Overview

URL pploansbaadmminserve.weebly.com/
IP199.34.228.54
ASNWEEBLY
Location United States
Report completed2022-09-22 21:30:39 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
2022-09-22 2 pploansbaadmminserve.weebly.com/ DocuSign
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-22 2 pploansbaadmminserve.weebly.com/ Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/ Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/files/theme/MutationObserver.js Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/files/theme/plugins.js?1663783093 Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/files/theme/custom-1.js?1663783093 Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/files/templateArtifacts.js?1663783655 Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/files/main_style.css?1663783655 Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/files/theme/jquery.pxuMenu.js?1663783093 Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/uploads/1/4/3/2/143241686/published/docusig (...) Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/files/theme/images/arrow-light.svg?1663783655 Phishing
2022-09-22 2 pploansbaadmminserve.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?Customer (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-22 04:32:28 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-22 05:01:22 UTC 52.41.246.187
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-22 04:32:02 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-22 04:32:00 UTC 23.36.76.226
mnemonic passive DNS cdn2.editmysite.com (17) 11564 2012-10-02 18:27:39 UTC 2022-09-22 07:39:43 UTC 151.101.85.46
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-22 14:28:12 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-22 05:24:31 UTC 34.160.144.191
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-22 14:06:31 UTC 93.184.220.29
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-22 04:31:53 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-22 15:29:18 UTC 142.250.74.10
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-22 07:21:26 UTC 35.82.13.103
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-22 17:04:12 UTC 143.204.55.115
mnemonic passive DNS pploansbaadmminserve.weebly.com (16) 0 No data No data 199.34.228.54 Domain (weebly.com) ranked at: 4470
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-22 04:34:04 UTC 34.117.237.239
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-22 19:06:03 UTC 142.250.74.10
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-22 20:44:09 UTC 142.250.74.164
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-22 04:32:00 UTC 142.250.74.104


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.54

Date UQ / IDS / BL URL IP
2022-12-03 04:28:57 +0000
30 - 0 - 23 filexfrshareadmin.weebly.com/ 199.34.228.54
2022-12-02 17:23:39 +0000
0 - 0 - 13 pubgfacebooklogin.weebly.com/ 199.34.228.54
2022-12-02 05:36:56 +0000
0 - 0 - 11 mail-pes-edu.weebly.com/ 199.34.228.54
2022-12-02 04:26:36 +0000
0 - 0 - 10 batalkanpemblokiran-akunfb.weebly.com/ 199.34.228.54
2022-12-01 14:50:36 +0000
0 - 0 - 24 docusignsecureadminserveer.weebly.com/ 199.34.228.54

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-12-03 06:10:02 +0000
0 - 0 - 9 jeser-102703.weeblysite.com/ 199.34.228.96
2022-12-03 06:04:11 +0000
0 - 0 - 3 tttt-108587.weeblysite.com/ 199.34.228.97
2022-12-03 04:58:48 +0000
0 - 0 - 2 att0fb.weeblysite.com/ 199.34.228.96
2022-12-03 04:31:44 +0000
0 - 0 - 14 btinternetmed.weebly.com/ 199.34.228.53
2022-12-03 04:28:57 +0000
30 - 0 - 23 filexfrshareadmin.weebly.com/ 199.34.228.54

Last 5 reports on domain: weebly.com

Date UQ / IDS / BL URL IP
2022-12-03 04:31:44 +0000
0 - 0 - 14 btinternetmed.weebly.com/ 199.34.228.53
2022-12-03 04:28:57 +0000
30 - 0 - 23 filexfrshareadmin.weebly.com/ 199.34.228.54
2022-12-02 17:59:39 +0000
0 - 0 - 14 segeraverifikasiakun-ef.weebly.com/ 199.34.228.53
2022-12-02 17:23:56 +0000
0 - 0 - 13 kucoin-lgin.weebly.com/ 199.34.228.53
2022-12-02 17:23:39 +0000
0 - 0 - 13 pubgfacebooklogin.weebly.com/ 199.34.228.54

No other reports with similar screenshot



JavaScript

Executed Scripts (27)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (69)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 21:14:03 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cjmC6XSsy2z5y8-MY6OI653KWaGr0g825wvlSMbWvQCgBCdTxt1uPw==
Age: 985


