89e9da9a36028706dad0a10df97ac5798224
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET / HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sun, 05 Feb 2023 22:44:03 GMT
Location: https://pdf-sharefile-doc.weeblysite.com
Set-Cookie: publishedsite-xsrf=eyJpdiI6Ik1LTnNJRVBoY0o3N1h1NVJnR0didUE9PSIsInZhbHVlIjoicGcxVDMzdk5STERMb0lHRTcrSDJYMU9mUjBlSlpWblE0Rkl1RlVqenh5WExiQjdrV1NqQW1DQytGYnhDdHZkMnBRUnRSb1Z2MU1aUVEyVWJBUm5kRnhkTnk0VlJsWnJGQW1JUUJXMnVqdXR2cmFtSlYrdDVLTWZralhrc1lLb1MiLCJtYWMiOiIzNDMzM2ZhMzMxNDEzNGZmZDc1Nzc5NjA1MTIwN2NmMDFjZjBiMTRmMDk3MmUxMWU2MTY2YTZmODEzYjE2MGEwIiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:03 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IjNuNVFnYVdTcjZzR0taSmN0VFZMUWc9PSIsInZhbHVlIjoiWHpOYnVEU2dNQkw2U2c3NjlqcGUwc2o0R1BGSUZSZG5UZWpXRUhoRVBqaHBhZjMwV3pxN0hJbnB4RUFJNWJtVnVCS0lvdVFxa0RHSndieGhEU0pLZUJPUnpMcER2ZG9Ld3BGMGVuNjZPSmZNTG5sUGhFN0s0UldGcFFUT1BkYlYiLCJtYWMiOiIyYTgzNmNmOWU1ZGU0ZDYxN2IwMjRhNTdhNzc3MTYwYjgzOThlNTgzYzExYjI1NmI2ZThiMTYzNDc5MWUzNDc2IiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:03 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6ImFCTGp4UWttdHRZYkxFTDV4cWxIUlE9PSIsInZhbHVlIjoiemFJUXBPWDR2RHVvVGxaTU9EWGpycHJVelFLY2VXRG5EaXBCNGhkeGFBbmxTaC9mUWdMR0grMURsd2ZBdE9uNXZ5b0IxNU82dzZrNzBIVTRwazUyRWZ4eDJXS3BEbDVJUGZpbllFMjlXb01xWW1PdEtEVTFoYjdiTWk4bCthWEMiLCJtYWMiOiJmNDJmODQ2OWZhYjdhYTkxNWIzZDE3ZDEyNjUzNWQ1YjA1NDczMTQ3NDViNjZjMDdmZjJkYmQzYmEyY2ZkZDAzIiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:03 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn149.sf2p.intern.weebly.net
X-Revision: fda04fb0c4da514420648be3ebc7259644a826ce
X-Request-ID: a7ff9708ac9dc9716c4ac411d74e1218
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 22:44:04 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 21:51:16 GMT
age: 3168
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe7071ff655f5733b3eb881f939bde08
777338f4d2f5e34b20e4d9fd86cbd6ff1d2351c0
85a347df1023c4f4ce24d42675bef977070c9de62290f56eea2d90a89c23122e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4955
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 22:44:04 GMT
Last-Modified: Sun, 05 Feb 2023 21:21:29 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8478
Expires: Mon, 06 Feb 2023 01:05:22 GMT
Date: Sun, 05 Feb 2023 22:44:04 GMT
Connection: keep-alive
pdf-sharefile-doc.weeblysite.com/
199.34.228.96200 OK 9.9 kB URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/
IP 199.34.228.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18570)
Hash 400a4f065f6e0b677003b5871794c608
291ee6de4771bc03b0e1abccb70984583d9fc9e5
daa013e6758602cc4df85737a1d3db7167caf4fe2220a17624cb91b0333d1cd9
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET / HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sun, 05 Feb 2023 22:44:00 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IkZEdWI1T01kVTFlcldycnZ6YWRDS3c9PSIsInZhbHVlIjoiWmtkUVFiTUxzOXNMUGxQbGlwaWFuRlNHeVhZTHZJM2tKaEpQNFlWMU5RMG9FVzlPUExUc3NYSGRJNXJKdUFNQjk0M0h2ZTN2WVQzbXRjc05wWGhBRjBWRC9SN2plZTNjVUdoMHdESlBBTE0xdjhDMWk0VTdSYkFiczQvQ0NDaUMiLCJtYWMiOiI2OGQwMjE3YjBjOTkwMGEwZWZhYWRiZjg5YWEzNzQzNzQzNDUyOWY4ZTI2MjFhNDljNDQwZmUxNDA1M2M0M2VlIiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:04 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:04 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6ImVVZG14MTAwN00yVHI2OCtmMzcyY3c9PSIsInZhbHVlIjoiai94dkdWWTFlMW5qRVFKVlNFbWJzaC9RTkRHaTlWejY3aXZwVXJibkozMndVWkQwQ091OEFiUDB3SlovMVdPSDQvUXQzdHV2WjhzWU5aRkZyUCtrbEdJa01keGJiOThmT1IyODFRd0JKVk1tN2lqOFA0d2YxMjh5aUdqaUt2VXEiLCJtYWMiOiIyMDQ0ZmJhNjNhMzMxYjYwNDRjM2ViMDMyYWEwYjhkMzI3NTY3ZjVmOTIwYmEzM2ZjMzM4ZWNjYzQzOTA0MjJjIiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:04 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn149.sf2p.intern.weebly.net
X-Revision: fda04fb0c4da514420648be3ebc7259644a826ce
X-Request-ID: fb368d273e737f713c1b96f2c1e94f30
Content-Encoding: gzip
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 1864918b81eea82a3a6568b8958bd33b
acb49f3ed748c0fa6a5504b28f853095c6acd16b
