r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12266
Expires: Thu, 15 Dec 2022 08:09:19 GMT
Date: Thu, 15 Dec 2022 04:44:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9149
Expires: Thu, 15 Dec 2022 07:17:22 GMT
Date: Thu, 15 Dec 2022 04:44:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 04:08:56 GMT
content-type: application/json
age: 2157
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16707
Expires: Thu, 15 Dec 2022 09:23:20 GMT
Date: Thu, 15 Dec 2022 04:44:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1XGmbC4zQwanvSnkcwEtBuRLD9GJk80uLYAdktN/ZTTImLEioROi6EnT1TVx/tVPYpiAZKDKze8=
x-amz-request-id: BVDGB8PR0EDX3K51
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 03:52:37 GMT
age: 3136
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
whcjudaicashop.org/
199.34.228.179301 Moved Permanently 362 B IP 199.34.228.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 59705bf17cb1818cd876bfb34d298e8e
ee120b3bf7df4bfffe202764931db8e63192213a
377d3e1cbef8dfca0c2c4c1c06a2c84b87ef5f554b2d05698da1d56ab6d956f2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 15 Dec 2022 04:44:53 GMT
Location: http://www.whcjudaicashop.org
Set-Cookie: publishedsite-xsrf=eyJpdiI6ImI5RmVRWHU5aVwvTFBDMVVpRm1FZ0J3PT0iLCJ2YWx1ZSI6IjVtNnltQm1IeFJvNkZKdXBKREVua29DQzNuemhjREFwUFNpcklDS2lqakh5ZXFQQ1J1Z2dcL251MWJOMmo4bXA5K1RuV1p0d0pZZDJzOGtyaTJWTWRRdldzMGRraE1JVXo0T2U1TWdJSGNZWGVtTWFvejVZaFdpbnRhMFwvUlRzZWgiLCJtYWMiOiIxN2FkYTg1MGJkM2EzZmI5ZDhiYjM4Mzg2MzFhMTkzYjVhZWM4NzExMWU5ZGU0Y2JiNWNmZjI4NDkxZmM1NzNlIn0%3D; expires=Thu, 29-Dec-2022 04:44:53 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6Im9ZZmI0YXFwTTJKOFpYSEE5TjRLWlE9PSIsInZhbHVlIjoiK2FCTkxaYnk5OXdDZUxuNkVSYU1PS08zMzZhQlE3MkNIY0tvOWFscHl0NTl6VDhYNEdGbWVaVkRkOVRCSGhwNTNUditQd21yNzdNYTNONURhSUZQaHY2d1hqXC85a0ZJSmVhWk10Z3Y0cmtDalc0Wmp2RFhySlJPd0IzS3FUV1VsIiwibWFjIjoiYzZjYjIxMGI5ODZjNzkzY2I3MjM0OWI3ZThiODQ0Y2M1NTQ0MTYxZjMzYWM1OWU4MDAzZTY3YmZlZGEzNzJhNSJ9; expires=Thu, 29-Dec-2022 04:44:53 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6InI1SDJWZ1pZV0VETHdrTzhwOFRhV2c9PSIsInZhbHVlIjoieExnUXlcLytEYytHYXIxbjZWNlV3M29mS0h2c0l3NzJyK2ZWemRWTHZZK1JGc2ZKcTZ5dkdoSXBJWEZMNFE1QlNPWVwvRStnRnd0czlJaVE1R1JRXC9aY1wvQitaUXVaYnIyMGRTTHNOYnZQS1RcLzc1Q0tKZHkrRUc5aVk3UHRpWUlYWCIsIm1hYyI6ImMxYTVkZGUyNmI3MTFiOTQzOWVmOTYxNTc5YWNjODViYWFlYzNhZWQ1NTY1MWQ5YzFkNzAzNDcxNzlhYzIwOGEifQ%3D%3D; expires=Thu, 29-Dec-2022 04:44:53 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn47.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: ffbbd1119f8b2284d81aa2ef80824599
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 04:44:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 04:08:00 GMT
age: 2213
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.whcjudaicashop.org/
199.34.228.179302 Found 366 B IP 199.34.228.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7215a9697a0738af4c746d3f0f8c4cd9
77f993a1fa59e97fc9312b04248b6a5f4260d25a
8f0e15a0fd91b8679a40f807302f50dfceaa61eec0be71dc9eb63439540c3c30
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 15 Dec 2022 04:44:53 GMT
Location: https://www.whcjudaicashop.org
Set-Cookie: publishedsite-xsrf=eyJpdiI6Ijk0VW1iMUFBaXZycE5FYWNQb3k4MGc9PSIsInZhbHVlIjoiTWRzRktxWHcyVm1OYnJGRGFBbFFtdWppWEFQdTd4eDg4dGdSMzJqeGJGZkczbWlyMUFNVkM2bTM5dkFsTHFJelJOYmxNWHdXM3poZWVVVGhFVUxaeE9BblJUYXZ6WllrOW5Jc2xoaFRRU0tVVlZtQW1LYzVPVUNXM3pMY1hWbGYiLCJtYWMiOiIyMmU4MzMzYzllM2ZlNDZhYzc4Nzc0ZDZkOGU4NzYwMGE1ZWE2ODRhYzVmOWM3ZjFkMDY2ZGZmNGUyZThjZWJkIn0%3D; expires=Thu, 29-Dec-2022 04:44:53 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IkR1QzRcL0hmc201a2oycnd1WEI3THN3PT0iLCJ2YWx1ZSI6ImJHakp0bVN1Q3FuODRRSGh2SDNEcXR1TWdMWkNpd3pcL1k2ZFY4cWkrRGk5aG1EeERSeVRuTXl6SHVtUlJrU2I4UVk2eHVodnhcLzlGK0FjbTc4Z3ZRWG1HNWJ6MUpHOERsT0ZzM3FPMVFkM1pHbUM3dDlWZG9rUlgxMTNxWkNZN1UiLCJtYWMiOiI4NTkzZjViYzU0MzY2MTNmMGQyYjhmYWZlOWE2MmFiZTEyNzNjMTI2NGU4Mzg4MTc5NDNjODljM2U1YzhmNmRlIn0%3D; expires=Thu, 29-Dec-2022 04:44:53 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6ImNPSENyR1BjbEs1THdBNnZLTU12bmc9PSIsInZhbHVlIjoiV3R3cVlMRVdmR0grdURFY1RcL3J3aGdQUkhvTEYxeVdqYVdkREpZMHpyXC9qN2xGUFl4MWpaTkxhRTcraXliK3NiR0tvb1hSb2N6ekw4ckhNdjU0d0NrcHZpVUFSTWFpK2xnSzA5XC9jS2JXK013TTI5K3VzNU4wUUdGdStHV3hnZGMiLCJtYWMiOiI3ZDRjNzIzOGU4OWQ3YTZlYzkzNGIxZTFhMGM1OGZjOTE4OTQyZGMyMDNlNDUzMjhhOTNlNDFhNWE3YTNlODBiIn0%3D; expires=Thu, 29-Dec-2022 04:44:53 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu127.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: c5343b4d4bef144545be4fbd8b30683f
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3734
Cache-Control: max-age=105857
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:53 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 10:09:10 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M8m7nGzalq5npFCv4xV+pA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oDukP/z0umwIQJAY3UGiuzqaZ+A=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89f8c3ca20b71ebd84490e337373f458
54445adc9aa79bbe348769183f80b3aa940b6c84
caad0beab724fc300f9d6c811477307392319c6434706dcb7a43c8b221dcc5ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CAAD0BEAB724FC300F9D6C811477307392319C6434706DCB7A43C8B221DCC5ED"
Last-Modified: Tue, 13 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Dec 2022 10:44:54 GMT
Date: Thu, 15 Dec 2022 04:44:54 GMT
Connection: keep-alive
cdn3.editmysite.com/app/website/css/site.5d39e50b44a9532bd108.css
151.101.1.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.5d39e50b44a9532bd108.css
IP 151.101.1.46:0
File type Unicode text, UTF-8 text, with very long lines (64921), with no line terminators
Hash cd3b1c92027888d72fefcf16b097699f
f326c1d14a11754658098d923e660916bccba258
180e23ade9395ec6d4088dbe66fc41610546b3c0a98e7b4a45a65c6578980b90
GET /app/website/css/site.5d39e50b44a9532bd108.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Tue, 13 Dec 2022 19:41:05 GMT
x-rgw-object-type: Normal
etag: W/"9516c4101d993ac5d56812d063287e78"