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16709
Expires: Fri, 23 Sep 2022 02:08:57 GMT
Date: Thu, 22 Sep 2022 21:30:28 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 22 Sep 2022 21:30:28 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=pploansbaadmminserve.weebly.com
Vary: X-W-SSL,User-Agent
Location: https://pploansbaadmminserve.weebly.com/
X-Host: blu32.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 406
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   406
Md5:    e2f1d623e558a3a25b64d664d1a5a485
Sha1:   036eb392ead7a372cc741bf0534e8e3d1926d37d
Sha256: ea5c511718b062f34200c851fcbca3016f5a9ad380b18481a5a5cba15b31611c

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8129
Expires: Thu, 22 Sep 2022 23:45:57 GMT
Date: Thu, 22 Sep 2022 21:30:28 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: yFd8gyNFZFOXqfbnlt9wIJFkOghMrJ+LC4F1yd1FOfBKwSIEJoUy+phJL/gnBKusOAFFp6HWyaw=
x-amz-request-id: E7W0XWZRNN5328BM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Sep 2022 20:44:02 GMT
age: 2786
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 21:30:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1480
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 21:30:28 GMT
Last-Modified: Thu, 22 Sep 2022 21:05:48 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 21:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 21:11:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VfnfdFjx8hIylLKVI5TrZfUaftVaP9wsPZIPdLoOJMDQYVvI-G-1JA==
Age: 1626


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3754
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 21:30:29 GMT
Last-Modified: Thu, 22 Sep 2022 20:27:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 22 Sep 2022 21:30:29 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=pploansbaadmminserve.weebly.com language=en; expires=Thu, 06-Oct-2022 21:30:29 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"8eb7ebf4866fa46221735e3702630d8f-gzip"
Content-Encoding: gzip
X-Host: blu116.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 5838
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (861)
Size:   5838
Md5:    b36bdf2db5d1168e3f16e1ee49111b75
Sha1:   bb1e3ae23e3f547c84e1da24afa815eb759b31ff
Sha256: 273401c47818d50a74cff27e9e0c77abd05a089d93ff705df0ea28d6d17b9508

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /css/old/fancybox.css?1663714980 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:44:38 GMT
etag: "632a4256-f47"
expires: Tue, 04 Oct 2022 23:06:01 GMT
cache-control: max-age=1209600
x-host: grn30.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 167068
x-served-by: cache-sjc10071-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 85
x-timer: S1663882229.319639,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /js/site/footerSignup.js?buildTime=1663851886 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 22 Sep 2022 12:50:15 GMT
etag: "632c5a07-e10"
expires: Thu, 06 Oct 2022 13:07:17 GMT
cache-control: max-age=1209600
x-host: grn14.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 30193
x-served-by: cache-sjc10078-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 134
x-timer: S1663882229.319875,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1372
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3600), with no line terminators
Size:   1372
Md5:    121a5b9688d8e70ee7bb06cc79491f76
Sha1:   3a28220baa7d8879270c8311bed7dddefa7e43e9
Sha256: 181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
                                        
                                            GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: image/png
                                        
x-guploader-uploadid: ADPycdtBep7ROccdUt9-QNl5VbmRIpCUwFb5y0r5I6-vVE2nBsM9PCbzHI6xHxQIvmEjxA2YbetFcXQVHBR8TKD8jioOTQFmXNb8
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
expires: Sun, 17 Apr 2022 00:19:21 GMT
cache-control: public, max-age=86400, s-maxage=259200
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
via: 1.1 varnish
age: 248160
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1174
x-timer: S1663882229.320405,VS0,VE0
access-control-allow-origin: *
content-length: 9677
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Size:   9677
Md5:    6e0f7ad31bf187e0d88fc5787573ba71
Sha1:   14e8b85cc32a01c8901e4ac0160582d29a45e9e6
Sha256: 580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
                                        