65481358bbc41fa3b71d22254775eeb77eabddf6287398579977a382cec0e3ab
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 22:44:04 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "9BFE6AC94FD7D97CEAD54947EC99D480D5CB8BFA"
Expires: Mon, 06 Feb 2023 09:00:00 GMT
Last-Modified: Sun, 05 Feb 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1919
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794f2b2a9e940b41-OSL
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.65.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.65.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 22:57:31 GMT
etag: "63daee5b-124fe"
expires: Thu, 16 Feb 2023 08:38:42 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Feb 2023 22:44:04 GMT
age: 309923
x-served-by: cache-sjc10061-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 3666
x-timer: S1675637045.905070,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.135.48101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.135.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NrYGzz6iO8JhXfeRWmZDjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rb3Mp58NZtEawfeQk8LANsjaiwM=
pdf-sharefile-doc.weeblysite.com/static/icons/circle.svg
199.34.228.96200 OK 105 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/static/icons/circle.svg
IP 199.34.228.96:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ec3f9709c7371aa4ab61e51dc4d03266
75bfd238d39ce6b1b2dea49a72145b8cbead95bd
cdbfab0188f4be61e0c17aac289f70864c6dd52f59a063172e3506dfc3c68644
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /static/icons/circle.svg HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IkZEdWI1T01kVTFlcldycnZ6YWRDS3c9PSIsInZhbHVlIjoiWmtkUVFiTUxzOXNMUGxQbGlwaWFuRlNHeVhZTHZJM2tKaEpQNFlWMU5RMG9FVzlPUExUc3NYSGRJNXJKdUFNQjk0M0h2ZTN2WVQzbXRjc05wWGhBRjBWRC9SN2plZTNjVUdoMHdESlBBTE0xdjhDMWk0VTdSYkFiczQvQ0NDaUMiLCJtYWMiOiI2OGQwMjE3YjBjOTkwMGEwZWZhYWRiZjg5YWEzNzQzNzQzNDUyOWY4ZTI2MjFhNDljNDQwZmUxNDA1M2M0M2VlIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6ImVVZG14MTAwN00yVHI2OCtmMzcyY3c9PSIsInZhbHVlIjoiai94dkdWWTFlMW5qRVFKVlNFbWJzaC9RTkRHaTlWejY3aXZwVXJibkozMndVWkQwQ091OEFiUDB3SlovMVdPSDQvUXQzdHV2WjhzWU5aRkZyUCtrbEdJa01keGJiOThmT1IyODFRd0JKVk1tN2lqOFA0d2YxMjh5aUdqaUt2VXEiLCJtYWMiOiIyMDQ0ZmJhNjNhMzMxYjYwNDRjM2ViMDMyYWEwYjhkMzI3NTY3ZjVmOTIwYmEzM2ZjMzM4ZWNjYzQzOTA0MjJjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637087.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 22:44:05 GMT
Content-Type: image/svg+xml
Content-Length: 105
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 16:48:48 GMT
x-rgw-object-type: Normal
ETag: "ec3f9709c7371aa4ab61e51dc4d03266"
x-amz-request-id: tx00000000000006b259832-0063d946d1-c699baa-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu40.sf2p.intern.weebly.net
X-Revision: fda04fb0c4da514420648be3ebc7259644a826ce
X-Request-ID: 6935e19cb4b17375da78d602efe9bc87
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 59644327aa0591f478de830fcb8b05aa
38bc8ad0e1269e0ea71d04b188347399aa91c72c
1ca652704ae9a91c8552d0b78a54c6532b0a59533770ccd3f0f5da2f104fdafc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 22:44:05 GMT
Last-Modified: Sun, 05 Feb 2023 21:45:40 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: onDne-rPDmGr2NiMFXrUgKFKQIfZE1WWzyecpA7U78D7xz_DGrm4FA==
Age: 3505
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 59644327aa0591f478de830fcb8b05aa
38bc8ad0e1269e0ea71d04b188347399aa91c72c
1ca652704ae9a91c8552d0b78a54c6532b0a59533770ccd3f0f5da2f104fdafc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 22:44:05 GMT
Last-Modified: Sun, 05 Feb 2023 22:02:29 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: esftjECsnby4T3zzqrnY12Pca53jp_9-Q0nDvVdnvVSePZZRiEI2fA==
Age: 2496
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.189.234.52200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.189.234.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pdf-sharefile-doc.weeblysite.com/