x-amz-request-id: tx000000000000047ed027c-006398d5bf-c696eea-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 0625b7f352949e07f02ab800229ac2c480278de0
x-request-id: 00163a41bedcfca06e97384b326480c7
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 15 Dec 2022 04:44:54 GMT
via: 1.1 varnish
age: 118780
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1671079495.604844,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24157
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.bb94b1d7b652cf50558f.js
151.101.1.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.bb94b1d7b652cf50558f.js
IP 151.101.1.46:0
File type ASCII text, with very long lines (51216)
Hash 73921bf43f0d9c73d8bd36171ee99242
2a0cf18eedf401a40923c4d50034ede480e1a679
9ba29af71e7eb28e3614936f65ac9b2afbb4df25ab824e0f17b0eb240ddde63a
GET /app/website/js/runtime.bb94b1d7b652cf50558f.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 14 Dec 2022 00:14:15 GMT
x-rgw-object-type: Normal
etag: W/"2245e55abc10d904b73f449131145d21"
x-amz-request-id: tx0000000000000481a3cc9-00639915bd-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.bb94b1d7b652cf50558f.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d8424f0ddb3cca6a14409b331215b3409eec607
x-request-id: f2e2b5fa02c7d29cf795e73c247dbe8c
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 15 Dec 2022 04:44:54 GMT
via: 1.1 varnish
age: 102502
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1671079495.606464,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25069
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.1.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.1.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 15 Dec 2022 04:44:54 GMT
via: 1.1 varnish
age: 2604233
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1671079495.608759,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.1.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.1.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000003b70ac6d-006384ffda-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: bc9c9b147c802d76500971d6773c4126ddad6f5d
x-request-id: 40250d3662d1b25130b369a7dbbdc2eb
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 15 Dec 2022 04:44:54 GMT
via: 1.1 varnish
age: 792818
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1671079495.609516,VS0,VE4
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 69741e9a534ac7d6f55b3e2de374ebc3
61d9ea9edcaec3fcd0d7bd2fbeca521d81c376d7
b9e2d80d396f14234c8812ac2b850fcf405772fb94f77cfb6f474c419b7fe996
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 04:44:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "535287CCBFF5EA4AEA8A79BCEB4B461A5BE1192A"
Expires: Thu, 15 Dec 2022 16:00:00 GMT
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2285
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779c86d98d86b4f7-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16849
Expires: Thu, 15 Dec 2022 09:25:44 GMT
Date: Thu, 15 Dec 2022 04:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16849
Expires: Thu, 15 Dec 2022 09:25:44 GMT
Date: Thu, 15 Dec 2022 04:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16849
Expires: Thu, 15 Dec 2022 09:25:44 GMT
Date: Thu, 15 Dec 2022 04:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16849
Expires: Thu, 15 Dec 2022 09:25:44 GMT
Date: Thu, 15 Dec 2022 04:44:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 672ae812012d060ba75fbb8cb9d6038c
2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce
cd9c002af775a6ba6ff8902a67e19c2ed2663d23bf8a1c3fe763598a60ba8d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f56798-4039-4a1a-9490-f61d1b1e77da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5259
x-amzn-requestid: 21c0e355-e696-4785-a162-5f96e02836f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fV1HHKIAMFsjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df58-608335604793d9f46939a81a;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:10:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YF20vWN7faRilx8H98vMPeAimGKAPA-32GulYRed4h-vQAzwkYNgbA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:14:27 GMT
age: 23428
etag: "2ab1016451432b6cd1d6b9756c6cc6a926ffa7ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif
34.120.237.76200 OK 31 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif
IP 34.120.237.76:0
File type GIF image data, version 87a, 296 x 148\012- data
Hash 1a355e31327e2a5f648c36fdc4d2348a
ab6149b7874d751c3b897889902ecf52cbede8e4
cf3fbf211bc15f39efe535bf66a281d124c6254b0b9e641b6ea3c8023ab869dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 30895
x-amzn-requestid: 2d48ad82-6b48-4b9b-9dd0-98afd8b7f9ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0NExFi7oAMFuKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918eeb-6ceedd921e75513b6dfdb084;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Hl0Mdyy9oH1n1LveM7TzD0kSA7NT80XbRiPEAQMbjxmMqRmpwcrG5w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 13:47:39 GMT
age: 53836
etag: "ab6149b7874d751c3b897889902ecf52cbede8e4"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe33ecc20db57514c51c90694efebb16
e00b8b1bc1f98df439a264d1cd881e1021d7fdd5
9b0e56806a9f4e7458b58c29ec2050faebcded4ff1c4ef430733171ddae68cb7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7396
x-amzn-requestid: 504fa4a2-348a-423f-b52a-e1257149d6d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c4Ad4Hw-oAMFWVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63931458-620c1e260eaf8df564aee1c3;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 10:56:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 20i4v0r3MPyPzS5jn45qLK-OMcUEGvjTftCiI-vxamGflro2l3NKZg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:55:24 GMT
age: 24571
etag: "e00b8b1bc1f98df439a264d1cd881e1021d7fdd5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fd0eea87bdde875285073a695d3005
03ec879b4eaef86b85f7528abecf1f383b9367d3
f0fbee34d53cc5ff66722caab6917f0833c778ed26b1b31a87424c06af7d480c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5326af81-e7e2-4d6c-93a6-779a6e46a642.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: f516be09-a7cf-486c-8bbd-75593c381048
