r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20444
Expires: Sun, 13 Nov 2022 01:58:49 GMT
Date: Sat, 12 Nov 2022 20:18:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3791
Cache-Control: max-age=141381
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:18:05 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 11:34:26 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7593
Expires: Sat, 12 Nov 2022 22:24:38 GMT
Date: Sat, 12 Nov 2022 20:18:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 19:44:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2042
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r24U3FzUqNGyGDMuPWn0IrKWg51lA9p/IWf/r4SxUbaBVOS8toOLktrKYn0nw2pSHzkqX2bUokXlIJo/hiEpnA==
x-amz-request-id: 31PECRQGAEFKG9E2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 20:13:07 GMT
age: 298
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
pdf-cloud-document.weeblysite.com/
199.34.228.97302 Found 410 B URL HTTP/1.1 pdf-cloud-document.weeblysite.com/
IP 199.34.228.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 908063e8da0c9221f9e382e2b84daeef
c8a23e836bf3f1880d63d7e7c3346810728424fa
f98c22e67ddcbb4a802f7eeb36a777ff2338f6501958e36d8ca9fa61f3e703d2
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET / HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 20:18:05 GMT
Location: https://pdf-cloud-document.weeblysite.com
Set-Cookie: publishedsite-xsrf=eyJpdiI6InVrUkt2Q1RSZTBndkJxMGN4bzI2MUE9PSIsInZhbHVlIjoiaXlieTB1dlgrMmp1OWxPb1JPY2hva2s4UkdibXdGXC9rKzJNbW1pbmRVVnczWk91VGFZc3pKQ2l4K1FaUXgxYjltYkd6TzRHa0RuMFIwcEQwSnN6Ujd2K1JYWGhZNVwvM0R5MUpZXC9Na0UxTHZoaFRwUmdCM2VBaTRyU25uWVdjV3EiLCJtYWMiOiJkYzJmZjhlMzIyZDkzMTMxMDRkMzRjYmE1ZjgwNWVjNzgwZTJjNmQyMWZmZGI1MWU2NzQwZmRiNTY3ZGVjMGQ5In0%3D; expires=Sat, 26-Nov-2022 20:18:05 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjhPSTRXazNCblVrTVI3Sk1IU3owTXc9PSIsInZhbHVlIjoiSFNZVjlMWlg1MUN6R25qdlNOU2VFRmRKWkMraEliRmo3eWFvV2Zld3B1TkIxbnh3eWNDcDNnM0hEeHZQWXliQ2VPV0FqUjlvdFkrV3ZOMkhYQXFoeDlIcjIwdEdCTXVYanQyY0JhdGMyeVNadWFPa0xmdTc0UmV3SlBOTGJaNFoiLCJtYWMiOiI5YzYxNGI4NGVmMjViNTAyNTE5YTIyODg3MjA1NGM3YTIwODJlNjBkMzZmOGNlOTBjMjViYzBmYjk3NzQ3Mzg1In0%3D; expires=Sat, 26-Nov-2022 20:18:05 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6ImJEaThoYXNqZGF1MXRHOTJwUWdrTkE9PSIsInZhbHVlIjoiZWpjaE9malNzbUprK2JZM0owelFZeFdNbk1aa2pZejBOWExFTDFXd25kM3dLbThXRjJPWTJSeDJrNmNFVG56elltXC9WZDRXbWNQb2FuSDdTSTJNaXp5dndCUVJVc212SlZKT3podVpqREtRNFdtYlBZWkphRThtQUNMZmJUOWo3IiwibWFjIjoiOWM0ZDIxYzc3Y2YyZmIyODRmOTNhNTFjNjRlNzhhYjExODU2ZTkxZDMwZjhkNjU3ZTJjMDQ2NTEwNmJjNTZlNiJ9; expires=Sat, 26-Nov-2022 20:18:05 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu153.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 0e39f347bf03f042591f72614985e78f
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 20:18:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 19:44:48 GMT
cache-control: public,max-age=3600
age: 1998
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash afca4f3ad8046bcc5f3bad9236808210
2c8a578e18a378a706b6e5a23f77e29c837a4e83
3079e2b4f36e00b28cddcb85fb3f2958269ea5294bf80486743c20eef8fb904c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5928
Cache-Control: max-age=152528
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:18:06 GMT
Etag: "636f9926-1d7"
Expires: Mon, 14 Nov 2022 14:40:14 GMT
Last-Modified: Sat, 12 Nov 2022 13:01:26 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3271
Cache-Control: max-age=135797
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:18:06 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:01:23 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JKcSgYOClGnUHBmi424zGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A70XCxBz+TPru5naW/ZGjuO52Ck=
pdf-cloud-document.weeblysite.com/
199.34.228.97200 OK 9.2 kB URL HTTP/1.1 pdf-cloud-document.weeblysite.com/
IP 199.34.228.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18665)
Hash c3d3bce3ca4d869269dacb1c4a12e68c
4dc72580e34616d5a88e5600eb28d006884a35b8
9d481f6c0f9bf84ba8a25002fb853b438ba281123cc83f3af29aba3cc1aea945
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET / HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.1.1654529222.1654529221.eb16d350-07de-4d7e-9f29-a5af9daaa333
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 20:18:06 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IktySm8zVm9mSis3VmtvWEhXU2YzVGc9PSIsInZhbHVlIjoiQU1cL0tkRWU3Zk1kRmFBdnRDQk1yK1wvN1wvSVBySzNuTjJjMkk3d2EzSE04RE1LTEF4RFdsQjQ4MzFxZHN1VVFEd0tuUlY4ajlWNGorQzZCMU9LZ3FcL3BUSmx2Sk9cL1RLa293THJmN2FyUmh2ZEFrVGl4MkMybkZUaUtWZ0hMXC9aRFgiLCJtYWMiOiI5N2IwOTNiYTQ3ZDFkOTdiY2E1MGQyZTNiODY4ZDVmMmYyMTI0MzdmZGEwMWJhYmMzM2EwMGYyZjU2MTM4MTljIn0%3D; expires=Sat, 26-Nov-2022 20:18:06 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6ImVjTGNCUTB2OXZsaFh0OUJwRGUySWc9PSIsInZhbHVlIjoiVkF1Y1VGYzNYZ0I4NHA2Mjc1aEJLWUQ3c0hFR2RxVERsU3hreDZaSUhzYmxIZU9GYnJwd3FSSlwvenpOTlJuSmdxRnE2ZFV1aStYRHRsMzE5MWd4Wkg5TVZvZ21WT0JBTFgzMVBibFE1XC81enlBYktNTUlwMmE2aGt2YWF1ODlQOSIsIm1hYyI6ImFkMTNlNzAzNTcyN2ZiMzcxNzk0ODc5YWExMmY2NDBiZGNlYjMzMGRmMmI2ZGFiZGUyYTkxMWQ5Y2UyMWMyMTIifQ%3D%3D; expires=Sat, 26-Nov-2022 20:18:06 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IndKUDhkVitIYnVcL1h6NnErMDFodDJBPT0iLCJ2YWx1ZSI6IkhWenFRakxRUUVudVhodFd6aUNORFpaVVhycjFhRDVuZmdXZFlUdW5BSXNHMHk0bnIxYWdPV0ZGQWtHNTFHeUVhMWZMeGowR2tEYWxobmxqVlltNGpQU1JzV2duZ2o0ZUJ5c3FJWTM4YU1QbndnclJLaTdrTkoyQVlvXC9UWGw2cCIsIm1hYyI6IjczODUwNTliM2Q5NTA3YjQxNjUxZDE3OTg3NGYyMWM1NjY5OGM4ZTk2NjUxYzQ3ODc1M2YwMzc3MWQ3M2JmMzQifQ%3D%3D; expires=Sat, 26-Nov-2022 20:18:06 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu75.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 408111981e837374b2076fc4186c11ab