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 22:44:05 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://pdf-sharefile-doc.weeblysite.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.96200 OK 224 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 13593f6286d97ef957f443963fe931b8
fd8712c00baba802817d2189ca3ad204ca0cdd7a
4e8bba6a89604ac9c26316b3fc9ad4429053bf28e96ea657f198f8255e564f28
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0=
Content-Length: 78
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IkZEdWI1T01kVTFlcldycnZ6YWRDS3c9PSIsInZhbHVlIjoiWmtkUVFiTUxzOXNMUGxQbGlwaWFuRlNHeVhZTHZJM2tKaEpQNFlWMU5RMG9FVzlPUExUc3NYSGRJNXJKdUFNQjk0M0h2ZTN2WVQzbXRjc05wWGhBRjBWRC9SN2plZTNjVUdoMHdESlBBTE0xdjhDMWk0VTdSYkFiczQvQ0NDaUMiLCJtYWMiOiI2OGQwMjE3YjBjOTkwMGEwZWZhYWRiZjg5YWEzNzQzNzQzNDUyOWY4ZTI2MjFhNDljNDQwZmUxNDA1M2M0M2VlIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6ImVVZG14MTAwN00yVHI2OCtmMzcyY3c9PSIsInZhbHVlIjoiai94dkdWWTFlMW5qRVFKVlNFbWJzaC9RTkRHaTlWejY3aXZwVXJibkozMndVWkQwQ091OEFiUDB3SlovMVdPSDQvUXQzdHV2WjhzWU5aRkZyUCtrbEdJa01keGJiOThmT1IyODFRd0JKVk1tN2lqOFA0d2YxMjh5aUdqaUt2VXEiLCJtYWMiOiIyMDQ0ZmJhNjNhMzMxYjYwNDRjM2ViMDMyYWEwYjhkMzI3NTY3ZjVmOTIwYmEzM2ZjMzM4ZWNjYzQzOTA0MjJjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637087.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8; _dd_s=rum=1&id=19d0a3a6-fa37-49c3-8b44-ac482999724b&created=1675637087630&expire=1675637987630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 22:44:05 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn88.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 224
Keep-Alive: timeout=10, max=61
Connection: Keep-Alive
Content-Type: application/json
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pdf-sharefile-doc.weeblysite.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://pdf-sharefile-doc.weeblysite.com
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 22:44:05 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://pdf-sharefile-doc.weeblysite.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.189.234.52200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.189.234.52:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1951
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 22:44:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Mon, 05 Feb 2024 22:44:05 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://pdf-sharefile-doc.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2472
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 22:44:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2472
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 22:44:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2472
Expires: Sun, 05 Feb 2023 23:25:18 GMT
Date: Sun, 05 Feb 2023 22:44:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 1981
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 3237
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 3243
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f54c8725e5dab88b12d42876fa61b12
89c734d690981e30f9d566a7763a1870724d65aa
b8cc5148ae01e1a1fe32f56bdce71de086da320cdd8a55a746609c9773fdaf77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9809
x-amzn-requestid: 60ff8265-45f4-445b-bf49-e0f1ba4cc3da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzRVKFf7IAMF9hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfc20-3390f67342da01416e720af6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ven3rHNpHQ94K0pntkthMllzUZIpGAGGNe_-zGTmYTtIhuQ3tZ7rQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 17:57:59 GMT
age: 17167
etag: "89c734d690981e30f9d566a7763a1870724d65aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c145b7d4f95cca98f9b942a291c9d60
967e1da2df2ce864b1c67e28099c8b161810e240
01f3a9d99b735eb512dd8a251b926eccb05a960e03056fe0a50d4bad7fc4b5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6116
x-amzn-requestid: d6d032ad-c788-4b63-aab5-fdb9f110f86a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okcGmOoAMFp-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214f-172d50bc478a1fac5d4442cd;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2Hl7AlAxp405wt3wk8fRiEr3xMyslJjpKXgSlyU8Hvv23HogWQFvUg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:45 GMT