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8xJEPVIAMFdLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a0-00fdce7b73e084af4ce63583;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AUZTGtM2WUYSAjcONdieLwogB9Wav1U5Ouc4kydxuoC4_SbBj0PVdw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:42:07 GMT
etag: "03ec879b4eaef86b85f7528abecf1f383b9367d3"
content-type: image/jpeg
age: 25368
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe03f69d5-77c0-42d9-9b2a-210a52667086.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe03f69d5-77c0-42d9-9b2a-210a52667086.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c7a1481c2acfca36dfc40d5525f4f5d
39ebe36d481dc83f16d42feff7e6a594eb1eb090
6fa67fb9185e55892298acd0a7aa2b81fb2aa5857aa9eddca3931189ea538457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe03f69d5-77c0-42d9-9b2a-210a52667086.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4457
x-amzn-requestid: 82585058-e84a-4d7c-827e-25e5ad105cc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-EYmEpPoAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63958103-5fdbaa223aa63f092c53655e;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:04:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rbITexnNnFvp2ulsDLMsUbt30uEdCD3CcGiel7ABXRKVht8MqZ7ZDw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:15:13 GMT
age: 23382
etag: "39ebe36d481dc83f16d42feff7e6a594eb1eb090"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 513e2d0b516490cfc71d87da2c3165fa
2b34ba2bb73cedd73521fc8691feea59dc5aaf9f
879662e443cc9743d9636e2f019d189d961837c270a3d98b46430784360793b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: 0c022863-fa46-4f77-a7d5-ebb6f09bc511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8xJE8jIAMFpVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a0-3b53793f62de069900ac46b1;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nK3dcDhst8WDMgyue78azRSSXz41W4xo6uMYSX1JDuRiU9s6_RLEew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:42:07 GMT
etag: "2b34ba2bb73cedd73521fc8691feea59dc5aaf9f"
content-type: image/jpeg
age: 25368
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fabdc788e39da6948db6e6ba8eadc20a
f9037df7ba82c8dd61dc4f4aa0c31aeb8cdcdf8c
11c08d6ccf8a25efe5e07b2000853d71770d34df222cf5341bb75d70e2caa6cb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137998
Date: Thu, 15 Dec 2022 04:44:55 GMT
Etag: "639a0b23-1d7"
Expires: Fri, 16 Dec 2022 19:04:53 GMT
Last-Modified: Wed, 14 Dec 2022 17:42:59 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mivn91xqmQE76wxxPHKhwz7pe8OgKvcMmUJQSmNJtiVRAEow-jlKCg==
Age: 4914
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fabdc788e39da6948db6e6ba8eadc20a
f9037df7ba82c8dd61dc4f4aa0c31aeb8cdcdf8c
11c08d6ccf8a25efe5e07b2000853d71770d34df222cf5341bb75d70e2caa6cb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136105
Date: Thu, 15 Dec 2022 04:44:55 GMT
Etag: "639a0b23-1d7"
Expires: Fri, 16 Dec 2022 18:33:20 GMT
Last-Modified: Wed, 14 Dec 2022 17:42:59 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vFkZsh6l_iGqYM_7w8_T5FW0V10AyQxyATEH6FX91gauFKn9yD46eg==
Age: 3021
www.whcjudaicashop.org/static/icons/payment-methods/applepay.svg
199.34.228.179200 OK 3.0 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/applepay.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2381)
Hash c9f0fd2c3c94b10595455b840e220672
7734e007c6a4dd650d38be5b29c7335cf9cbfb97
a1aedf64c61a6c121aa0e78164ad0d32f1ebbfd949197c88c7f48462bcbed3ab
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/applepay.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:55 GMT
Content-Type: image/svg+xml
Content-Length: 2986
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "c9f0fd2c3c94b10595455b840e220672"
x-amz-request-id: tx000000000000001aa71e4-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn155.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 5fb78be09d5ddba02da89c91fe6da230
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
52.32.213.25200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 52.32.213.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.whcjudaicashop.org/
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 04:44:55 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.whcjudaicashop.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.whcjudaicashop.org/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.whcjudaicashop.org
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:55 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://www.whcjudaicashop.org
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
www.whcjudaicashop.org/static/icons/payment-methods/mastercard.svg
199.34.228.179200 OK 1.7 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/mastercard.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (424)
Hash 1448577966d9c16095880130e876db7a
ecfaef0be795af04cab2f95d7457721a35cf1742
0b6808d0e93f753a1036f42b52c1a2616662d1503f8d07234a98ee54d7a3dd1e
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/mastercard.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:55 GMT
Content-Type: image/svg+xml
Content-Length: 1657
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "1448577966d9c16095880130e876db7a"
x-amz-request-id: tx000000000000001af98c5-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn133.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 1d336f12eb5f817e1a6dd1a0d18c2144
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
52.32.213.25200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 52.32.213.25:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1941
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 04:44:55 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=4b840aea-5a35-46e6-bfd5-bc6d30da8ce3; Expires=Fri, 15 Dec 2023 04:44:55 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.whcjudaicashop.org