Content-Encoding: gzip
cdn3.editmysite.com/app/website/js/runtime.781a48d4ef878d505a99.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.781a48d4ef878d505a99.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (51009)
Hash ae2558aec5a35c5c95b859787c0c1f00
b330cdeb6d184bff00037ecc9130a380f843b738
65662652bd1521683e0988d5480320653ac14d8fb7b0bb6acd6af9262c35408e
GET /app/website/js/runtime.781a48d4ef878d505a99.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Nov 2022 17:00:53 GMT
x-rgw-object-type: Normal
etag: W/"f9812f245eef923a71c47e8bcfa00743"
x-amz-request-id: tx00000000000002f7789a1-00636e802f-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.781a48d4ef878d505a99.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
x-request-id: 7b282ecbee4502ef08420109c2ee587f
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:06 GMT
via: 1.1 varnish
age: 98118
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668284287.989148,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24936
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash d4a7cac8be5683713ff6e8d0784011f2
e2a97aa958426f4a35d0428ba833ced0c6cc6042
286ee096d03d0f9e94833359780ff046c322ba1ea9be4a432a1ae6a89970ecb5
GET /app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:41:51 GMT
x-rgw-object-type: Normal
etag: W/"2a31fcbf4eb69762b720ec1ef08544e0"
x-amz-request-id: tx00000000000002d0bf7b3-00636c1f88-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:06 GMT
via: 1.1 varnish
age: 253903
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1668284287.992962,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22873
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:06 GMT
via: 1.1 varnish
age: 1892214
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668284287.995028,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64930), with no line terminators
Hash 95f18bd4635781a99daed1dd3de8adc1
ac08c18cc726deed47eb6b8f68ec3b5239a2fd91
ef25fa02ff6fba3fa3c90616e1ddbea7d9695867b40a81889074051552b7fff5
GET /app/website/css/site.1212ec71ad4b7ff5f443.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:11 GMT
x-rgw-object-type: Normal
etag: W/"c22f38a806467cd0cdff32ec647019f0"
x-amz-request-id: tx00000000000002d07c203-00636c1aa2-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: a80e6919be55cb6d5160dc63fd6f209d3a8ccad7
x-request-id: 6a2fef8e459a38814de85e0dcfa36c62
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:06 GMT
via: 1.1 varnish
age: 255187
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668284287.997481,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23817
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 00:31:12 GMT
etag: "636af4d0-124fe"
expires: Thu, 24 Nov 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn91.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:07 GMT
age: 214765
x-served-by: cache-sjc10061-SJC, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 2559
x-timer: S1668284287.011029,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:07 GMT
via: 1.1 varnish
age: 841157
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668284287.009545,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash d67360edce3a9e449f9ab9d29b236991
e1cc8639aff5e8712a2a8b399108380ac2a5c7e7
cbc44943c1498d633ad51b17d43cae5d5773112ab83d5297da2facd4f0cc70ce
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 20:18:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "35A43A080C9315AF03F6506D4C730B7461D2454D"
Expires: Sun, 13 Nov 2022 06:00:00 GMT
Last-Modified: Sat, 12 Nov 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2010
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7691f479ec4f0b4d-OSL
cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js
151.101.85.46200 OK 3.6 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (16751), with no line terminators
Hash f3c3a4e8875d6c2f9ffea217b4a59a1a
71843a18558caf7321e9a0d34b51da993b8dd159
a0c87a07799d8865256fe092a30e91ae5cd4dd70565872d1f6025523de0550c1
GET /app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pdf-cloud-document.weeblysite.com/
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 10 Nov 2022 22:33:48 GMT
x-rgw-object-type: Normal
etag: W/"ea76aa6c63f36ff196a2a59dfe55769f"
x-amz-request-id: tx00000000000002de012e9-00636d7ca5-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:07 GMT
via: 1.1 varnish
age: 164562