age: 2001
etag: "967e1da2df2ce864b1c67e28099c8b161810e240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 1992
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pdf-sharefile-doc.weeblysite.com/app/website/cms/api/v1/users/138601929/customers/coordinates
199.34.228.96200 OK 70 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/app/website/cms/api/v1/users/138601929/customers/coordinates
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0202fec5c18173b1ccef517d7a8fb076
ed3c42952ab998b5f8f4570735caccb08bbbfbba
a496539bedf56d084f7654fb244367daf638da6ab09f7812b81c743baa995e26
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /app/website/cms/api/v1/users/138601929/customers/coordinates HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0=
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IkZEdWI1T01kVTFlcldycnZ6YWRDS3c9PSIsInZhbHVlIjoiWmtkUVFiTUxzOXNMUGxQbGlwaWFuRlNHeVhZTHZJM2tKaEpQNFlWMU5RMG9FVzlPUExUc3NYSGRJNXJKdUFNQjk0M0h2ZTN2WVQzbXRjc05wWGhBRjBWRC9SN2plZTNjVUdoMHdESlBBTE0xdjhDMWk0VTdSYkFiczQvQ0NDaUMiLCJtYWMiOiI2OGQwMjE3YjBjOTkwMGEwZWZhYWRiZjg5YWEzNzQzNzQzNDUyOWY4ZTI2MjFhNDljNDQwZmUxNDA1M2M0M2VlIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6ImVVZG14MTAwN00yVHI2OCtmMzcyY3c9PSIsInZhbHVlIjoiai94dkdWWTFlMW5qRVFKVlNFbWJzaC9RTkRHaTlWejY3aXZwVXJibkozMndVWkQwQ091OEFiUDB3SlovMVdPSDQvUXQzdHV2WjhzWU5aRkZyUCtrbEdJa01keGJiOThmT1IyODFRd0JKVk1tN2lqOFA0d2YxMjh5aUdqaUt2VXEiLCJtYWMiOiIyMDQ0ZmJhNjNhMzMxYjYwNDRjM2ViMDMyYWEwYjhkMzI3NTY3ZjVmOTIwYmEzM2ZjMzM4ZWNjYzQzOTA0MjJjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637087.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8; _dd_s=rum=1&id=19d0a3a6-fa37-49c3-8b44-ac482999724b&created=1675637087630&expire=1675637987630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sun, 05 Feb 2023 22:44:06 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IlBCa1FlTWZEZ3pmWkdBUGJFRUYrN1E9PSIsInZhbHVlIjoiUzEyMXNYUnk1VjFlQnBOcHBDbUR0MEY0RExVY2lKM2RaN0Nlbm9qQWlFMitva2duVExIV3hEZXhudnVpazBoeUtyVERRTkw5dkFQZjdPN3NNMmhWOXpaOW5jdkFaWVpDVVl6NFZLamNrdis3ZkxCMGI3aUE4Smw4VFlWUG1uQ1EiLCJtYWMiOiIzNDQ1MmNkMzI2YWNlYzNjNmMwZTVmMzA4YzUxYzY5YmViODZkNTgwZmUwNTExYTdiYWY0YzMwYmQ5ZGI2N2M4IiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:06 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IkdwSzY2clNrS2N2NVIxZ0s3dFM3eHc9PSIsInZhbHVlIjoiQ2hOUmRyNkg0SEg2OGhpRGVpcmV0bmJMOGZ1Qk9TZEtPajR4MjdiZVpoS3NBUk1aa1pFYU81cm9KMFRKRC9LMklOTVlHcGI0OVNaRkc5Y2JGWDN0d0k0dldzOTY5REhER3FmQ0xZUkUrUjQ0c1cySzdkTER6Wk03bDgrS2ZxMzUiLCJtYWMiOiI2ZGQ4NjVkMzkzMDhhY2U0MTI1ZWU4YjQxYWU3YzRiOTliM2M1NGEyNDgwNGVlYTI1NDQyNTRkODc4NTI5YzM4IiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:06 GMT; Max-Age=1209600; path=/; samesite=lax
X-Host: blu40.sf2p.intern.weebly.net
X-Revision: fda04fb0c4da514420648be3ebc7259644a826ce
X-Request-ID: 11ec51b8fdf667fe157dbc6db0bbc740
Content-Encoding: gzip
pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.96200 OK 201 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0=
Content-Length: 83
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IkZEdWI1T01kVTFlcldycnZ6YWRDS3c9PSIsInZhbHVlIjoiWmtkUVFiTUxzOXNMUGxQbGlwaWFuRlNHeVhZTHZJM2tKaEpQNFlWMU5RMG9FVzlPUExUc3NYSGRJNXJKdUFNQjk0M0h2ZTN2WVQzbXRjc05wWGhBRjBWRC9SN2plZTNjVUdoMHdESlBBTE0xdjhDMWk0VTdSYkFiczQvQ0NDaUMiLCJtYWMiOiI2OGQwMjE3YjBjOTkwMGEwZWZhYWRiZjg5YWEzNzQzNzQzNDUyOWY4ZTI2MjFhNDljNDQwZmUxNDA1M2M0M2VlIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6ImVVZG14MTAwN00yVHI2OCtmMzcyY3c9PSIsInZhbHVlIjoiai94dkdWWTFlMW5qRVFKVlNFbWJzaC9RTkRHaTlWejY3aXZwVXJibkozMndVWkQwQ091OEFiUDB3SlovMVdPSDQvUXQzdHV2WjhzWU5aRkZyUCtrbEdJa01keGJiOThmT1IyODFRd0JKVk1tN2lqOFA0d2YxMjh5aUdqaUt2VXEiLCJtYWMiOiIyMDQ0ZmJhNjNhMzMxYjYwNDRjM2ViMDMyYWEwYjhkMzI3NTY3ZjVmOTIwYmEzM2ZjMzM4ZWNjYzQzOTA0MjJjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637087.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8; _dd_s=rum=1&id=19d0a3a6-fa37-49c3-8b44-ac482999724b&created=1675637087630&expire=1675637987630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 22:44:06 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn129.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=60