                                            GET /css/social-icons.css?buildtime=1663714980 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:44:33 GMT
etag: W/"632a4251-3319"
expires: Tue, 04 Oct 2022 23:06:01 GMT
cache-control: max-age=1209600
x-host: blu96.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 167067
x-served-by: cache-sjc10064-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 81
x-timer: S1663882229.321784,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1639
Md5:    f56c074399d7814f1e4ccfb66b28a1bc
Sha1:   3421622115a537b82970e6b50d701096da5130c5
Sha256: 702eec4aa184d3770aac98242b9ae81b3a6fd505138cc5d55c8d849310298f4f
                                        
                                            GET /fonts/Karla/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:41:03 GMT
etag: "632a417f-6ae"
expires: Thu, 06 Oct 2022 18:07:04 GMT
cache-control: max-age=1209600
x-host: grn38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 12205
x-served-by: cache-sjc10034-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663882229.322530,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 322
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   322
Md5:    d71cf3f7d1a0aeba7d9f9af0aec9eeef
Sha1:   0df230495adb47cd3d83ae78d6fd695f826b55e5
Sha256: da2980fa5103aadeafa7f1d903e44567f97d612ce52e17e4f03074ae4c7bccb6
                                        
                                            GET /fonts/Oswald/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:41:03 GMT
etag: "632a417f-4f0"
expires: Thu, 06 Oct 2022 18:07:03 GMT
cache-control: max-age=1209600
x-host: grn136.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 12205
x-served-by: cache-sjc10048-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663882229.322296,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 300
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   300
Md5:    b4e1fa8edbbb593aefc47d16b3254da7
Sha1:   f9b4e2c9b0df700a2a892be0c0853f92211a5656
Sha256: ddb677f162840a44ef4cdf085c35379f76e5b88162205a32cdf584acd826b1c3
                                        
                                            GET /js/site/main.js?buildTime=1663714980 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:44:55 GMT
etag: "632a4267-74804"
expires: Tue, 04 Oct 2022 23:06:01 GMT
cache-control: max-age=1209600
x-host: grn29.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 167068
x-served-by: cache-sjc10027-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663882229.319881,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            GET /css/sites.css?buildTime=1663714980 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:44:33 GMT
etag: W/"632a4251-347ac"
expires: Tue, 04 Oct 2022 23:06:00 GMT
cache-control: max-age=1209600
x-host: grn92.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 167068
x-served-by: cache-sjc10072-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 133
x-timer: S1663882229.325662,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /js/lang/en/stl.js?buildTime=1663714980& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:43:41 GMT
etag: "632a421d-2c4a6"
expires: Tue, 04 Oct 2022 23:06:00 GMT
cache-control: max-age=1209600
x-host: grn120.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 167068
x-served-by: cache-sjc10068-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663882229.322817,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32828
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32828
Md5:    9a49c00a13898c31cb9ae140287b524d
Sha1:   79aa80ae3e30b6f4ea929e6e118b16c68db216c2
Sha256: 7d4c52ebfd0e158669a414ec9c2ee33a1296b20d59370d8b3193c1ec81a9ec35
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/MutationObserver.js HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 14:16:26 GMT
x-rgw-object-type: Normal
ETag: W/"e52201e96af18dd02c85eb627c843491"
x-amz-request-id: tx000000000000001e8ea5c-006284b25c-b9fbc7f-sfo1
X-Storage-Bucket: z3974
X-Storage-Object: 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a
X-Host: grn41.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   6842
Md5:    a502a64ac17dab318a72b5c6f667e5d6
Sha1:   9b623c5cdc2c288649ff13504131ea2c382e700d
Sha256: b0d53c00940847c4638accf26f204ef4569affa4a686ebcc5d3cc87d1697aa9d