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668284287.057827,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3555
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
151.101.85.46200 OK 325 B URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (1611), with no line terminators
Hash be5c6eec9cf3e92f8df759e392e01209
e0bff726136f738e6a1fe3e991d9a64dcf46d23a
e630015425b5298e0f7db7e397850913ea94d317beba50978a9df8e8364334ae
GET /app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pdf-cloud-document.weeblysite.com/
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
last-modified: Mon, 07 Nov 2022 22:17:43 GMT
etag: W/"63698407-64b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:07 GMT
via: 1.1 varnish
age: 418854
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668284287.079073,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 28c55dfd17f5da2f5fc88a68bef0ea4f
e6293078bfa9062c51423f1b221399fab94953c9
5753a816efa4abbbb41bba586601fd2db87ec83bf5ea28c60a56b66a4d4ac798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167227
Date: Sat, 12 Nov 2022 20:18:07 GMT
Etag: "636fdb22-1d7"
Expires: Mon, 14 Nov 2022 18:45:14 GMT
Last-Modified: Sat, 12 Nov 2022 17:42:58 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A6kFRQUyl-pzCFHGKCRR-5lXCqjf4xTidDukgRWvup25I4M5tqzihA==
Age: 3736
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 28c55dfd17f5da2f5fc88a68bef0ea4f
e6293078bfa9062c51423f1b221399fab94953c9
5753a816efa4abbbb41bba586601fd2db87ec83bf5ea28c60a56b66a4d4ac798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169781
Date: Sat, 12 Nov 2022 20:18:07 GMT
Etag: "636fdb22-1d7"
Expires: Mon, 14 Nov 2022 19:27:48 GMT
Last-Modified: Sat, 12 Nov 2022 17:42:58 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KRe0oGlGwJEve6lW1clkqgqwiGJRge6jGQQksLuYXZaq9Lm8dI_u6w==
Age: 6290
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 20:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 20:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Sat, 12 Nov 2022 22:57:28 GMT
Date: Sat, 12 Nov 2022 20:18:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2y97S3ITb7MLXuIIAQfCCKjgvOXisdCT5mod7OD588LOhPCy_OrUXQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:21 GMT
age: 80146
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:23:30 GMT
age: 78877
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FWEdPT057SMVCBc7ZYbPnfW1z5mB7iubIXzrj3HlctKtwRx2PuncSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 08:39:57 GMT
age: 41890
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BcjpdZlgZPqBX1rk3Th_XlwHrDYoeAT8pWaH7I21WnkfFzvzJE8ekw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 81312
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7wqdiuomEgaQlE1P5gopDGXbAkmh3ohPXYDcBWczuYFEcj8nczk9_w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:52:57 GMT
age: 80710
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eac2ed4bece6282c8273a58a88371e2e
2d90ff66079e8ffbaaa367a6bfc08927e7cc424d
aea97fd7d90302edcb3e0c08507d682e02166e8ddd4d082fc4f5435af438594c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8633
x-amzn-requestid: 8bdfbfbb-5193-4c62-ba1b-c906f7548676
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEC1oAMF8tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-39b4c2954dbc8e4c40a2c9d8;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxrfhO5oOGvECIrlZYKsfXOTZZksAIIHAafyRM-FdRXAaBVZs5cEQA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:04:43 GMT
age: 80004
etag: "2d90ff66079e8ffbaaa367a6bfc08927e7cc424d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.97200 OK 224 B URL HTTP/1.1 pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 13593f6286d97ef957f443963fe931b8
fd8712c00baba802817d2189ca3ad204ca0cdd7a
4e8bba6a89604ac9c26316b3fc9ad4429053bf28e96ea657f198f8255e564f28
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImVjTGNCUTB2OXZsaFh0OUJwRGUySWc9PSIsInZhbHVlIjoiVkF1Y1VGYzNYZ0I4NHA2Mjc1aEJLWUQ3c0hFR2RxVERsU3hreDZaSUhzYmxIZU9GYnJwd3FSSlwvenpOTlJuSmdxRnE2ZFV1aStYRHRsMzE5MWd4Wkg5TVZvZ21WT0JBTFgzMVBibFE1XC81enlBYktNTUlwMmE2aGt2YWF1ODlQOSIsIm1hYyI6ImFkMTNlNzAzNTcyN2ZiMzcxNzk0ODc5YWExMmY2NDBiZGNlYjMzMGRmMmI2ZGFiZGUyYTkxMWQ5Y2UyMWMyMTIifQ==
Content-Length: 78
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.2.1668284286.1654529222.778b90e9-b847-4982-8793-fb45cc16bfef; publishedsite-xsrf=eyJpdiI6IktySm8zVm9mSis3VmtvWEhXU2YzVGc9PSIsInZhbHVlIjoiQU1cL0tkRWU3Zk1kRmFBdnRDQk1yK1wvN1wvSVBySzNuTjJjMkk3d2EzSE04RE1LTEF4RFdsQjQ4MzFxZHN1VVFEd0tuUlY4ajlWNGorQzZCMU9LZ3FcL3BUSmx2Sk9cL1RLa293THJmN2FyUmh2ZEFrVGl4MkMybkZUaUtWZ0hMXC9aRFgiLCJtYWMiOiI5N2IwOTNiYTQ3ZDFkOTdiY2E1MGQyZTNiODY4ZDVmMmYyMTI0MzdmZGEwMWJhYmMzM2EwMGYyZjU2MTM4MTljIn0%3D; XSRF-TOKEN=eyJpdiI6ImVjTGNCUTB2OXZsaFh0OUJwRGUySWc9PSIsInZhbHVlIjoiVkF1Y1VGYzNYZ0I4NHA2Mjc1aEJLWUQ3c0hFR2RxVERsU3hreDZaSUhzYmxIZU9GYnJwd3FSSlwvenpOTlJuSmdxRnE2ZFV1aStYRHRsMzE5MWd4Wkg5TVZvZ21WT0JBTFgzMVBibFE1XC81enlBYktNTUlwMmE2aGt2YWF1ODlQOSIsIm1hYyI6ImFkMTNlNzAzNTcyN2ZiMzcxNzk0ODc5YWExMmY2NDBiZGNlYjMzMGRmMmI2ZGFiZGUyYTkxMWQ5Y2UyMWMyMTIifQ%3D%3D; PublishedSiteSession=eyJpdiI6IndKUDhkVitIYnVcL1h6NnErMDFodDJBPT0iLCJ2YWx1ZSI6IkhWenFRakxRUUVudVhodFd6aUNORFpaVVhycjFhRDVuZmdXZFlUdW5BSXNHMHk0bnIxYWdPV0ZGQWtHNTFHeUVhMWZMeGowR2tEYWxobmxqVlltNGpQU1JzV2duZ2o0ZUJ5c3FJWTM4YU1QbndnclJLaTdrTkoyQVlvXC9UWGw2cCIsIm1hYyI6IjczODUwNTliM2Q5NTA3YjQxNjUxZDE3OTg3NGYyMWM1NjY5OGM4ZTk2NjUxYzQ3ODc1M2YwMzc3MWQ3M2JmMzQifQ%3D%3D; _snow_ses.872e=*; _dd_s=rum=1&id=9b99e4ee-b00f-4378-bc7d-94b071263a39&created=1668284286820&expire=1668285186820