Connection: Keep-Alive
Content-Type: application/json
pdf-sharefile-doc.weeblysite.com/site-icon?device=ios&size=180
199.34.228.96404 Not Found 620 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/site-icon?device=ios&size=180
IP 199.34.228.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 609283f0abd216f052c6b32877678dfb
990ea8c9bac587ffc680dfdcaf54706c0ee3288b
2c02a57d702cb0cf240374bb61b7724b408b998b9cd9825bc0e55f74f27cc10d
Analyzer Verdict Alert openphish Generic/Spear Phishing
GET /site-icon?device=ios&size=180 HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IkZEdWI1T01kVTFlcldycnZ6YWRDS3c9PSIsInZhbHVlIjoiWmtkUVFiTUxzOXNMUGxQbGlwaWFuRlNHeVhZTHZJM2tKaEpQNFlWMU5RMG9FVzlPUExUc3NYSGRJNXJKdUFNQjk0M0h2ZTN2WVQzbXRjc05wWGhBRjBWRC9SN2plZTNjVUdoMHdESlBBTE0xdjhDMWk0VTdSYkFiczQvQ0NDaUMiLCJtYWMiOiI2OGQwMjE3YjBjOTkwMGEwZWZhYWRiZjg5YWEzNzQzNzQzNDUyOWY4ZTI2MjFhNDljNDQwZmUxNDA1M2M0M2VlIiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlgzNG92eTJmb05kd1QrUmZuVzAzU1E9PSIsInZhbHVlIjoiMGxDL013bms1RGJsVVhRb1V2Z21SbFdYRnBFRlFDQ3BLUkpKVmxmcXIwbUdkUHlSa1Z3akREdW8wZnNjd0tjWDhZMkt6S3Y5R0RuazBZaVdZaHRaS01sZWYyTmJRcUpsVVNOZXZyc0hVNldIWWxLVnhocU4xblVxTXprNmJ1MnkiLCJtYWMiOiJiMmJlMzEyZGI4YmI0ZjUyNjBmMzY2MDMwYmUwOGJlMTk5OWRjYjUwN2IzZWQxMmIxYzMzNjdmNzQ1YWYzMDA2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6ImVVZG14MTAwN00yVHI2OCtmMzcyY3c9PSIsInZhbHVlIjoiai94dkdWWTFlMW5qRVFKVlNFbWJzaC9RTkRHaTlWejY3aXZwVXJibkozMndVWkQwQ091OEFiUDB3SlovMVdPSDQvUXQzdHV2WjhzWU5aRkZyUCtrbEdJa01keGJiOThmT1IyODFRd0JKVk1tN2lqOFA0d2YxMjh5aUdqaUt2VXEiLCJtYWMiOiIyMDQ0ZmJhNjNhMzMxYjYwNDRjM2ViMDMyYWEwYjhkMzI3NTY3ZjVmOTIwYmEzM2ZjMzM4ZWNjYzQzOTA0MjJjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637087.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8; _dd_s=rum=1&id=19d0a3a6-fa37-49c3-8b44-ac482999724b&created=1675637087630&expire=1675637987630
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sun, 05 Feb 2023 22:44:06 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6InFaeFB2SUh5ck93RUo0M2hJaEsvdWc9PSIsInZhbHVlIjoiQTNWUmg5SENTNW5CckZZVnRjb0g1VnowU0ZyOUV0dGoxTFVSd0tUSXlGanV3b3VSSFR2eWhyc0RwNmdZZS9CT2c3cTRkTUNjM1ZESHY1OWZqdG40MXBvZ04yRVZWRWFnaHhFWG9HeXEwbjlGQk1xMU40cnlVY3ZEay93akxxNTUiLCJtYWMiOiI1YTFiNWYxYWVlYzZiNGY2NmJmYWE4OTQ3ZmViNGY0ZDc5ZmQ2NzMxN2E0ZTllOGQ5MTA5YTJhODczZTA1YTQ1IiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:06 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6ImlzeE14VlBXTURNK1VZRWVjcTg4c3c9PSIsInZhbHVlIjoiK1N5M2NtdmV3NWduOHFDWm16SW1WSCsra2RvQ0E4WmcwaFcwZ2ZGRVlQVExUUVByay8wNXVRMWlTSUw2ekJSUXlUN3NrWHVjRjVvcjVucXhvS1pDUkdFMGpOQkhUck44S3RMSmdUSFRnbTlnUXViSWs3d1JrbU5oanltdzNiNjgiLCJtYWMiOiJiN2ViNjU5ZjY1Nzk5ZjhlNTBlOTViMzg0ZjJlODgzMjgxNzViOWQ2MmRjMDgwMWNiNDMwOTM3YWY5ZGJhNmQ5IiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:06 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6InJ3TERjQUhWYXhib004ZTI2OWg4a1E9PSIsInZhbHVlIjoieWZZUnprcDgrRDFzRjRtcVhkeGJIeXZLdW5OWDRwcHIvVWJNaEhHZzNFTHZEL1FIZ3hTRTQ1TVJ6alczcUhlRGtYVFFBOWVpZCtMb080SVlyNFNINkRna21lWTdscEtESXBBVTkvR3hwREpFUm04S1FvRHZUcGFXb1lCOGtRWGQiLCJtYWMiOiIxMmQzMDg2Yzc3MWExOTM4NGM0YzljMjdiZWM0OTQ0NzY0MzUzY2ExM2IxMmFhMzZhNGY4MzgzZWFjNGZlNGZjIiwidGFnIjoiIn0%3D; expires=Sun, 19-Feb-2023 22:44:06 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn133.sf2p.intern.weebly.net
X-Revision: fda04fb0c4da514420648be3ebc7259644a826ce
X-Request-ID: 16689bec0df2d8f3aab795db883d3dee
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ffc8c55efa45a37db8a1178ae5b81859
7d55d87ad545da1d9d51e419dbab323dd7ca2c48
110f1d6ce54e47b9cad1279c7b9fe5713ffdc2fc21d11bb51322b48090d76879
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3055
Cache-Control: max-age=138715
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 22:44:06 GMT
Etag: "63dfa022-1d7"
Expires: Tue, 07 Feb 2023 13:16:01 GMT
Last-Modified: Sun, 05 Feb 2023 12:25:06 GMT