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.whcjudaicashop.org/static/icons/payment-methods/americanexpress.svg
199.34.228.179200 OK 1.2 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/americanexpress.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (955)
Hash 2d510915ad1e47e7f6fa0a9ca6dfe7d2
a94981dcae88d70869bce16df350fbc0fbc0c138
52c75baa1c05af510c5017a200f40094bba37a6ccbb2fe5ce2542f331b812204
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/americanexpress.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:55 GMT
Content-Type: image/svg+xml
Content-Length: 1206
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2d510915ad1e47e7f6fa0a9ca6dfe7d2"
x-amz-request-id: tx000000000000001aa71ba-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn72.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: afb7451a00d2e518f866f57a5a805ccf
www.whcjudaicashop.org/static/icons/payment-methods/discover.svg
199.34.228.179200 OK 3.1 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/discover.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2151)
Hash 9e274d45e1f0b4185bb742d876cee3f5
67405429005f54a1cfb1a27e27491d89814f9ede
a9e66fbb3fb33098304147be606afc2b8e8c8f745db8a83bb6b2d7a0a9a42abc
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/discover.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:55 GMT
Content-Type: image/svg+xml
Content-Length: 3087
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "9e274d45e1f0b4185bb742d876cee3f5"
x-amz-request-id: tx000000000000001a887f9-00628473fd-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn151.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 8d247001c06be4ed25a72e21edf400a8
www.whcjudaicashop.org/static/icons/payment-methods/visa.svg
199.34.228.179200 OK 2.2 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/visa.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1610)
Hash 98e2d557ac9311fbf6c47dcb9cb2c730
e58712545669ba118a42f2e47fcaaabd095cdc6c
0647e086fe11b0748687b68e25c9d2830b8fa08c4397c6c7c6e327d5e8e6c43d
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/visa.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:55 GMT
Content-Type: image/svg+xml
Content-Length: 2247
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 21:25:04 GMT
x-rgw-object-type: Normal
ETag: "98e2d557ac9311fbf6c47dcb9cb2c730"
x-amz-request-id: tx000000000000034345dca-00631274b0-c03521c-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: bc5c3c3a882d1a84a327d69b11603e37
www.whcjudaicashop.org/app/website/cms/api/v1/users/139221797/customers/coordinates
199.34.228.179200 OK 70 B URL HTTP/1.1 www.whcjudaicashop.org/app/website/cms/api/v1/users/139221797/customers/coordinates
IP 199.34.228.179:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 640255543bd97f97641649a886e80ffe
b5786c46052a4125675cb5209fa6baf279127dd4
d6fcbe1ed6458625603c26b4102a02cead79a3472428fee8ca58440f60d85664
Analyzer Verdict Alert fortinet Phishing
GET /app/website/cms/api/v1/users/139221797/customers/coordinates HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 15 Dec 2022 04:44:55 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6ImVnZzlcL0JiNjhpZzBcL2VQTE53V0VIUT09IiwidmFsdWUiOiJHTk1wNUo1NURtM0RGVHN1OERaXC9rNE1WUW92WHBZcE43K0hMOUxCZnMxZEhSR3d3bUlnTVpycjdtM3VIZnRUakRsclJCQWZ5MDYrR2t2anZGMlEyTEV4WlVVSFg1S0p3RnV1VSt0aEVOWUlQbGFZNDI5RWhxVGNyZW5vNzlHUGgiLCJtYWMiOiJkM2NhNzQ5YTVmMDYzMzlkOWMzYjllMzgzNDFiMzRiMjI3NzM4ODQzYzhkYTU4OTUyZGMzMmUzMTc1OGM1NTRlIn0%3D; expires=Thu, 29-Dec-2022 04:44:55 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9; expires=Thu, 29-Dec-2022 04:44:55 GMT; Max-Age=1209600; path=/
X-Host: grn152.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 20013f7055601aaa7b9cd21fe37e9723
Content-Encoding: gzip
www.whcjudaicashop.org/static/icons/payment-methods/googlepay.svg
199.34.228.179200 OK 3.1 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/googlepay.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1581)
Hash 2e6b26f9d61dd22468981356313ca58c
df83a373e46337f409c59947b4ae5f9abe1d896a
85d63842ff30824d4324316344c9eea12995869cc3f5f353fbfa2c3008980222
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/googlepay.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:55 GMT
Content-Type: image/svg+xml
Content-Length: 3115
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2e6b26f9d61dd22468981356313ca58c"
x-amz-request-id: tx000000000000001ae677c-00628473fe-b9fbc63-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu134.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 5b17a6193b211867b94fed79eb297170
www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.179200 OK 989 B URL HTTP/1.1 www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.179:0
File type JSON data\012- , ASCII text, with very long lines (989), with no line terminators
Hash 6ad96d9f8c26555c9c07e88d7f076f31
030b59d25f100e81dcfca98285fb8de5604f17d2
123026c0949b81dce9a6e1c84d36a7b0e2186db3647d351a238b95242ddce762
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9
Content-Length: 78
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 04:44:55 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn144.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 989
Keep-Alive: timeout=10, max=51
Connection: Keep-Alive
Content-Type: application/json
www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.179200 OK 201 B URL HTTP/1.1 www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.179:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9
Content-Length: 83
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 04:44:55 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu69.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: application/json
www.whcjudaicashop.org/static/icons/payment-methods/jcb.svg
199.34.228.179200 OK 3.9 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/jcb.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1131)
Hash 32a219b916e0f1667aa650f7f8536a7b
a464d7ae31f4996c69c95a11fb791b01e55ceba8