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 20:18:07 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn62.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 224
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pdf-cloud-document.weeblysite.com/
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 20:18:07 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://pdf-cloud-document.weeblysite.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pdf-cloud-document.weeblysite.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://pdf-cloud-document.weeblysite.com
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 20:18:08 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://pdf-cloud-document.weeblysite.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
pdf-cloud-document.weeblysite.com/app/website/cms/api/v1/users/138303116/customers/coordinates
199.34.228.97200 OK 70 B URL HTTP/1.1 pdf-cloud-document.weeblysite.com/app/website/cms/api/v1/users/138303116/customers/coordinates
IP 199.34.228.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /app/website/cms/api/v1/users/138303116/customers/coordinates HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6ImVjTGNCUTB2OXZsaFh0OUJwRGUySWc9PSIsInZhbHVlIjoiVkF1Y1VGYzNYZ0I4NHA2Mjc1aEJLWUQ3c0hFR2RxVERsU3hreDZaSUhzYmxIZU9GYnJwd3FSSlwvenpOTlJuSmdxRnE2ZFV1aStYRHRsMzE5MWd4Wkg5TVZvZ21WT0JBTFgzMVBibFE1XC81enlBYktNTUlwMmE2aGt2YWF1ODlQOSIsIm1hYyI6ImFkMTNlNzAzNTcyN2ZiMzcxNzk0ODc5YWExMmY2NDBiZGNlYjMzMGRmMmI2ZGFiZGUyYTkxMWQ5Y2UyMWMyMTIifQ==
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.2.1668284286.1654529222.778b90e9-b847-4982-8793-fb45cc16bfef; publishedsite-xsrf=eyJpdiI6IktySm8zVm9mSis3VmtvWEhXU2YzVGc9PSIsInZhbHVlIjoiQU1cL0tkRWU3Zk1kRmFBdnRDQk1yK1wvN1wvSVBySzNuTjJjMkk3d2EzSE04RE1LTEF4RFdsQjQ4MzFxZHN1VVFEd0tuUlY4ajlWNGorQzZCMU9LZ3FcL3BUSmx2Sk9cL1RLa293THJmN2FyUmh2ZEFrVGl4MkMybkZUaUtWZ0hMXC9aRFgiLCJtYWMiOiI5N2IwOTNiYTQ3ZDFkOTdiY2E1MGQyZTNiODY4ZDVmMmYyMTI0MzdmZGEwMWJhYmMzM2EwMGYyZjU2MTM4MTljIn0%3D; XSRF-TOKEN=eyJpdiI6ImVjTGNCUTB2OXZsaFh0OUJwRGUySWc9PSIsInZhbHVlIjoiVkF1Y1VGYzNYZ0I4NHA2Mjc1aEJLWUQ3c0hFR2RxVERsU3hreDZaSUhzYmxIZU9GYnJwd3FSSlwvenpOTlJuSmdxRnE2ZFV1aStYRHRsMzE5MWd4Wkg5TVZvZ21WT0JBTFgzMVBibFE1XC81enlBYktNTUlwMmE2aGt2YWF1ODlQOSIsIm1hYyI6ImFkMTNlNzAzNTcyN2ZiMzcxNzk0ODc5YWExMmY2NDBiZGNlYjMzMGRmMmI2ZGFiZGUyYTkxMWQ5Y2UyMWMyMTIifQ%3D%3D; PublishedSiteSession=eyJpdiI6IndKUDhkVitIYnVcL1h6NnErMDFodDJBPT0iLCJ2YWx1ZSI6IkhWenFRakxRUUVudVhodFd6aUNORFpaVVhycjFhRDVuZmdXZFlUdW5BSXNHMHk0bnIxYWdPV0ZGQWtHNTFHeUVhMWZMeGowR2tEYWxobmxqVlltNGpQU1JzV2duZ2o0ZUJ5c3FJWTM4YU1QbndnclJLaTdrTkoyQVlvXC9UWGw2cCIsIm1hYyI6IjczODUwNTliM2Q5NTA3YjQxNjUxZDE3OTg3NGYyMWM1NjY5OGM4ZTk2NjUxYzQ3ODc1M2YwMzc3MWQ3M2JmMzQifQ%3D%3D; _snow_ses.872e=*; _dd_s=rum=1&id=9b99e4ee-b00f-4378-bc7d-94b071263a39&created=1668284286820&expire=1668285186820
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 20:18:08 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IjI2MjdPVW1WK3ZabWtZZkRYMnBPYlE9PSIsInZhbHVlIjoicElRaUhzem5HUTJXajl3NFZkODladjNGV1VwZWwxRVlcLzUzajErcmtBU3VVUEhLTEg2Q2hNOXR3XC80UllLMHFtcEY1ZElCcUorc1JqdzBlM1FOQm5cL2FRb01DYTJna2tsUmlUYWFMWkxyMEE2VGhEaGdoZnduN1ZKUEl1YzV3a1giLCJtYWMiOiIxMTg5MjgxNzM4YzFlMGM3ODdkNDE0MDZjYWE0Yjc4NzNlNGQxZGUzNjNkYjc3NTM1OWVjOTMyZDJlMDI3Njc5In0%3D; expires=Sat, 26-Nov-2022 20:18:08 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IlwvS2pVTjNvc0J0R2tMaE5PdFU0akFRPT0iLCJ2YWx1ZSI6InB3NFlOS0w3aTF3eWExMFFHSERUTlwvVmdiOVZcL3F2Yms2ZStVTllvalE3MUoyZCtTMGdralhENmJ5amk4MTZKejA5eUhsWDRJMkJ2UlwvSnhBNVdPUmlNcUhpVHVaUU9XREdRcE5PSStVQ1gzSzhZbm80VjdnVTEyY21RVG5Fd25tIiwibWFjIjoiMWJlOWQ3Mjg0MDZjMjkwNTgxNDhiMWJjNTExZTZmMTkyYTYwMzRiNWJkMmE3YzRkNzkwMzg1MzZiNDZjYTJhOSJ9; expires=Sat, 26-Nov-2022 20:18:08 GMT; Max-Age=1209600; path=/
X-Host: grn42.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 50365e4cc5cc7aa8d27e983e73d9ae25
Content-Encoding: gzip
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1952
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 20:18:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Sun, 12 Nov 2023 20:18:08 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://pdf-cloud-document.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.97200 OK 201 B URL HTTP/1.1 pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImVjTGNCUTB2OXZsaFh0OUJwRGUySWc9PSIsInZhbHVlIjoiVkF1Y1VGYzNYZ0I4NHA2Mjc1aEJLWUQ3c0hFR2RxVERsU3hreDZaSUhzYmxIZU9GYnJwd3FSSlwvenpOTlJuSmdxRnE2ZFV1aStYRHRsMzE5MWd4Wkg5TVZvZ21WT0JBTFgzMVBibFE1XC81enlBYktNTUlwMmE2aGt2YWF1ODlQOSIsIm1hYyI6ImFkMTNlNzAzNTcyN2ZiMzcxNzk0ODc5YWExMmY2NDBiZGNlYjMzMGRmMmI2ZGFiZGUyYTkxMWQ5Y2UyMWMyMTIifQ==