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 09:37:50 GMT
expires: Sun, 17 Sep 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 474759
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fxWYjhYhfiOTg+P4GM3ZRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.246.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XiEo8IjvVb/SSEV+zNdoexkO46w=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/plugins.js?1663783093 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b6b5e9-0062847b2f-b9fbc63-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu81.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   15721
Md5:    43e6b0bb6eb6524188831a282f7656d7
Sha1:   44e73fe367fc1fb8efee7eefac557b7d76ef0f44
Sha256: 9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /files/theme/custom-1.js?1663783093 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 26 Oct 2021 13:57:32 GMT
x-rgw-object-type: Normal
ETag: W/"214dde43cebf15418cdcc76f9677ee46"
x-amz-request-id: tx000000000000010e10358-0061c07192-a9f41e7-sfo1
X-Storage-Bucket: zcfbf
X-Storage-Object: cfbf67a85c039719090cff2c4718de99203b1ced78cfb8fae5f7240d2f1570b7
X-Host: grn40.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   4097
Md5:    9f3b0abe72c25dcd381cb41900970422
Sha1:   559cf4346ff62e549e9b5d9856fb6d1d1139eb8b
Sha256: 297782594ab453c80e206ae349690e2580655f5b6700c32b2a9a8a167917ffb6

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /files/templateArtifacts.js?1663783655 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu41.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (1630)
Size:   1632
Md5:    e0836e8203c22b8e4086f27e91e86f5a
Sha1:   28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
Sha256: 32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /files/main_style.css?1663783655 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu61.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (815)
Size:   7193
Md5:    1f3befc2401cba81fa052a74df28a8c2
Sha1:   34d7b0b1cce34d6e930e41312a590344b3df2489
Sha256: 4048043e86ff3187a05c1e619acaad999e6b5228beae0b020e9c94a0c8294431

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /files/theme/jquery.trend.js?1663783093 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001c81ef1-0062848a69-b9fbc29-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: grn123.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3775
Md5:    4beccebe0a060b2b2c43de5c2d4512ef
Sha1:   250a779dd017877b9f360b264cf072d9e87974ff
Sha256: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
                                        
                                            GET /files/theme/jquery.pxuMenu.js?1663783093 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 13:50:18 GMT
x-rgw-object-type: Normal
ETag: "ac373d716afe4270df40f60417b0f418"
x-amz-request-id: tx000000000000001e53eb5-006284b0eb-b9fbc20-sfo1
X-Storage-Bucket: zf755
X-Storage-Object: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
X-Host: grn79.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   3697
Md5:    ac373d716afe4270df40f60417b0f418
Sha1:   aba148148c771bb66b0b4aeab6eac8eb40352745
Sha256: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /files/theme/jquery.revealer.js?1663783093 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:29 GMT
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx00000000000000205e3fa-006284d0b0-b9fbc7f-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: grn123.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2828
Md5:    c22ab67199a33d876512504cda4ff55b
Sha1:   36e96eae4644b6028532974fe5186a072792cb37
Sha256: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
                                        
                                            GET /uploads/1/4/3/2/143241686/published/docusign-logo-small.png?1663783448 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:30 GMT
Content-Length: 1893
Connection: keep-alive
Last-Modified: Tue, 01 Jun 2021 16:42:30 GMT
x-rgw-object-type: Normal
ETag: "23fda31ccdfacfd58e0ed6b6891f7b81"
x-amz-request-id: tx000000000000006be2b34-00632b5cc2-c669cc6-sfo1
X-Storage-Bucket: z44a2
X-Storage-Object: 44a24de60032d46b0d7b03a6a33c7bd90f3a3390847543f272c8e258b2d1a29d
X-Host: blu70.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 106 x 30, 8-bit gray+alpha, non-interlaced\012- data
Size:   1893
Md5:    23fda31ccdfacfd58e0ed6b6891f7b81
Sha1:   8eaa4544ecc80c8d69148bf24101f4f0d4f98962
Sha256: 44a24de60032d46b0d7b03a6a33c7bd90f3a3390847543f272c8e258b2d1a29d

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:18:50 GMT
etag: "6321feea-124fe"
expires: Thu, 29 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:30 GMT
age: 651110
x-served-by: cache-sjc10051-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1716
x-timer: S1663882230.102798,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /fonts/Karla/bold.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:41:03 GMT
etag: "632a417f-2c78"
expires: Thu, 06 Oct 2022 18:07:15 GMT
cache-control: max-age=1209600
x-host: grn113.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:30 GMT
age: 12195
x-served-by: cache-sjc10080-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663882230.145594,VS0,VE1
access-control-allow-origin: *
content-length: 11384
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11384, version 1.0\012- data
Size:   11384
Md5:    feb6c980c7d633c192a19b13047270b8
Sha1:   9ca9a681147d49ad3ba857e740d2a335e6f61812
Sha256: 8749b48067af37c72625416cc5da9fdde06df26bff1f471461dec1bbdaf43f78
                                        