4e8f269a2bf9b6d132634125bfe865e6342103f4cbd7953951d16c3442a24216
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/jcb.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:56 GMT
Content-Type: image/svg+xml
Content-Length: 3876
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "32a219b916e0f1667aa650f7f8536a7b"
x-amz-request-id: tx000000000000001a5c1f8-00628473f6-b9fbc77-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu138.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: d50f71f9cbda6c3a93d235babac90591
www.whcjudaicashop.org/static/icons/payment-methods/cashapp.svg
199.34.228.179200 OK 1.4 kB URL HTTP/1.1 www.whcjudaicashop.org/static/icons/payment-methods/cashapp.svg
IP 199.34.228.179:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash 4d9798d0983422b1931dbfb934e04144
b70cb2e3822c77177ba56a351e309d5394263105
880d2b790069e44a5ac9b19ea84372fb6289a1cddae239a7aea7d948fd9faa3a
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/cashapp.svg HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:56 GMT
Content-Type: image/svg+xml
Content-Length: 1394
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "4d9798d0983422b1931dbfb934e04144"
x-amz-request-id: tx00000000000000db9882a-00629614f5-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn74.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 40711b8a5ea610b13114cb221553ca6c
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21dff24803df5260b21df92ac23ce492
f3a4b2c0ef0a4ec9b2639f3224a142203038f6a6
e288d8b75051e26ff5d0ccc82c1c4682b5c285e9aa2c82ffb5e5c5cd0bbb8e69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6422
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:56 GMT
Last-Modified: Thu, 15 Dec 2022 02:57:54 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
cdn5.editmysite.com/app/store/api/v23/editor/users/139221797/sites/293248815899722422/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.129.46200 OK 1.7 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/139221797/sites/293248815899722422/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.129.46:0
File type JSON data\012- , ASCII text, with very long lines (4403), with no line terminators
Hash e6811d965f95678a2ae96847afc7359a
8ec42e0faec2208dfd21345ca26068774577c4b2
d223bca5791ac6d39da07117f9ca90fc6edac3fe70a8bb330a0075da908e7159
GET /app/store/api/v23/editor/users/139221797/sites/293248815899722422/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: s-maxage=604800
etag: W/"aa40230a1a5c53e84e992cef82a30f43"
access-control-allow-methods: GET, HEAD
fullcache: m
x-revision: e67783d7929e72727278c2875290b8343118a04b
x-request-id: 45675d1b1f1fcd008ea7f2f2feeaf144
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 15 Dec 2022 04:44:56 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1680-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1671079496.088805,VS0,VE486
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1710
X-Firefox-Spdy: h2
www.whcjudaicashop.org/square.ico
199.34.228.179200 OK 6.5 kB URL HTTP/1.1 www.whcjudaicashop.org/square.ico
IP 199.34.228.179:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert fortinet Phishing
GET /square.ico HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601; websitespring-xsrf=eyJpdiI6ImVnZzlcL0JiNjhpZzBcL2VQTE53V0VIUT09IiwidmFsdWUiOiJHTk1wNUo1NURtM0RGVHN1OERaXC9rNE1WUW92WHBZcE43K0hMOUxCZnMxZEhSR3d3bUlnTVpycjdtM3VIZnRUakRsclJCQWZ5MDYrR2t2anZGMlEyTEV4WlVVSFg1S0p3RnV1VSt0aEVOWUlQbGFZNDI5RWhxVGNyZW5vNzlHUGgiLCJtYWMiOiJkM2NhNzQ5YTVmMDYzMzlkOWMzYjllMzgzNDFiMzRiMjI3NzM4ODQzYzhkYTU4OTUyZGMzMmUzMTc1OGM1NTRlIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:56 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001aa728b-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu134.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 7c84621e87d71acda8cc7f021242651b
www.whcjudaicashop.org/uploads/b/c7f6cec0-22d5-11ec-8918-43b6021862ad/icon_180x180_ios.png?width=180
199.34.228.179200 OK 2.4 kB URL HTTP/1.1 www.whcjudaicashop.org/uploads/b/c7f6cec0-22d5-11ec-8918-43b6021862ad/icon_180x180_ios.png?width=180
IP 199.34.228.179:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 56b09bc84548ed55f99b6bef3767434c
eb203d5f6bc09d10b8bd59758c9c07e20ca6efc2
8d810b55e7894f656baefa7e78cae2d8a5af58b87520765d9f5c693e7b4bb84f
Analyzer Verdict Alert fortinet Phishing
GET /uploads/b/c7f6cec0-22d5-11ec-8918-43b6021862ad/icon_180x180_ios.png?width=180 HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079492.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601; websitespring-xsrf=eyJpdiI6ImVnZzlcL0JiNjhpZzBcL2VQTE53V0VIUT09IiwidmFsdWUiOiJHTk1wNUo1NURtM0RGVHN1OERaXC9rNE1WUW92WHBZcE43K0hMOUxCZnMxZEhSR3d3bUlnTVpycjdtM3VIZnRUakRsclJCQWZ5MDYrR2t2anZGMlEyTEV4WlVVSFg1S0p3RnV1VSt0aEVOWUlQbGFZNDI5RWhxVGNyZW5vNzlHUGgiLCJtYWMiOiJkM2NhNzQ5YTVmMDYzMzlkOWMzYjllMzgzNDFiMzRiMjI3NzM4ODQzYzhkYTU4OTUyZGMzMmUzMTc1OGM1NTRlIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:56 GMT
Content-Type: image/webp
Content-Length: 2382
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "mM7Te+ITaKmyT1vFgI7LbMgc7e6pmGKyXR8O7f+xd4g"
Fastly-Io-Info: ifsz=3286 idim=180x180 ifmt=png ofsz=2382 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx0000000000000483c8eef-00639aa648-c67eadd-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z0cd6
X-Storage-Object: 0cd6d637ee0e5e18fb6471c45a501362583989ea9938941743758a474389ac9b
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10040-SJC, cache-pao17470-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1671079497.508271,VS0,VE66
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn62.sf2p.intern.weebly.net
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=1a6e143b-f82b-4488-8781-e55556289db2&batch_time=1671079493499
3.233.159.141202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=1a6e143b-f82b-4488-8781-e55556289db2&batch_time=1671079493499
IP 3.233.159.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 194d37483126e53ca5d708410bfa7a25