Content-Length: 83
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.2.1668284286.1654529222.778b90e9-b847-4982-8793-fb45cc16bfef; publishedsite-xsrf=eyJpdiI6IktySm8zVm9mSis3VmtvWEhXU2YzVGc9PSIsInZhbHVlIjoiQU1cL0tkRWU3Zk1kRmFBdnRDQk1yK1wvN1wvSVBySzNuTjJjMkk3d2EzSE04RE1LTEF4RFdsQjQ4MzFxZHN1VVFEd0tuUlY4ajlWNGorQzZCMU9LZ3FcL3BUSmx2Sk9cL1RLa293THJmN2FyUmh2ZEFrVGl4MkMybkZUaUtWZ0hMXC9aRFgiLCJtYWMiOiI5N2IwOTNiYTQ3ZDFkOTdiY2E1MGQyZTNiODY4ZDVmMmYyMTI0MzdmZGEwMWJhYmMzM2EwMGYyZjU2MTM4MTljIn0%3D; XSRF-TOKEN=eyJpdiI6ImVjTGNCUTB2OXZsaFh0OUJwRGUySWc9PSIsInZhbHVlIjoiVkF1Y1VGYzNYZ0I4NHA2Mjc1aEJLWUQ3c0hFR2RxVERsU3hreDZaSUhzYmxIZU9GYnJwd3FSSlwvenpOTlJuSmdxRnE2ZFV1aStYRHRsMzE5MWd4Wkg5TVZvZ21WT0JBTFgzMVBibFE1XC81enlBYktNTUlwMmE2aGt2YWF1ODlQOSIsIm1hYyI6ImFkMTNlNzAzNTcyN2ZiMzcxNzk0ODc5YWExMmY2NDBiZGNlYjMzMGRmMmI2ZGFiZGUyYTkxMWQ5Y2UyMWMyMTIifQ%3D%3D; PublishedSiteSession=eyJpdiI6IndKUDhkVitIYnVcL1h6NnErMDFodDJBPT0iLCJ2YWx1ZSI6IkhWenFRakxRUUVudVhodFd6aUNORFpaVVhycjFhRDVuZmdXZFlUdW5BSXNHMHk0bnIxYWdPV0ZGQWtHNTFHeUVhMWZMeGowR2tEYWxobmxqVlltNGpQU1JzV2duZ2o0ZUJ5c3FJWTM4YU1QbndnclJLaTdrTkoyQVlvXC9UWGw2cCIsIm1hYyI6IjczODUwNTliM2Q5NTA3YjQxNjUxZDE3OTg3NGYyMWM1NjY5OGM4ZTk2NjUxYzQ3ODc1M2YwMzc3MWQ3M2JmMzQifQ%3D%3D; _snow_ses.872e=*; _dd_s=rum=1&id=9b99e4ee-b00f-4378-bc7d-94b071263a39&created=1668284286820&expire=1668285186820
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 20:18:08 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn106.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
cdn5.editmysite.com/app/store/api/v23/editor/users/138303116/sites/651721591754938199/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.85.46200 OK 5.4 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/138303116/sites/651721591754938199/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (11097)
Hash 5a367d045163495dabeae347e36675fd
ce55fb18818064a1395557ccd35cad2c3e7bcc5e
de0d871dbbe981a88cf26ba652565271ad751feb23f1730416e291671207060c
GET /app/store/api/v23/editor/users/138303116/sites/651721591754938199/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: no-cache, private
fullcache: m
x-revision: 750ddee8ddd5f3b61f4649ca8405eccad3ffdd2e
x-request-id: e9f3db727079d281e1101064ff478f34
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668284288.260870,VS0,VE226
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2
pdf-cloud-document.weeblysite.com/site-icon?device=ios&size=180
199.34.228.97404 Not Found 620 B URL HTTP/1.1 pdf-cloud-document.weeblysite.com/site-icon?device=ios&size=180
IP 199.34.228.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 609283f0abd216f052c6b32877678dfb
990ea8c9bac587ffc680dfdcaf54706c0ee3288b
2c02a57d702cb0cf240374bb61b7724b408b998b9cd9825bc0e55f74f27cc10d
Analyzer Verdict Alert openphish Generic/Spear Phishing
GET /site-icon?device=ios&size=180 HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.2.1668284286.1654529222.778b90e9-b847-4982-8793-fb45cc16bfef; publishedsite-xsrf=eyJpdiI6IktySm8zVm9mSis3VmtvWEhXU2YzVGc9PSIsInZhbHVlIjoiQU1cL0tkRWU3Zk1kRmFBdnRDQk1yK1wvN1wvSVBySzNuTjJjMkk3d2EzSE04RE1LTEF4RFdsQjQ4MzFxZHN1VVFEd0tuUlY4ajlWNGorQzZCMU9LZ3FcL3BUSmx2Sk9cL1RLa293THJmN2FyUmh2ZEFrVGl4MkMybkZUaUtWZ0hMXC9aRFgiLCJtYWMiOiI5N2IwOTNiYTQ3ZDFkOTdiY2E1MGQyZTNiODY4ZDVmMmYyMTI0MzdmZGEwMWJhYmMzM2EwMGYyZjU2MTM4MTljIn0%3D; XSRF-TOKEN=eyJpdiI6IlwvS2pVTjNvc0J0R2tMaE5PdFU0akFRPT0iLCJ2YWx1ZSI6InB3NFlOS0w3aTF3eWExMFFHSERUTlwvVmdiOVZcL3F2Yms2ZStVTllvalE3MUoyZCtTMGdralhENmJ5amk4MTZKejA5eUhsWDRJMkJ2UlwvSnhBNVdPUmlNcUhpVHVaUU9XREdRcE5PSStVQ1gzSzhZbm80VjdnVTEyY21RVG5Fd25tIiwibWFjIjoiMWJlOWQ3Mjg0MDZjMjkwNTgxNDhiMWJjNTExZTZmMTkyYTYwMzRiNWJkMmE3YzRkNzkwMzg1MzZiNDZjYTJhOSJ9; PublishedSiteSession=eyJpdiI6IndKUDhkVitIYnVcL1h6NnErMDFodDJBPT0iLCJ2YWx1ZSI6IkhWenFRakxRUUVudVhodFd6aUNORFpaVVhycjFhRDVuZmdXZFlUdW5BSXNHMHk0bnIxYWdPV0ZGQWtHNTFHeUVhMWZMeGowR2tEYWxobmxqVlltNGpQU1JzV2duZ2o0ZUJ5c3FJWTM4YU1QbndnclJLaTdrTkoyQVlvXC9UWGw2cCIsIm1hYyI6IjczODUwNTliM2Q5NTA3YjQxNjUxZDE3OTg3NGYyMWM1NjY5OGM4ZTk2NjUxYzQ3ODc1M2YwMzc3MWQ3M2JmMzQifQ%3D%3D; _snow_ses.872e=*; _dd_s=rum=1&id=9b99e4ee-b00f-4378-bc7d-94b071263a39&created=1668284286820&expire=1668285186820; websitespring-xsrf=eyJpdiI6IjI2MjdPVW1WK3ZabWtZZkRYMnBPYlE9PSIsInZhbHVlIjoicElRaUhzem5HUTJXajl3NFZkODladjNGV1VwZWwxRVlcLzUzajErcmtBU3VVUEhLTEg2Q2hNOXR3XC80UllLMHFtcEY1ZElCcUorc1JqdzBlM1FOQm5cL2FRb01DYTJna2tsUmlUYWFMWkxyMEE2VGhEaGdoZnduN1ZKUEl1YzV3a1giLCJtYWMiOiIxMTg5MjgxNzM4YzFlMGM3ODdkNDE0MDZjYWE0Yjc4NzNlNGQxZGUzNjNkYjc3NTM1OWVjOTMyZDJlMDI3Njc5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 20:18:08 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6InBCU1ppcWoxa1VteFZoY0ZtME5yV0E9PSIsInZhbHVlIjoiUEVXcm5LQldjM050ejhTOFA3dlwvYmNuSnZKSlA4Q0RnUCtnVDZxc01MbEtDVVFuQmhOUm9WTmRQeXFoblZkRkIwTGxoZ0FwRjJGMEcrWDhkYVRtRXJpOFNPS3JMeU1lVDZvUkZrMnpnYU53dlwvSEdJR2s1VEJqOXlsYjVOV1ZjQyIsIm1hYyI6IjNjNmQwMjBjZGY1MjQxNDIzMmYzYzcwOTM1MGE5ZDI5MWY3N2E2MjdhMDQxOGQ4ZDY4OTU5YTQ1NDU1N2RhODgifQ%3D%3D; expires=Sat, 26-Nov-2022 20:18:08 