                                            GET /fonts/Karla/italic.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:41:03 GMT
etag: "632a417f-2d44"
expires: Thu, 06 Oct 2022 18:07:18 GMT
cache-control: max-age=1209600
x-host: grn5.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:30 GMT
age: 12192
x-served-by: cache-sjc10042-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663882230.145621,VS0,VE1
access-control-allow-origin: *
content-length: 11588
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11588, version 1.0\012- data
Size:   11588
Md5:    e67166d5a90970d2f16807e98b6e2f5c
Sha1:   1cbfee75f4c8d6048f590b25d794defd8c6cbb44
Sha256: 1acfa5454d1c7c28845055b6af96dd51a9e51223b92281263c2f9d6b2f5c4c5a
                                        
                                            GET /fonts/Oswald/bold.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:41:03 GMT
etag: "632a417f-27bc"
expires: Thu, 06 Oct 2022 18:07:06 GMT
cache-control: max-age=1209600
x-host: blu89.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:30 GMT
age: 12204
x-served-by: cache-sjc10048-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1663882230.149828,VS0,VE1
access-control-allow-origin: *
content-length: 10172
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Size:   10172
Md5:    58e5c92fd1a1fc89b8ca6d74ce4793b8
Sha1:   337771c465778aeed6de18195e0cbe9d9098d299
Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:11:25 GMT
expires: Sat, 16 Sep 2023 16:11:25 GMT
cache-control: public, max-age=31536000
age: 537545
last-modified: Mon, 11 Jul 2022 18:56:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22168, version 1.0\012- data
Size:   22168
Md5:    aecf4656f9d639613cf46bf25e28a08b
Sha1:   b51fb5207f34b7283474875e2493591784c09947
Sha256: f39f934bc7f7b1b4dfa532f4b38dac960a3a7ad6bb9789a412f03bdcb4abd9f5
                                        
                                            GET /css/free-footer-v3.css?buildtime=1663851886 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 22 Sep 2022 12:49:48 GMT
etag: "632c59ec-a49"
expires: Thu, 06 Oct 2022 13:07:17 GMT
cache-control: max-age=1209600
x-host: grn64.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:30 GMT
age: 30192
x-served-by: cache-sjc10075-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 125
x-timer: S1663882230.251667,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 886
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2632)
Size:   886
Md5:    5c465ace654da8d0e367f91e7751ae62
Sha1:   f218f483eccbba5be90abf97eff819569329f8b7
Sha256: 0c91c8e311bc809644913a2ff023585ba587ecfc834ba3cd152544e75d422bd9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?_=1663882229648 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Thu, 22 Sep 2022 21:30:30 GMT
date: Thu, 22 Sep 2022 21:30:30 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   556
Md5:    27b68162c75bebb4dacf518c46e974d5
Sha1:   99abc7e3e02891bec5de3dda3cb18a6f865f82bc
Sha256: 93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
                                        
                                            GET /files/theme/images/arrow-light.svg?1663783655 HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/files/main_style.css?1663783655
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/svg+xml; charset=us-ascii
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:30 GMT
Content-Length: 886
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 04:38:52 GMT
x-rgw-object-type: Normal
ETag: "552eb2e04260fc0733e5633d15c6aeaa"
x-amz-request-id: tx000000000000001c90865-006284965b-b9fbc77-sfo1
X-Storage-Bucket: z705f
X-Storage-Object: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Content-Disposition: attachment
X-Host: grn41.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   886
Md5:    552eb2e04260fc0733e5633d15c6aeaa
Sha1:   0a9efcc3b0ebabb23a49a00061fd8200eded1613
Sha256: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            GET /images/landing-pages/global/logotype.svg HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1663851886
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: image/svg+xml
                                        