Server: ECS (amb/6BA2)
X-Cache: HIT
Content-Length: 471
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.189.234.52200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.189.234.52:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2391
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 22:44:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Mon, 05 Feb 2024 22:44:06 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://pdf-sharefile-doc.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 34cc0dc458f9619a4f528f8db31c5518
b5fe543524dfed347ba6c5f1f85d0d3258798bde
bc722ec77a9e23f6ff945567fd96e6ac7cece40e4e540006a721a58bdddac983
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5090
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 22:44:06 GMT
Last-Modified: Sun, 05 Feb 2023 21:19:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.weebly.com/favicon.ico
74.115.50.110200 OK 4.3 kB URL HTTP/1.1 www.weebly.com/favicon.ico
IP 74.115.50.110:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
GET /favicon.ico HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 22:44:06 GMT
Server: Apache
Last-Modified: Sun, 05 Feb 2023 21:35:42 GMT
ETag: "10be-5f3fab2482780"
Accept-Ranges: bytes
Content-Length: 4286
X-Host: blu94.sf2p.intern.weebly.net
Vary: User-Agent
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
X-W-DC: SFO
Set-Cookie: sto-id-editor=JNHFBNAK; Domain=weebly.com; Path=/
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.189.234.52200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.189.234.52:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1850
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 22:44:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Mon, 05 Feb 2024 22:44:06 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://pdf-sharefile-doc.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-fda04fb&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=9e7ade03-2266-4400-bc37-99289de124ca&batch_time=1675637088759
3.233.154.99202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-fda04fb&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=9e7ade03-2266-4400-bc37-99289de124ca&batch_time=1675637088759
IP 3.233.154.99:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9de41f47eeb8c22a6e707820d770d16a
45bae4178856f540f87463185d23e437beea8bc9
52e3ceb5c73fb31347e546e69bae9c5c37a76ad6598764e5f02972c3928c3a51
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-fda04fb&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=9e7ade03-2266-4400-bc37-99289de124ca&batch_time=1675637088759 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15795
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sun, 05 Feb 2023 22:44:07 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-fda04fb&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=43b9afb8-5f1e-45c0-8adc-a647d9fb288b&batch_time=1675637089029
3.233.154.99202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-fda04fb&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=43b9afb8-5f1e-45c0-8adc-a647d9fb288b&batch_time=1675637089029
IP 3.233.154.99:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8d77b8ba8cf576ff1b2a8884653775de
c945630abc1f071a3e0b342db7fef546a8d46d93
132297349855f0c41eaf1721d02adcd83ad153ed3a292cade3b426ec8bcd94c3
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-fda04fb&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=43b9afb8-5f1e-45c0-8adc-a647d9fb288b&batch_time=1675637089029 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15904
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sun, 05 Feb 2023 22:44:07 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.96200 OK 182 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6ImlzeE14VlBXTURNK1VZRWVjcTg4c3c9PSIsInZhbHVlIjoiK1N5M2NtdmV3NWduOHFDWm16SW1WSCsra2RvQ0E4WmcwaFcwZ2ZGRVlQVExUUVByay8wNXVRMWlTSUw2ekJSUXlUN3NrWHVjRjVvcjVucXhvS1pDUkdFMGpOQkhUck44S3RMSmdUSFRnbTlnUXViSWs3d1JrbU5oanltdzNiNjgiLCJtYWMiOiJiN2ViNjU5ZjY1Nzk5ZjhlNTBlOTViMzg0ZjJlODgzMjgxNzViOWQ2MmRjMDgwMWNiNDMwOTM3YWY5ZGJhNmQ5IiwidGFnIjoiIn0=