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IndsaUhOV1h3M3dkN1VGR1htS3RWbVE9PSIsInZhbHVlIjoiTnRTVjBrZFl3cndIWmZUNUhNT25QcFozZ3djOXBTR09ybmlCeFNFWjVkdUJqczdNaGQ2dE9MZDFxazBjVnJkRk5nK014bkxuc1dUMjZyOEFab0ZYUXFFZFIwbHNDd0ZBQ0tWTWI5OTlvNmx0cE40T1hmUkRZUWFKRmpEYlJWOG0iLCJtYWMiOiJkY2Q5NmIwM2FiNGViOTU0NDk1NGIzMjk3YTk4YWYwMzJhM2ZlNjc2OTZlMjZlN2E3OTA4N2M0MWVhMzg4NTJhIn0%3D; expires=Sat, 26-Nov-2022 20:18:08 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IkFkYXlcL0QwcGNuMVl4WSswRWw2UDBRPT0iLCJ2YWx1ZSI6Ijd2d0N3UGlYTEtUU0N5dTZoTk10cWZXOUtuXC9LZXkrc1JPbmJHRFRZdGdLdFVlelNVSzNxY083Z3pcL2lJQmlIZ3h4U1hFaGtvTGpOTWVkazhleWo3ZGxMbW1OdVM4bXlKelBkQ1lnWlE4cysyd1wvYlwvZFJPelFDVklONGpvWlZTQyIsIm1hYyI6IjU0ZTRjNzM4NjEyMDkzYTM4NzU0ZTk5ZmEzZGUzYjJlN2Y3NTVlNzliYjAyZWFmY2E5YjdiZWE4NjEzMmJiMmUifQ%3D%3D; expires=Sat, 26-Nov-2022 20:18:08 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn42.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 70c0eec6247763bd0f1d06147b30a490
Content-Encoding: gzip
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2392
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 20:18:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Sun, 12 Nov 2023 20:18:08 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://pdf-cloud-document.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cca525b1496af446b07aaf8a2106ca1
bc00a06ab4efc7d612f5416cf2f1d12582b757fb
be2e9793da01f40ed238dec1d929691bdea9a317be4f0c82e4e50cddd3cc528d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3058
Cache-Control: max-age=147473
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:18:08 GMT
Etag: "636f909f-1d7"
Expires: Mon, 14 Nov 2022 13:16:01 GMT
Last-Modified: Sat, 12 Nov 2022 12:25:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfc683b4624c966e84cddabb580139d8
9d3ce176d341f9fa40781e688c3a701e56564031
26a1dbf5005474c927acb351758288d5b1ea903a1e1a6f5f42989f40f34c224e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1402
Cache-Control: max-age=128519
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:18:08 GMT
Etag: "636f4d0d-1d7"
Expires: Mon, 14 Nov 2022 08:00:07 GMT
Last-Modified: Sat, 12 Nov 2022 07:36:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.97200 OK 182 B URL HTTP/1.1 pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IndsaUhOV1h3M3dkN1VGR1htS3RWbVE9PSIsInZhbHVlIjoiTnRTVjBrZFl3cndIWmZUNUhNT25QcFozZ3djOXBTR09ybmlCeFNFWjVkdUJqczdNaGQ2dE9MZDFxazBjVnJkRk5nK014bkxuc1dUMjZyOEFab0ZYUXFFZFIwbHNDd0ZBQ0tWTWI5OTlvNmx0cE40T1hmUkRZUWFKRmpEYlJWOG0iLCJtYWMiOiJkY2Q5NmIwM2FiNGViOTU0NDk1NGIzMjk3YTk4YWYwMzJhM2ZlNjc2OTZlMjZlN2E3OTA4N2M0MWVhMzg4NTJhIn0=
Content-Length: 89
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.2.1668284288.1654529222.778b90e9-b847-4982-8793-fb45cc16bfef; publishedsite-xsrf=eyJpdiI6InBCU1ppcWoxa1VteFZoY0ZtME5yV0E9PSIsInZhbHVlIjoiUEVXcm5LQldjM050ejhTOFA3dlwvYmNuSnZKSlA4Q0RnUCtnVDZxc01MbEtDVVFuQmhOUm9WTmRQeXFoblZkRkIwTGxoZ0FwRjJGMEcrWDhkYVRtRXJpOFNPS3JMeU1lVDZvUkZrMnpnYU53dlwvSEdJR2s1VEJqOXlsYjVOV1ZjQyIsIm1hYyI6IjNjNmQwMjBjZGY1MjQxNDIzMmYzYzcwOTM1MGE5ZDI5MWY3N2E2MjdhMDQxOGQ4ZDY4OTU5YTQ1NDU1N2RhODgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IndsaUhOV1h3M3dkN1VGR1htS3RWbVE9PSIsInZhbHVlIjoiTnRTVjBrZFl3cndIWmZUNUhNT25QcFozZ3djOXBTR09ybmlCeFNFWjVkdUJqczdNaGQ2dE9MZDFxazBjVnJkRk5nK014bkxuc1dUMjZyOEFab0ZYUXFFZFIwbHNDd0ZBQ0tWTWI5OTlvNmx0cE40T1hmUkRZUWFKRmpEYlJWOG0iLCJtYWMiOiJkY2Q5NmIwM2FiNGViOTU0NDk1NGIzMjk3YTk4YWYwMzJhM2ZlNjc2OTZlMjZlN2E3OTA4N2M0MWVhMzg4NTJhIn0%3D; PublishedSiteSession=eyJpdiI6IkFkYXlcL0QwcGNuMVl4WSswRWw2UDBRPT0iLCJ2YWx1ZSI6Ijd2d0N3UGlYTEtUU0N5dTZoTk10cWZXOUtuXC9LZXkrc1JPbmJHRFRZdGdLdFVlelNVSzNxY083Z3pcL2lJQmlIZ3h4U1hFaGtvTGpOTWVkazhleWo3ZGxMbW1OdVM4bXlKelBkQ1lnWlE4cysyd1wvYlwvZFJPelFDVklONGpvWlZTQyIsIm1hYyI6IjU0ZTRjNzM4NjEyMDkzYTM4NzU0ZTk5ZmEzZGUzYjJlN2Y3NTVlNzliYjAyZWFmY2E5YjdiZWE4NjEzMmJiMmUifQ%3D%3D; _snow_ses.872e=*; _dd_s=rum=1&id=9b99e4ee-b00f-4378-bc7d-94b071263a39&created=1668284286820&expire=1668285186820; websitespring-xsrf=eyJpdiI6IjI2MjdPVW1WK3ZabWtZZkRYMnBPYlE9PSIsInZhbHVlIjoicElRaUhzem5HUTJXajl3NFZkODladjNGV1VwZWwxRVlcLzUzajErcmtBU3VVUEhLTEg2Q2hNOXR3XC80UllLMHFtcEY1ZElCcUorc1JqdzBlM1FOQm5cL2FRb01DYTJna2tsUmlUYWFMWkxyMEE2VGhEaGdoZnduN1ZKUEl1YzV3a1giLCJtYWMiOiIxMTg5MjgxNzM4YzFlMGM3ODdkNDE0MDZjYWE0Yjc4NzNlNGQxZGUzNjNkYjc3NTM1OWVjOTMyZDJlMDI3Njc5In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 20:18:08 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn73.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.weebly.com/favicon.ico
74.115.50.109200 OK 4.3 kB URL HTTP/1.1 www.weebly.com/favicon.ico
IP 74.115.50.109:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
GET /favicon.ico HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 20:18:09 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 17:01:18 GMT
ETag: "10be-5ed34d6993380"
Accept-Ranges: bytes
Content-Length: 4286
X-Host: blu98.sf2p.intern.weebly.net
Vary: User-Agent
Keep-Alive: timeout=10, max=64
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
X-W-DC: SFO
Set-Cookie: sto-id-editor=KHHHBNAK; Domain=weebly.com; Path=/
pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.97200 OK 80 B URL HTTP/1.1 pdf-cloud-document.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 49ccb1672036652093e2af110970392c
0a448340d7898a7cc714db06964c46d6db44ae74
3714771a4773e635f63ae32d648364782f11e72a0a60918baf978ebb6ec1c22d
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IndsaUhOV1h3M3dkN1VGR1htS3RWbVE9PSIsInZhbHVlIjoiTnRTVjBrZFl3cndIWmZUNUhNT25QcFozZ3djOXBTR09ybmlCeFNFWjVkdUJqczdNaGQ2dE9MZDFxazBjVnJkRk5nK014bkxuc1dUMjZyOEFab0ZYUXFFZFIwbHNDd0ZBQ0tWTWI5OTlvNmx0cE40T1hmUkRZUWFKRmpEYlJWOG0iLCJtYWMiOiJkY2Q5NmIwM2FiNGViOTU0NDk1NGIzMjk3YTk4YWYwMzJhM2ZlNjc2OTZlMjZlN2E3OTA4N2M0MWVhMzg4NTJhIn0=
Content-Length: 77
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.2.1668284288.1654529222.778b90e9-b847-4982-8793-fb45cc16bfef; publishedsite-xsrf=eyJpdiI6InBCU1ppcWoxa1VteFZoY0ZtME5yV0E9PSIsInZhbHVlIjoiUEVXcm5LQldjM050ejhTOFA3dlwvYmNuSnZKSlA4Q0RnUCtnVDZxc01MbEtDVVFuQmhOUm9WTmRQeXFoblZkRkIwTGxoZ0FwRjJGMEcrWDhkYVRtRXJpOFNPS3JMeU1lVDZvUkZrMnpnYU53dlwvSEdJR2s1VEJqOXlsYjVOV1ZjQyIsIm1hYyI6IjNjNmQwMjBjZGY1MjQxNDIzMmYzYzcwOTM1MGE5ZDI5MWY3N2E2MjdhMDQxOGQ4ZDY4OTU5YTQ1NDU1N2RhODgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IndsaUhOV1h3M3dkN1VGR1htS3RWbVE9PSIsInZhbHVlIjoiTnRTVjBrZFl3cndIWmZUNUhNT25QcFozZ3djOXBTR09ybmlCeFNFWjVkdUJqczdNaGQ2dE9MZDFxazBjVnJkRk5nK014bkxuc1dUMjZyOEFab0ZYUXFFZFIwbHNDd0ZBQ0tWTWI5OTlvNmx0cE40T1hmUkRZUWFKRmpEYlJWOG0iLCJtYWMiOiJkY2Q5NmIwM2FiNGViOTU0NDk1NGIzMjk3YTk4YWYwMzJhM2ZlNjc2OTZlMjZlN2E3OTA4N2M0MWVhMzg4NTJhIn0%3D; PublishedSiteSession=eyJpdiI6IkFkYXlcL0QwcGNuMVl4WSswRWw2UDBRPT0iLCJ2YWx1ZSI6Ijd2d0N3UGlYTEtUU0N5dTZoTk10cWZXOUtuXC9LZXkrc1JPbmJHRFRZdGdLdFVlelNVSzNxY083Z3pcL2lJQmlIZ3h4U1hFaGtvTGpOTWVkazhleWo3ZGxMbW1OdVM4bXlKelBkQ1lnWlE4cysyd1wvYlwvZFJPelFDVklONGpvWlZTQyIsIm1hYyI6IjU0ZTRjNzM4NjEyMDkzYTM4NzU0ZTk5ZmEzZGUzYjJlN2Y3NTVlNzliYjAyZWFmY2E5YjdiZWE4NjEzMmJiMmUifQ%3D%3D; _snow_ses.872e=*; _dd_s=rum=1&id=9b99e4ee-b00f-4378-bc7d-94b071263a39&created=1668284286820&expire=1668285186820; websitespring-xsrf=eyJpdiI6IjI2MjdPVW1WK3ZabWtZZkRYMnBPYlE9PSIsInZhbHVlIjoicElRaUhzem5HUTJXajl3NFZkODladjNGV1VwZWwxRVlcLzUzajErcmtBU3VVUEhLTEg2Q2hNOXR3XC80UllLMHFtcEY1ZElCcUorc1JqdzBlM1FOQm5cL2FRb01DYTJna2tsUmlUYWFMWkxyMEE2VGhEaGdoZnduN1ZKUEl1YzV3a1giLCJtYWMiOiIxMTg5MjgxNzM4YzFlMGM3ODdkNDE0MDZjYWE0Yjc4NzNlNGQxZGUzNjNkYjc3NTM1OWVjOTMyZDJlMDI3Njc5In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 20:18:08 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn106.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 80
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1851
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 20:18:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Sun, 12 Nov 2023 20:18:09 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://pdf-cloud-document.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=b3785126-e4fd-4710-9cbd-d3c36e409987&batch_time=1668284288135
3.233.153.125202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=b3785126-e4fd-4710-9cbd-d3c36e409987&batch_time=1668284288135
IP 3.233.153.125:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8db391f4b28fd2d786e3acbabc1a1ad1
62e63d969d5bffbe9adf8e4b121bd917ee8275d2
f85c15a76b3adb9594e9cbaab0ae0a57ca5943c584012d6c6513fd1a689a6660
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=b3785126-e4fd-4710-9cbd-d3c36e409987&batch_time=1668284288135 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15744
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sat, 12 Nov 2022 20:18:09 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=1d8ad693-e861-461d-8240-9da4362b303c&batch_time=1668284287888
3.233.153.125202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=1d8ad693-e861-461d-8240-9da4362b303c&batch_time=1668284287888
IP 3.233.153.125:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9a6f603a92b27c4977996a8cff0040f5
f2ea26e7a5aae62636c3f0b2bb88d1f6402d3509
b40100b400275fe080de61b6fb83c16537f1e9e013216981593a7e2227ad028f
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=1d8ad693-e861-461d-8240-9da4362b303c&batch_time=1668284287888 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15737
Origin: https://pdf-cloud-document.weeblysite.com
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 12 Nov 2022 20:18:09 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
pdf-cloud-document.weeblysite.com/uploads/b/58f3ebd54697ce95454cc381e12d563c5793b6503eab03713d334154d18c7125/background_1625686041.jpg?width=1600&height=430&fit=cover&dpr=1
199.34.228.97200 OK 20 kB URL HTTP/1.1 pdf-cloud-document.weeblysite.com/uploads/b/58f3ebd54697ce95454cc381e12d563c5793b6503eab03713d334154d18c7125/background_1625686041.jpg?width=1600&height=430&fit=cover&dpr=1
IP 199.34.228.97:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x544, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 947df6db17615f4351b7a02652e8ba9f
6360c53788656a184e0149122d6777aedbecaa40
176a2a68793a0358800bcbfe2502f0c6a3e786104d4ec017740fe7ef63715234
GET /uploads/b/58f3ebd54697ce95454cc381e12d563c5793b6503eab03713d334154d18c7125/background_1625686041.jpg?width=1600&height=430&fit=cover&dpr=1 HTTP/1.1