ed07388bac779b7724c94ddb80ff931cf492b985
38844ab272853f5794844fe80a5cdf36e0d921f6dc1838ff0dc1c006e163189d
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=1a6e143b-f82b-4488-8781-e55556289db2&batch_time=1671079493499 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15748
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Thu, 15 Dec 2022 04:44:56 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
52.32.213.25200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 52.32.213.25:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2381
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: sp=4b840aea-5a35-46e6-bfd5-bc6d30da8ce3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 04:44:56 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=4b840aea-5a35-46e6-bfd5-bc6d30da8ce3; Expires=Fri, 15 Dec 2023 04:44:56 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.whcjudaicashop.org
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=c4607717-2517-4395-bc0d-fa75cdcc4c03&batch_time=1671079494273
3.233.159.141202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=c4607717-2517-4395-bc0d-fa75cdcc4c03&batch_time=1671079494273
IP 3.233.159.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 435f1b03161546f040b82c0fca5dcbc3
23f85086c4ed881d460c6cac6df7c4ca4e7c684c
651257f7b85cd637237528d8de308494c62d4b5d957c8f15a62efe517cd8c268
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=c4607717-2517-4395-bc0d-fa75cdcc4c03&batch_time=1671079494273 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16032
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Thu, 15 Dec 2022 04:44:56 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
52.32.213.25200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 52.32.213.25:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1840
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: sp=4b840aea-5a35-46e6-bfd5-bc6d30da8ce3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 04:44:57 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=4b840aea-5a35-46e6-bfd5-bc6d30da8ce3; Expires=Fri, 15 Dec 2023 04:44:57 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.whcjudaicashop.org
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.179200 OK 182 B URL HTTP/1.1 www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.179:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9
Content-Length: 89
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079494.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601; websitespring-xsrf=eyJpdiI6ImVnZzlcL0JiNjhpZzBcL2VQTE53V0VIUT09IiwidmFsdWUiOiJHTk1wNUo1NURtM0RGVHN1OERaXC9rNE1WUW92WHBZcE43K0hMOUxCZnMxZEhSR3d3bUlnTVpycjdtM3VIZnRUakRsclJCQWZ5MDYrR2t2anZGMlEyTEV4WlVVSFg1S0p3RnV1VSt0aEVOWUlQbGFZNDI5RWhxVGNyZW5vNzlHUGgiLCJtYWMiOiJkM2NhNzQ5YTVmMDYzMzlkOWMzYjllMzgzNDFiMzRiMjI3NzM4ODQzYzhkYTU4OTUyZGMzMmUzMTc1OGM1NTRlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 04:44:57 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn25.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json
www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.179200 OK 79 B URL HTTP/1.1 www.whcjudaicashop.org/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.179:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9
Content-Length: 77
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079494.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601; websitespring-xsrf=eyJpdiI6ImVnZzlcL0JiNjhpZzBcL2VQTE53V0VIUT09IiwidmFsdWUiOiJHTk1wNUo1NURtM0RGVHN1OERaXC9rNE1WUW92WHBZcE43K0hMOUxCZnMxZEhSR3d3bUlnTVpycjdtM3VIZnRUakRsclJCQWZ5MDYrR2t2anZGMlEyTEV4WlVVSFg1S0p3RnV1VSt0aEVOWUlQbGFZNDI5RWhxVGNyZW5vNzlHUGgiLCJtYWMiOiJkM2NhNzQ5YTVmMDYzMzlkOWMzYjllMzgzNDFiMzRiMjI3NzM4ODQzYzhkYTU4OTUyZGMzMmUzMTc1OGM1NTRlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 04:44:57 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn44.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=63
Connection: Keep-Alive
Content-Type: application/json
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=9ff0e401-da7e-405e-b173-1904b7ff0921&batch_time=1671079494702
3.233.159.141202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=9ff0e401-da7e-405e-b173-1904b7ff0921&batch_time=1671079494702
IP 3.233.159.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 00b60922e6248360c151fac2b0cf3814
02e969150784533eb786546cd7f2acb20a913937
04da9b74564d166e2c320a26358a3908cbac22b727d7261013eaaa26c2ffe38d
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-4634dc1&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=9ff0e401-da7e-405e-b173-1904b7ff0921&batch_time=1671079494702 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16249
Origin: https://www.whcjudaicashop.org
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Thu, 15 Dec 2022 04:44:57 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
www.whcjudaicashop.org/app/website/cms/api/v1/users/139221797/customers/locale
199.34.228.179200 OK 36 B URL HTTP/1.1 www.whcjudaicashop.org/app/website/cms/api/v1/users/139221797/customers/locale
IP 199.34.228.179:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 84d8976e69ede075d29893d5a4edb32e
0d93241406b90b37202e0a9a4547159983e58a0d
4b3b556e9891c1d9bd2d7722fd46a43822113e738daf981ab4972a6bc18cea53
Analyzer Verdict Alert fortinet Phishing