Content-Length: 89
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InFaeFB2SUh5ck93RUo0M2hJaEsvdWc9PSIsInZhbHVlIjoiQTNWUmg5SENTNW5CckZZVnRjb0g1VnowU0ZyOUV0dGoxTFVSd0tUSXlGanV3b3VSSFR2eWhyc0RwNmdZZS9CT2c3cTRkTUNjM1ZESHY1OWZqdG40MXBvZ04yRVZWRWFnaHhFWG9HeXEwbjlGQk1xMU40cnlVY3ZEay93akxxNTUiLCJtYWMiOiI1YTFiNWYxYWVlYzZiNGY2NmJmYWE4OTQ3ZmViNGY0ZDc5ZmQ2NzMxN2E0ZTllOGQ5MTA5YTJhODczZTA1YTQ1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6ImlzeE14VlBXTURNK1VZRWVjcTg4c3c9PSIsInZhbHVlIjoiK1N5M2NtdmV3NWduOHFDWm16SW1WSCsra2RvQ0E4WmcwaFcwZ2ZGRVlQVExUUVByay8wNXVRMWlTSUw2ekJSUXlUN3NrWHVjRjVvcjVucXhvS1pDUkdFMGpOQkhUck44S3RMSmdUSFRnbTlnUXViSWs3d1JrbU5oanltdzNiNjgiLCJtYWMiOiJiN2ViNjU5ZjY1Nzk5ZjhlNTBlOTViMzg0ZjJlODgzMjgxNzViOWQ2MmRjMDgwMWNiNDMwOTM3YWY5ZGJhNmQ5IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6InJ3TERjQUhWYXhib004ZTI2OWg4a1E9PSIsInZhbHVlIjoieWZZUnprcDgrRDFzRjRtcVhkeGJIeXZLdW5OWDRwcHIvVWJNaEhHZzNFTHZEL1FIZ3hTRTQ1TVJ6alczcUhlRGtYVFFBOWVpZCtMb080SVlyNFNINkRna21lWTdscEtESXBBVTkvR3hwREpFUm04S1FvRHZUcGFXb1lCOGtRWGQiLCJtYWMiOiIxMmQzMDg2Yzc3MWExOTM4NGM0YzljMjdiZWM0OTQ0NzY0MzUzY2ExM2IxMmFhMzZhNGY4MzgzZWFjNGZlNGZjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637089.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8; _dd_s=rum=1&id=19d0a3a6-fa37-49c3-8b44-ac482999724b&created=1675637087630&expire=1675637987630; websitespring-xsrf=eyJpdiI6IlBCa1FlTWZEZ3pmWkdBUGJFRUYrN1E9PSIsInZhbHVlIjoiUzEyMXNYUnk1VjFlQnBOcHBDbUR0MEY0RExVY2lKM2RaN0Nlbm9qQWlFMitva2duVExIV3hEZXhudnVpazBoeUtyVERRTkw5dkFQZjdPN3NNMmhWOXpaOW5jdkFaWVpDVVl6NFZLamNrdis3ZkxCMGI3aUE4Smw4VFlWUG1uQ1EiLCJtYWMiOiIzNDQ1MmNkMzI2YWNlYzNjNmMwZTVmMzA4YzUxYzY5YmViODZkNTgwZmUwNTExYTdiYWY0YzMwYmQ5ZGI2N2M4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 22:44:07 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu12.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=65
Connection: Keep-Alive
Content-Type: application/json
pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.96200 OK 80 B URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 49ccb1672036652093e2af110970392c
0a448340d7898a7cc714db06964c46d6db44ae74
3714771a4773e635f63ae32d648364782f11e72a0a60918baf978ebb6ec1c22d
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6ImlzeE14VlBXTURNK1VZRWVjcTg4c3c9PSIsInZhbHVlIjoiK1N5M2NtdmV3NWduOHFDWm16SW1WSCsra2RvQ0E4WmcwaFcwZ2ZGRVlQVExUUVByay8wNXVRMWlTSUw2ekJSUXlUN3NrWHVjRjVvcjVucXhvS1pDUkdFMGpOQkhUck44S3RMSmdUSFRnbTlnUXViSWs3d1JrbU5oanltdzNiNjgiLCJtYWMiOiJiN2ViNjU5ZjY1Nzk5ZjhlNTBlOTViMzg0ZjJlODgzMjgxNzViOWQ2MmRjMDgwMWNiNDMwOTM3YWY5ZGJhNmQ5IiwidGFnIjoiIn0=
Content-Length: 77
Origin: https://pdf-sharefile-doc.weeblysite.com
Connection: keep-alive
Referer: https://pdf-sharefile-doc.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InFaeFB2SUh5ck93RUo0M2hJaEsvdWc9PSIsInZhbHVlIjoiQTNWUmg5SENTNW5CckZZVnRjb0g1VnowU0ZyOUV0dGoxTFVSd0tUSXlGanV3b3VSSFR2eWhyc0RwNmdZZS9CT2c3cTRkTUNjM1ZESHY1OWZqdG40MXBvZ04yRVZWRWFnaHhFWG9HeXEwbjlGQk1xMU40cnlVY3ZEay93akxxNTUiLCJtYWMiOiI1YTFiNWYxYWVlYzZiNGY2NmJmYWE4OTQ3ZmViNGY0ZDc5ZmQ2NzMxN2E0ZTllOGQ5MTA5YTJhODczZTA1YTQ1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6ImlzeE14VlBXTURNK1VZRWVjcTg4c3c9PSIsInZhbHVlIjoiK1N5M2NtdmV3NWduOHFDWm16SW1WSCsra2RvQ0E4WmcwaFcwZ2ZGRVlQVExUUVByay8wNXVRMWlTSUw2ekJSUXlUN3NrWHVjRjVvcjVucXhvS1pDUkdFMGpOQkhUck44S3RMSmdUSFRnbTlnUXViSWs3d1JrbU5oanltdzNiNjgiLCJtYWMiOiJiN2ViNjU5ZjY1Nzk5ZjhlNTBlOTViMzg0ZjJlODgzMjgxNzViOWQ2MmRjMDgwMWNiNDMwOTM3YWY5ZGJhNmQ5IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6InJ3TERjQUhWYXhib004ZTI2OWg4a1E9PSIsInZhbHVlIjoieWZZUnprcDgrRDFzRjRtcVhkeGJIeXZLdW5OWDRwcHIvVWJNaEhHZzNFTHZEL1FIZ3hTRTQ1TVJ6alczcUhlRGtYVFFBOWVpZCtMb080SVlyNFNINkRna21lWTdscEtESXBBVTkvR3hwREpFUm04S1FvRHZUcGFXb1lCOGtRWGQiLCJtYWMiOiIxMmQzMDg2Yzc3MWExOTM4NGM0YzljMjdiZWM0OTQ0NzY0MzUzY2ExM2IxMmFhMzZhNGY4MzgzZWFjNGZlNGZjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637089.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8; _dd_s=rum=1&id=19d0a3a6-fa37-49c3-8b44-ac482999724b&created=1675637087630&expire=1675637987630; websitespring-xsrf=eyJpdiI6IlBCa1FlTWZEZ3pmWkdBUGJFRUYrN1E9PSIsInZhbHVlIjoiUzEyMXNYUnk1VjFlQnBOcHBDbUR0MEY0RExVY2lKM2RaN0Nlbm9qQWlFMitva2duVExIV3hEZXhudnVpazBoeUtyVERRTkw5dkFQZjdPN3NNMmhWOXpaOW5jdkFaWVpDVVl6NFZLamNrdis3ZkxCMGI3aUE4Smw4VFlWUG1uQ1EiLCJtYWMiOiIzNDQ1MmNkMzI2YWNlYzNjNmMwZTVmMzA4YzUxYzY5YmViODZkNTgwZmUwNTExYTdiYWY0YzMwYmQ5ZGI2N2M4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 22:44:07 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu45.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 80