Host: pdf-cloud-document.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.editmysite.com/
Cookie: _snow_id.872e=632aef0a-a8dc-42b4-b4ee-a32ca9873ad2.1654529221.2.1668284288.1654529222.778b90e9-b847-4982-8793-fb45cc16bfef; publishedsite-xsrf=eyJpdiI6InBCU1ppcWoxa1VteFZoY0ZtME5yV0E9PSIsInZhbHVlIjoiUEVXcm5LQldjM050ejhTOFA3dlwvYmNuSnZKSlA4Q0RnUCtnVDZxc01MbEtDVVFuQmhOUm9WTmRQeXFoblZkRkIwTGxoZ0FwRjJGMEcrWDhkYVRtRXJpOFNPS3JMeU1lVDZvUkZrMnpnYU53dlwvSEdJR2s1VEJqOXlsYjVOV1ZjQyIsIm1hYyI6IjNjNmQwMjBjZGY1MjQxNDIzMmYzYzcwOTM1MGE5ZDI5MWY3N2E2MjdhMDQxOGQ4ZDY4OTU5YTQ1NDU1N2RhODgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IndsaUhOV1h3M3dkN1VGR1htS3RWbVE9PSIsInZhbHVlIjoiTnRTVjBrZFl3cndIWmZUNUhNT25QcFozZ3djOXBTR09ybmlCeFNFWjVkdUJqczdNaGQ2dE9MZDFxazBjVnJkRk5nK014bkxuc1dUMjZyOEFab0ZYUXFFZFIwbHNDd0ZBQ0tWTWI5OTlvNmx0cE40T1hmUkRZUWFKRmpEYlJWOG0iLCJtYWMiOiJkY2Q5NmIwM2FiNGViOTU0NDk1NGIzMjk3YTk4YWYwMzJhM2ZlNjc2OTZlMjZlN2E3OTA4N2M0MWVhMzg4NTJhIn0%3D; PublishedSiteSession=eyJpdiI6IkFkYXlcL0QwcGNuMVl4WSswRWw2UDBRPT0iLCJ2YWx1ZSI6Ijd2d0N3UGlYTEtUU0N5dTZoTk10cWZXOUtuXC9LZXkrc1JPbmJHRFRZdGdLdFVlelNVSzNxY083Z3pcL2lJQmlIZ3h4U1hFaGtvTGpOTWVkazhleWo3ZGxMbW1OdVM4bXlKelBkQ1lnWlE4cysyd1wvYlwvZFJPelFDVklONGpvWlZTQyIsIm1hYyI6IjU0ZTRjNzM4NjEyMDkzYTM4NzU0ZTk5ZmEzZGUzYjJlN2Y3NTVlNzliYjAyZWFmY2E5YjdiZWE4NjEzMmJiMmUifQ%3D%3D; _snow_ses.872e=*; _dd_s=rum=1&id=9b99e4ee-b00f-4378-bc7d-94b071263a39&created=1668284286820&expire=1668285186820; websitespring-xsrf=eyJpdiI6IjI2MjdPVW1WK3ZabWtZZkRYMnBPYlE9PSIsInZhbHVlIjoicElRaUhzem5HUTJXajl3NFZkODladjNGV1VwZWwxRVlcLzUzajErcmtBU3VVUEhLTEg2Q2hNOXR3XC80UllLMHFtcEY1ZElCcUorc1JqdzBlM1FOQm5cL2FRb01DYTJna2tsUmlUYWFMWkxyMEE2VGhEaGdoZnduN1ZKUEl1YzV3a1giLCJtYWMiOiIxMTg5MjgxNzM4YzFlMGM3ODdkNDE0MDZjYWE0Yjc4NzNlNGQxZGUzNjNkYjc3NTM1OWVjOTMyZDJlMDI3Njc5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 20:18:09 GMT
Content-Type: image/webp
Content-Length: 19664
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "DCjxHbZ8TWa71yPVAOUOstSayTRKSRi+5BBPqXNYYTE"
Fastly-Io-Info: ifsz=99985 idim=1600x544 ifmt=jpeg ofsz=19664 odim=1600x544 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000000c09694d-006334be2b-c6aed46-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zfc83
X-Storage-Object: fc833d925ec2b6e359a581787185194bca173e3085ed86399ce452003cdfb6f2
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10054-SJC, cache-pao17428-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1668284289.154300,VS0,VE128
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn43.sf2p.intern.weebly.net
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94a390953f36bf9902cb9f04007c36c1
13535f16f207d4c19c1b6019757f6739a4531eeb
37d73300955a979e5b9d3dabc6e924c4e9734c6c63d92c42c709f8cb0d5aeabb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5902
x-amzn-requestid: 9c8be25c-9c96-4861-89c8-8b7bf06ffc16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNBrH2DoAMFqbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec20a-6c770a86581d1f7f4599684f;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: T6_3oJ8lEFeYF3wFDvIVfSRZbILHdbpDuAd50fwkzcYji2yVLUQkmQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:44:57 GMT
age: 81197
etag: "13535f16f207d4c19c1b6019757f6739a4531eeb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/site.53f73facd6e1a6ff4aa0.js
151.101.85.46200 OK 0 B URL HTTP/2 cdn3.editmysite.com/app/website/js/site.53f73facd6e1a6ff4aa0.js
IP 151.101.85.46:0
GET /app/website/js/site.53f73facd6e1a6ff4aa0.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:13 GMT
x-rgw-object-type: Normal
etag: W/"aed131ca7d403a5cf60232831103e23d"
x-amz-request-id: tx00000000000002dee88f2-00636c1aa2-c669cc6-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.53f73facd6e1a6ff4aa0.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
x-request-id: f0de1df07ef42bbcc9bcb3fe321ec4b9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:07 GMT
via: 1.1 varnish
age: 255187
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668284287.009528,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 619555
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
151.101.85.46200 OK 0 B URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
IP 151.101.85.46:0
GET /app/website/js/languages/en.d69f032602a9a8656bf8.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pdf-cloud-document.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Nov 2022 23:25:35 GMT
x-rgw-object-type: Normal
etag: W/"88da55c6ac5b86a27462f8794b300ba2"
x-amz-request-id: tx0000000000000278488a3-0063644e55-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.d69f032602a9a8656bf8.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 5b106465564fd8cfdc25e96fbccd2ff9dcb7a0ec
x-request-id: d06a245b8fc77a19a7522567339564c9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 20:18:07 GMT
via: 1.1 varnish
age: 766035
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 12225
x-timer: S1668284287.009350,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151425
X-Firefox-Spdy: h2