GET /app/website/cms/api/v1/users/139221797/customers/locale HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079494.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601; websitespring-xsrf=eyJpdiI6ImVnZzlcL0JiNjhpZzBcL2VQTE53V0VIUT09IiwidmFsdWUiOiJHTk1wNUo1NURtM0RGVHN1OERaXC9rNE1WUW92WHBZcE43K0hMOUxCZnMxZEhSR3d3bUlnTVpycjdtM3VIZnRUakRsclJCQWZ5MDYrR2t2anZGMlEyTEV4WlVVSFg1S0p3RnV1VSt0aEVOWUlQbGFZNDI5RWhxVGNyZW5vNzlHUGgiLCJtYWMiOiJkM2NhNzQ5YTVmMDYzMzlkOWMzYjllMzgzNDFiMzRiMjI3NzM4ODQzYzhkYTU4OTUyZGMzMmUzMTc1OGM1NTRlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 15 Dec 2022 04:44:57 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6InFFdnR3Vm1oRnlHWEg5cGxIT2U0MkE9PSIsInZhbHVlIjoiOFZlSFJoQlRBc3drVTZTT3YzbDB3a0V4a2tSK00yelFidVkyc0hONWNKbzl6OVpCSUx5NjNBSFFTU3FYNE5vRVVPdzdXaWRcL0NlaGtESWxUZVF3WFVjd2lRYU1oMGFJT2NRNDUwSXBPdkFSaEVBbDFZeE1RRlBTZCtaUk9GRnduIiwibWFjIjoiN2E4YzUwZDFjMWU4NzQxNjFkM2E5NmFmOTc2NTExNjBlMjg0MzJjZTAzMWFjMmU3MDllY2M3NWJiMTQxZDk3MSJ9; expires=Thu, 29-Dec-2022 04:44:57 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjA5bGpyUEp5cFVzZW81MldhSUs3MXc9PSIsInZhbHVlIjoicFRvWnpKXC94U3V4UHl5cXpCZlo2bzVreVBIYWtxVXRMSU1cL0JnRlJoWjhLRHk1SmloOGloMzRUTUNEWGNaWTZPckFQbURadmJmYWVaeFwvMGNVdWp4WG5cL2l6czZWS3RvXC9zb0ZZUzhrRUtWWXpJam9hUFhRc3hhS1N6OEw3aVNLSCIsIm1hYyI6IjVmNTI5Y2MyNWEyZGIwNzMyMGY0ZjJlMjhiZjIzMDc3ZjNmYmJjOTllMDgzNGE5MDRiOGQ5MTcyNTU1YWU5M2UifQ%3D%3D; expires=Thu, 29-Dec-2022 04:44:57 GMT; Max-Age=1209600; path=/
X-Host: blu48.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: d3407dfa05f654106df82b57fcb433bd
Content-Encoding: gzip
www.whcjudaicashop.org/app/website/square.ico
199.34.228.179200 OK 6.5 kB URL HTTP/1.1 www.whcjudaicashop.org/app/website/square.ico
IP 199.34.228.179:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert fortinet Phishing
GET /app/website/square.ico HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6IjA5bGpyUEp5cFVzZW81MldhSUs3MXc9PSIsInZhbHVlIjoicFRvWnpKXC94U3V4UHl5cXpCZlo2bzVreVBIYWtxVXRMSU1cL0JnRlJoWjhLRHk1SmloOGloMzRUTUNEWGNaWTZPckFQbURadmJmYWVaeFwvMGNVdWp4WG5cL2l6czZWS3RvXC9zb0ZZUzhrRUtWWXpJam9hUFhRc3hhS1N6OEw3aVNLSCIsIm1hYyI6IjVmNTI5Y2MyNWEyZGIwNzMyMGY0ZjJlMjhiZjIzMDc3ZjNmYmJjOTllMDgzNGE5MDRiOGQ5MTcyNTU1YWU5M2UifQ%3D%3D; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079494.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601; websitespring-xsrf=eyJpdiI6InFFdnR3Vm1oRnlHWEg5cGxIT2U0MkE9PSIsInZhbHVlIjoiOFZlSFJoQlRBc3drVTZTT3YzbDB3a0V4a2tSK00yelFidVkyc0hONWNKbzl6OVpCSUx5NjNBSFFTU3FYNE5vRVVPdzdXaWRcL0NlaGtESWxUZVF3WFVjd2lRYU1oMGFJT2NRNDUwSXBPdkFSaEVBbDFZeE1RRlBTZCtaUk9GRnduIiwibWFjIjoiN2E4YzUwZDFjMWU4NzQxNjFkM2E5NmFmOTc2NTExNjBlMjg0MzJjZTAzMWFjMmU3MDllY2M3NWJiMTQxZDk3MSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:57 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001aa728b-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn69.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 9317a3a9c52b68991a6c5a751ffcde92
www.whcjudaicashop.org/uploads/b/6825144b99f40a7d915b492304dcc90faf062938024215c54cd79b8b96ce7db6/Judaica%20Shop%20NEW%202x1_1636649802.png?width=1600&height=430&fit=cover&dpr=1
199.34.228.179200 OK 102 kB URL HTTP/1.1 www.whcjudaicashop.org/uploads/b/6825144b99f40a7d915b492304dcc90faf062938024215c54cd79b8b96ce7db6/Judaica%20Shop%20NEW%202x1_1636649802.png?width=1600&height=430&fit=cover&dpr=1
IP 199.34.228.179:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 102 kB (101610 bytes)
Hash 882bc1928039e092b8bbe261d016804c
4a4f3086679e84c68c4350fea8480ee96e12b90c
aa34f2001c34d9b9d9f22d85a1b4d70c6a4423d4ed1f32645f50e4462e53f76d
GET /uploads/b/6825144b99f40a7d915b492304dcc90faf062938024215c54cd79b8b96ce7db6/Judaica%20Shop%20NEW%202x1_1636649802.png?width=1600&height=430&fit=cover&dpr=1 HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.editmysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; XSRF-TOKEN=eyJpdiI6Ik8ydVg0Tm1lOVRoTEo2elh2d3ZONWc9PSIsInZhbHVlIjoibTQxR3lTMldFOUwyQXZSUUFKNGozUno5XC96bjRmNkl1dUE4S0UzV2RHSlpaczZ2VVJvcStnUjBmN1RsSzQ3WTFDT0kwaFJqbFVVMGNlbXdtZ1JBQzVWejVicm1kbkJNTVZEdThNZFdoQVZTMVV5QUxMcGVSQVQ2VUEycjRITFpPIiwibWFjIjoiNTUyODFkNjJlODBmZjk2MzAwMjU5ZjVjNTZhOWNlOTEwYmE5YzU3ZTc2NmYwYzE1MDZmOWE0ZWM0MWZhZjM4NCJ9; PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; _snow_ses.c169=*; _snow_id.c169=709e1c78-99f3-4f46-8d3c-f937fbcb7086.1671079492.1.1671079494.1671079492.3c96a90c-a8c9-4b1c-b6c7-e221c6d1617d; _dd_s=rum=1&id=60d153a1-c204-44f3-81f8-d9f507a4a7ab&created=1671079492601&expire=1671080392601; websitespring-xsrf=eyJpdiI6ImVnZzlcL0JiNjhpZzBcL2VQTE53V0VIUT09IiwidmFsdWUiOiJHTk1wNUo1NURtM0RGVHN1OERaXC9rNE1WUW92WHBZcE43K0hMOUxCZnMxZEhSR3d3bUlnTVpycjdtM3VIZnRUakRsclJCQWZ5MDYrR2t2anZGMlEyTEV4WlVVSFg1S0p3RnV1VSt0aEVOWUlQbGFZNDI5RWhxVGNyZW5vNzlHUGgiLCJtYWMiOiJkM2NhNzQ5YTVmMDYzMzlkOWMzYjllMzgzNDFiMzRiMjI3NzM4ODQzYzhkYTU4OTUyZGMzMmUzMTc1OGM1NTRlIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 04:44:57 GMT
Content-Type: image/webp
Content-Length: 101610
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "sS7lWNitHmPR9AG8Z2C7XNc4ZNjsYNkrhX5Cw9ZPBXU"
Fastly-Io-Info: ifsz=176310 idim=2000x1000 ifmt=png ofsz=101610 odim=1600x800 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx0000000000000483c8f54-00639aa649-c67eadd-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zcb82
X-Storage-Object: cb827c99ce5415e4727a79a26ecacd92090260f1349a0c11d8ed2bd794fa78f2
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10035-SJC, cache-pao17463-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1671079497.342174,VS0,VE544
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu81.sf2p.intern.weebly.net
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4f9f90d67d5770d9dd0db961bd4e71c5
d2d7b568d0411de9d6bcf15d58ad71d9c205e519
86cbde5ce74bfd3c3168bc143b673b578a51467df8dc16fb0fbe1d815de131fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157165
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:58 GMT
Etag: "639a6937-1d7"
Expires: Sat, 17 Dec 2022 00:24:23 GMT
Last-Modified: Thu, 15 Dec 2022 00:24:23 GMT
Server: nginx
Content-Length: 471
www.editmysite.com/ajax/apps/generateMap.php?elementid=38514560-7c33-11ed-9fda-e7d466f000a1&map=google&ineditor=0&width=auto&point=1&control=3&scalecontrol=1&height=350px&zoom=10&zoomScale=70&lat=39.05029&long=-77.19012&pincolor=%234b6299&pincontrastcolor=%23ffffff&styles=%5B%7B%22featureType%22%3A%22poi%22%2C%22elementType%22%3A%22labels.text%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22poi.business%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22road%22%2C%22elementType%22%3A%22labels.icon%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22transit%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%5D&touch=1&forcemapdrag=1