x-guploader-uploadid: ADPycduITtRhv_5h862549JhDllw6e8s6BnV_OXwumpJRf4tFUCeyTwCkktV2dvyagvDEGSph_ZPdebwS4sUYTbNDwxM4yW9wl-L
cache-control: public, max-age=86400, s-maxage=259200
expires: Sat, 17 Sep 2022 00:08:57 GMT
last-modified: Wed, 10 Oct 2018 21:37:00 GMT
etag: "bc61dcb431a14c508075eeff4f74523a"
x-goog-generation: 1539207420450301
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3507
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
x-goog-storage-class: STANDARD
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:30 GMT
via: 1.1 varnish
age: 249661
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 947
x-timer: S1663882230.302832,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1488
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2858)
Size:   1488
Md5:    0d1c9fb7005532e7b245cfdf1280d805
Sha1:   2466421992f1fb0e44829833aaee7afc0e5ac7cc
Sha256: 8691b92eed1360903b2182d81e491c80141d0cd051366ce3e8c4f359538eb1ff
                                        
                                            GET /fonts/SQ_Market/sqmarket-medium.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-7830"
expires: Wed, 28 Sep 2022 08:35:40 GMT
cache-control: max-age=1209600
x-host: blu74.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:30 GMT
age: 737690
x-served-by: cache-sjc10054-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 510
x-timer: S1663882230.314062,VS0,VE0
access-control-allow-origin: *
content-length: 30768
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30768, version 1.393\012- data
Size:   30768
Md5:    2344124773c71bf4fa4ad407e7c3a467
Sha1:   3394a43ab1efab8a22a1f07222f7f02a9e12cbb8
Sha256: bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /uploads/1/4/3/2/143241686/background-images/2021790771.png HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:30 GMT
Content-Length: 20949
Connection: keep-alive
Last-Modified: Sun, 21 Aug 2022 23:08:08 GMT
x-rgw-object-type: Normal
ETag: "d72f86989d9e4c42e93081d50a52c77e"
x-amz-request-id: tx000000000000005cd0666-00632b5b8b-c6aed46-sfo1
X-Storage-Bucket: z2cb0
X-Storage-Object: 2cb0a4d51d7a42b12177332450a17d2c54e207525166c99482a146f79967e89e
X-Host: blu76.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1352 x 675, 8-bit/color RGBA, non-interlaced\012- data
Size:   20949
Md5:    d72f86989d9e4c42e93081d50a52c77e
Sha1:   66337b628929ac6a192aad01817e1163253fee49
Sha256: 2cb0a4d51d7a42b12177332450a17d2c54e207525166c99482a146f79967e89e

Alerts:
  Blocklists:
    - openphish: DocuSign
                                        
                                            GET /uploads/1/4/3/2/143241686/background-images/2068409357.png HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:30 GMT
Content-Length: 29842
Connection: keep-alive
Last-Modified: Mon, 07 Oct 2019 11:07:23 GMT
x-rgw-object-type: Normal
ETag: "c1a23fda4efb2b01ad29dbc0ce1b9e3a"
x-amz-request-id: tx000000000000004bfd86d-006329edab-c6aed46-sfo1
X-Storage-Bucket: zdb8d
X-Storage-Object: db8dc7c21caff1f4ec6d2b4875998ed69ec7cb3df7f973749f73369ce3ad3d20
X-Host: blu70.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1122 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size:   29842
Md5:    c1a23fda4efb2b01ad29dbc0ce1b9e3a
Sha1:   72483181e3cdac891e3a9a9089ef5ad0b307155b
Sha256: db8dc7c21caff1f4ec6d2b4875998ed69ec7cb3df7f973749f73369ce3ad3d20