Keep-Alive: timeout=10, max=59
Connection: Keep-Alive
Content-Type: application/json
pdf-sharefile-doc.weeblysite.com/uploads/b/781d24419ddb0f2dc82745f211d1d76cdc517e60f00c33afe22b91dfce8241d7/background_1627839728.jpg?width=1600&height=480&fit=cover&dpr=1
199.34.228.96200 OK 20 kB URL HTTP/1.1 pdf-sharefile-doc.weeblysite.com/uploads/b/781d24419ddb0f2dc82745f211d1d76cdc517e60f00c33afe22b91dfce8241d7/background_1627839728.jpg?width=1600&height=480&fit=cover&dpr=1
IP 199.34.228.96:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x544, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 947df6db17615f4351b7a02652e8ba9f
6360c53788656a184e0149122d6777aedbecaa40
176a2a68793a0358800bcbfe2502f0c6a3e786104d4ec017740fe7ef63715234
Analyzer Verdict Alert openphish Generic/Spear Phishing
GET /uploads/b/781d24419ddb0f2dc82745f211d1d76cdc517e60f00c33afe22b91dfce8241d7/background_1627839728.jpg?width=1600&height=480&fit=cover&dpr=1 HTTP/1.1
Host: pdf-sharefile-doc.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.editmysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InFaeFB2SUh5ck93RUo0M2hJaEsvdWc9PSIsInZhbHVlIjoiQTNWUmg5SENTNW5CckZZVnRjb0g1VnowU0ZyOUV0dGoxTFVSd0tUSXlGanV3b3VSSFR2eWhyc0RwNmdZZS9CT2c3cTRkTUNjM1ZESHY1OWZqdG40MXBvZ04yRVZWRWFnaHhFWG9HeXEwbjlGQk1xMU40cnlVY3ZEay93akxxNTUiLCJtYWMiOiI1YTFiNWYxYWVlYzZiNGY2NmJmYWE4OTQ3ZmViNGY0ZDc5ZmQ2NzMxN2E0ZTllOGQ5MTA5YTJhODczZTA1YTQ1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6ImlzeE14VlBXTURNK1VZRWVjcTg4c3c9PSIsInZhbHVlIjoiK1N5M2NtdmV3NWduOHFDWm16SW1WSCsra2RvQ0E4WmcwaFcwZ2ZGRVlQVExUUVByay8wNXVRMWlTSUw2ekJSUXlUN3NrWHVjRjVvcjVucXhvS1pDUkdFMGpOQkhUck44S3RMSmdUSFRnbTlnUXViSWs3d1JrbU5oanltdzNiNjgiLCJtYWMiOiJiN2ViNjU5ZjY1Nzk5ZjhlNTBlOTViMzg0ZjJlODgzMjgxNzViOWQ2MmRjMDgwMWNiNDMwOTM3YWY5ZGJhNmQ5IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6InJ3TERjQUhWYXhib004ZTI2OWg4a1E9PSIsInZhbHVlIjoieWZZUnprcDgrRDFzRjRtcVhkeGJIeXZLdW5OWDRwcHIvVWJNaEhHZzNFTHZEL1FIZ3hTRTQ1TVJ6alczcUhlRGtYVFFBOWVpZCtMb080SVlyNFNINkRna21lWTdscEtESXBBVTkvR3hwREpFUm04S1FvRHZUcGFXb1lCOGtRWGQiLCJtYWMiOiIxMmQzMDg2Yzc3MWExOTM4NGM0YzljMjdiZWM0OTQ0NzY0MzUzY2ExM2IxMmFhMzZhNGY4MzgzZWFjNGZlNGZjIiwidGFnIjoiIn0%3D; _snow_ses.a931=*; _snow_id.a931=74ba576e-fcf3-4a56-ab30-1902b2616fa4.1675637087.1.1675637089.1675637087.a0af299b-dcb9-4904-a6a5-e592fc696ed8; _dd_s=rum=1&id=19d0a3a6-fa37-49c3-8b44-ac482999724b&created=1675637087630&expire=1675637987630; websitespring-xsrf=eyJpdiI6IlBCa1FlTWZEZ3pmWkdBUGJFRUYrN1E9PSIsInZhbHVlIjoiUzEyMXNYUnk1VjFlQnBOcHBDbUR0MEY0RExVY2lKM2RaN0Nlbm9qQWlFMitva2duVExIV3hEZXhudnVpazBoeUtyVERRTkw5dkFQZjdPN3NNMmhWOXpaOW5jdkFaWVpDVVl6NFZLamNrdis3ZkxCMGI3aUE4Smw4VFlWUG1uQ1EiLCJtYWMiOiIzNDQ1MmNkMzI2YWNlYzNjNmMwZTVmMzA4YzUxYzY5YmViODZkNTgwZmUwNTExYTdiYWY0YzMwYmQ5ZGI2N2M4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 22:44:07 GMT
Content-Type: image/webp
Content-Length: 19664
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "DCjxHbZ8TWa71yPVAOUOstSayTRKSRi+5BBPqXNYYTE"
Fastly-Io-Info: ifsz=99985 idim=1600x544 ifmt=jpeg ofsz=19664 odim=1600x544 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000000289a48a-006285256f-b9fbc64-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zfc83
X-Storage-Object: fc833d925ec2b6e359a581787185194bca173e3085ed86399ce452003cdfb6f2
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10065-SJC, cache-pao17420-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1675637047.129252,VS0,VE127
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn127.sf2p.intern.weebly.net