74.115.50.67200 OK 12 kB URL HTTP/1.1 www.editmysite.com/ajax/apps/generateMap.php?elementid=38514560-7c33-11ed-9fda-e7d466f000a1&map=google&ineditor=0&width=auto&point=1&control=3&scalecontrol=1&height=350px&zoom=10&zoomScale=70&lat=39.05029&long=-77.19012&pincolor=%234b6299&pincontrastcolor=%23ffffff&styles=%5B%7B%22featureType%22%3A%22poi%22%2C%22elementType%22%3A%22labels.text%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22poi.business%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22road%22%2C%22elementType%22%3A%22labels.icon%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22transit%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%5D&touch=1&forcemapdrag=1
IP 74.115.50.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Hash 71bc45d65adcd0f74e1c50f488d7b7eb
684c4e5dacadef35e0b2eff9b6a18bb6aef23521
11fc90edcaf9c2ca4a74c3e0c87361d2b559414ec5a420e2183039481a97bdeb
GET /ajax/apps/generateMap.php?elementid=38514560-7c33-11ed-9fda-e7d466f000a1&map=google&ineditor=0&width=auto&point=1&control=3&scalecontrol=1&height=350px&zoom=10&zoomScale=70&lat=39.05029&long=-77.19012&pincolor=%234b6299&pincontrastcolor=%23ffffff&styles=%5B%7B%22featureType%22%3A%22poi%22%2C%22elementType%22%3A%22labels.text%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22poi.business%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22road%22%2C%22elementType%22%3A%22labels.icon%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22transit%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%5D&touch=1&forcemapdrag=1 HTTP/1.1
Host: www.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whcjudaicashop.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 04:44:58 GMT
Server: Apache
X-Host: blu117.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 12028
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-designer=BMHABNAK; Domain=editmysite.com; Path=/
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?v=3&client=gme-weeblyinc1
142.250.74.106200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3&client=gme-weeblyinc1
IP 142.250.74.106:0
File type ASCII text, with very long lines (2468)
Hash 4a5a8f3b53a90346a18cb7c6dd8699ac
85587db94fdf62145cd171a753ee57c58d4d8de0
21da2452148822d828de5b28d1d4884caf88a493a6e2e30d8bd281563f1dc87f
GET /maps/api/js?v=3&client=gme-weeblyinc1 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 15 Dec 2022 04:44:58 GMT
expires: Thu, 15 Dec 2022 05:14:58 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53394
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=15
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7554f75e4959d216038e95962579e741
10f237248a234544391eb351e97515d385a372b3
cb2bc78887ed330dee49076c04ba87723fdc2a869a124dba2a475cac174480da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b3ec8f2b165188a8c51d8182ca1ec76
df25ded913d7cc7c8f23ec44f4b4cb2137847220
f66222d5c946fd777dd322daf66b1bbac9b7fdd2bd80d1bb189340297000f421
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b3ec8f2b165188a8c51d8182ca1ec76
df25ded913d7cc7c8f23ec44f4b4cb2137847220
f66222d5c946fd777dd322daf66b1bbac9b7fdd2bd80d1bb189340297000f421
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 088037aa3cd3f678776d4443ee3feec3
4e8c2c84585e93acaeaba3c4a5704a98a315b33d
5f6edbe6d09f7efebc225ecb6d07c98f1ec12fa127febec52a4194130affdc88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Thu, 15 Dec 2022 04:44:59 GMT
expires: Thu, 15 Dec 2022 04:44:59 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/transparent.png
142.250.74.3200 OK 68 B URL HTTP/2 maps.gstatic.com/mapfiles/transparent.png
IP 142.250.74.3:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 8327a6037ae00a5be9f75e63ee1b9fbe
a812c79b0d125e4946b33446eae0353f518627e2
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Thu, 15 Dec 2022 04:44:59 GMT
expires: Thu, 15 Dec 2022 04:44:59 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 088037aa3cd3f678776d4443ee3feec3
4e8c2c84585e93acaeaba3c4a5704a98a315b33d
5f6edbe6d09f7efebc225ecb6d07c98f1ec12fa127febec52a4194130affdc88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.editmysite.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:54 GMT
expires: Thu, 14 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 33065
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 04:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.whcjudaicashop.org/
199.34.228.179200 OK 0 B IP 199.34.228.179:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.whcjudaicashop.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 15 Dec 2022 04:44:46 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6Ikc2RUJ4amJLOW1mTU5XNkdVdWczNlE9PSIsInZhbHVlIjoidk9iNXlKaGxaODZJRm9KSHZqV2pUaENSbHk5NzFzR0hHMEVqN0k3QW14cW5LUStuUjRFWHFMVVA4MFJaRXR3VGtlZm1najRqdHZwZ3ZobVRIN0Y4REZzckI0VWRYUG1IQVRVK0txTzFcL2k1KzMzemFpekVxQ29VemlwVkpOUGdkIiwibWFjIjoiY2JmYTY1NzA5NjQ4NjJkN2QwODZiYmEwYTY2YzcwNTMzZjUxMWQxODdkZTQ4M2I0NTk4MTM4NDU1YzYwZWI5YSJ9; expires=Thu, 29-Dec-2022 04:44:54 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6Im1OcGJ1NFc1WjF5bnZ2K3kycjBpSGc9PSIsInZhbHVlIjoiTGJmZUlhcVhMT2pRcUE3KzlYSHBWM1M0VWxhSzBqSlwvVXhsODhvZ25yODRoU3dmbGVnRmorVlpmQnUyUDlTalFTM1g4Z3FKZ25odnFrM2x0dDRiOXc0OE5xYWloVlBBN3NWZlQyZ0FrZll2ZWdDTE5SRGZTczdMdjl5TStZYXBqIiwibWFjIjoiMjJmNmI1NTI5ZmUzZjQ3NTlhMzY5NDY3YjE5ZDFhZGQwYTNmMzExYjgzNmQ3OTAxMWQyNTMzMzNmMjk2NWUwMCJ9; expires=Thu, 29-Dec-2022 04:44:54 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6InVuMW00ZlwvQTQ2MnBzV2QrTjRiWVJ3PT0iLCJ2YWx1ZSI6IndQVmhqS0NheCswOHRac0ozeEZ3WlJ3T1pFcTRlOWNZN2g3V1wvanFCVHVWeXk2M1E2cldBMDBsYktXVXBuYnRNOUE0bXo3cXpORXlnT1Z4cW9HYTBqNTMrZFFcLzFWVFI1XC9wenczTjVLK0ZQT3BqR0xlNmI3TSs5NGZMOEdzcXFDIiwibWFjIjoiZmE1MzJkZmUzMTA4ZTA5M2Y2YjM2ZjI3M2Q2ODAyOTUwMjMzM2Y0YmRhY2NjMmJlNTE5NDdjNTRlYmE3ZmY5NSJ9; expires=Thu, 29-Dec-2022 04:44:54 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: 4634dc19ac3fee8168cbe2bcc34cec72477e4537
X-Request-ID: 1fc3a30cdf3165e832c00680ecba54ae
Content-Encoding: gzip