Alerts:
  Blocklists:
    - openphish: DocuSign
                                        
                                            GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 143581
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (581)
Size:   157726
Md5:    6519c7c04cf32a57b1c5ee45a73c233e
Sha1:   4939bb921988e9eb13780cc2244f3099776e9bfb
Sha256: 8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.104
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 22 Sep 2022 20:17:11 GMT
expires: Thu, 22 Sep 2022 22:17:11 GMT
cache-control: public, max-age=7200
age: 4399
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2592
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:30:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2592
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:30:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2592
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:30:30 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: itH-GLLUay6dtfjGStUDeT3wOwVf-S3tWSY31HjriEFaRUiD8aFKNw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:06:02 GMT
age: 15868
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14397
Md5:    c0201d377c57a684452c0d26372e674d
Sha1:   3829f81048cc63b5f0d1e82dfbe3b8e31646e733
Sha256: efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:03 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
age: 83667
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11286
Md5:    9becda6e892a190dbbc63216ae697506
Sha1:   ba3369e1827d8f01ca10acb8648195847dd02ffd
Sha256: d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5650
x-amzn-requestid: 41ceb886-c038-4ba0-9e3a-a27879cf48ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwjFVjoAMFWNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84d0-3f4f6a367c893c7a0669dffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d8Kelwi2OY0jt17q80szh8-ErN3ZQM1hhl3HZeNQvlKijygQIJtNww==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:00 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
age: 83670
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5650
Md5:    a5edcd9aee78a6cacc9241b47cbce598
Sha1:   f95b843029e84dbb188427a8c2ff8c9f32740465
Sha256: 6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 86168
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10754
Md5:    af5773255351157d72c28a670a355c60
Sha1:   c803e5866edbe6c9baec14e93677f610bdf09bff
Sha256: 3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.710a=*; _snow_id.710a=9873332a-aa90-48ed-ac58-ddf207c8585e.1663882230.1.1663882230.1663882230.c87f8db8-a218-4ef8-b514-521fc29342fc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 22 Sep 2022 21:30:30 GMT
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001ac862e-0062847767-b9fbc20-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu137.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    4d27526198ac873ccec96935198e0fb9
Sha1:   b98d8b73ad6a0f7477c3397561b4aab37bf262aa
Sha256: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4

Alerts:
  Blocklists:
    - openphish: DocuSign
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 86168
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8678
Md5:    91c56f0b9810bfdd84e10a626b89e389
Sha1:   15d83e44d568938b6c9c87201e898cedb3edec0a
Sha256: 942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:04:27 GMT
age: 23163
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12048
Md5:    c2db94039cb675cb250519fe57b2b3c9
Sha1:   37222a70df5d9a69073b4b32ebc3a5da60006001
Sha256: 444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 21:30:30 GMT
Last-Modified: Thu, 22 Sep 2022 19:53:19 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AlhKTGnoV4Q5lYh2j2PIOowMR47RarW1bjJ_qkCmKe0XRw2Mlqn0ag==
Age: 5831

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 21:30:30 GMT
Last-Modified: Thu, 22 Sep 2022 20:11:17 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DgYEX7SzTynaZJTAvOxZQCgQJHvc8brju0tFCsfd1sCQRKgkSKUNyQ==
Age: 4753

                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: pploansbaadmminserve.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.710a=*; _snow_id.710a=9873332a-aa90-48ed-ac58-ddf207c8585e.1663882230.1.1663882230.1663882230.c87f8db8-a218-4ef8-b514-521fc29342fc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.54
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 22 Sep 2022 21:30:30 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu100.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=60
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Alerts:
  Blocklists:
    - openphish: DocuSign
    - fortinet: Phishing
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pploansbaadmminserve.weebly.com/
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.82.13.103
HTTP/2 200 OK
                                        
date: Thu, 22 Sep 2022 21:30:30 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://pploansbaadmminserve.weebly.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2

                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1802
Origin: https://pploansbaadmminserve.weebly.com
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.82.13.103
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 22 Sep 2022 21:30:31 GMT
content-length: 2
server: nginx
set-cookie: sp=119cd543-4643-4b7e-8acf-999f11a0b3ec; Expires=Fri, 22 Sep 2023 21:30:31 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://pploansbaadmminserve.weebly.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1663714980 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 20 Sep 2022 22:44:55 GMT
etag: "632a4267-82588"
expires: Tue, 04 Oct 2022 23:06:01 GMT
cache-control: max-age=1209600
x-host: grn43.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:30:29 GMT
age: 167067
x-served-by: cache-sjc10048-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663882229.320068,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 159020
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pploansbaadmminserve.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 21:30:29 GMT
date: Thu, 22 Sep 2022 21:30:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---