Overview

URL www.whitridgewellness.com/store/p3/Registration275.html
IP199.34.228.76
ASNWEEBLY
Location United States
Report completed2022-09-05 17:05:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-05 2 cdn2.editmysite.com/css/social-icons.css?buildtime=1646063574 Malware
2022-09-05 2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1662144649 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL ocsp.pki.goog/gts1c3
IP  142.250.74.3
Magic gzip compressed data, max compression\012- data
Size 1074
MD5 ace18e02dee893b45af3bfd56f1ec9a8
SHA1 989c22c9a583070f81b3276861a273b0e49a542a
SHA256 c779057d6f9b7ebc95e507dcb96a0a9e39029aadb9a3306b446223a54d3b3103
Analyzer Analysed Verdict Comment
VirusTotal 0/0
URL fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP  142.250.74.163
Magic gzip compressed data, max compression\012- data
Size 24124
MD5 d2aedb796bf18655b6b091dedd1eafc7
SHA1 f4dc4e02aa89fa6bbd9b873eabadd0a27f36f1cd
SHA256 2e4855c101501a0e7827b60874956ddf9b115561c5b0c9b14a14d0a3c9418db8
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-05 04:38:00 UTC 23.36.77.32
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-05 05:10:58 UTC 34.214.236.46
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-05 04:39:46 UTC 142.250.74.8
mnemonic passive DNS ec.editmysite.com (3) 12806 2017-01-29 21:50:35 UTC 2022-09-05 09:13:39 UTC 35.82.13.103
mnemonic passive DNS cdn3.editmysite.com (5) 32188 2019-02-20 02:08:33 UTC 2022-09-05 14:36:25 UTC 151.101.85.46
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-05 04:38:54 UTC 34.117.237.239
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS promote.weebly.com (3) 108699 2017-01-30 10:01:30 UTC 2022-09-05 12:27:48 UTC 74.115.50.106
mnemonic passive DNS www.whitridgewellness.com (19) 0 2019-08-13 09:32:31 UTC 2022-09-01 17:31:33 UTC 199.34.228.76 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-05 09:22:24 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-09-05 04:38:08 UTC 142.250.74.3
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-05 15:10:11 UTC 142.250.74.74
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-05 04:37:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-05 08:52:38 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-05 11:07:08 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-05 05:14:21 UTC 143.204.55.35
mnemonic passive DNS cdn2.editmysite.com (12) 11564 2012-10-02 18:27:39 UTC 2022-09-05 07:15:31 UTC 151.101.85.46
mnemonic passive DNS cdn-promote.weebly.com (2) 118615 2016-03-05 04:15:49 UTC 2022-09-04 21:32:08 UTC 151.101.85.46
mnemonic passive DNS fonts.googleapis.com (4) 8877 2014-07-21 13:19:55 UTC 2022-09-05 12:21:06 UTC 142.250.74.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.76

Date UQ / IDS / BL URL IP
2022-11-21 18:22:53 +0000
0 - 0 - 25 www.joanmmiller.com/ 199.34.228.76
2022-10-09 19:55:24 +0000
0 - 0 - 18 wmpambassadors.org/ 199.34.228.76
2022-10-08 14:21:21 +0000
0 - 0 - 21 www.southernwindsilkies.com/ 199.34.228.76
2022-10-06 00:23:53 +0000
0 - 0 - 12 www.theurbanistsalmanac.com/ 199.34.228.76
2022-09-24 05:36:28 +0000
0 - 0 - 9 keystoneturnerhall.com/ 199.34.228.76

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-12-05 21:59:37 +0000
0 - 0 - 8 webmail-105188.weeblysite.com/ 199.34.228.97
2022-12-05 19:08:33 +0000
0 - 0 - 15 www.www-app-facebook.com/ 199.34.228.159
2022-12-05 12:54:50 +0000
0 - 0 - 8 sign-in-to-btfhdfhehewh73837j.weeblysite.com/ 199.34.228.96
2022-12-05 12:11:33 +0000
0 - 0 - 9 gtyguh67tojkjuygjtfguhyhn.weebly.com/ 199.34.228.53
2022-12-05 11:32:51 +0000
0 - 0 - 10 walletconnect-selfservicevalidation.weebly.co (...) 199.34.228.54

Last 1 reports on domain: whitridgewellness.com

Date UQ / IDS / BL URL IP
2022-09-05 17:05:48 +0000
0 - 0 - 2 www.whitridgewellness.com/store/p3/Registrati (...) 199.34.228.76

No other reports with similar screenshot



JavaScript

Executed Scripts (39)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (86)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Mon, 05 Sep 2022 18:21:11 GMT
Date: Mon, 05 Sep 2022 17:05:37 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 17:01:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 33x0FJXElHV5j93SJXEVvi_0A5s3EvoarDhj5_Py0RSBPXp5NjvBDA==
Age: 218


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fqSFfRaHWdSJQvUEpXqe69cnjggKrydp7gV4zioISfldLA-1XgDsqQ==
age: 57020
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /store/p3/Registration275.html HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.76
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Sep 2022 17:05:37 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.whitridgewellness.com
Vary: X-W-SSL,User-Agent
Location: https://www.whitridgewellness.com/store/p3/Registration275.html
X-Host: grn140.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 498
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   498
Md5:    9d22790b19d7d85b362fd8612c8b01bd
Sha1:   3d1467cfb43ff5f14f7389cbd31d2407a806c035
Sha256: 8da02b5228cd365295d531014ed83a979addd23b4c1a399384714ff237f3f386
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Sep 2022 17:05:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 05 Sep 2022 16:38:16 GMT
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 17:23:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OBdQgxtirNAzxd5fi32KhXnAd_n6iIutR3SgjTmS9beA6BveOuwn5g==
Age: 1641


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6146
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 17:05:38 GMT
Last-Modified: Mon, 05 Sep 2022 15:23:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AF971EEC18F6B735AB0E7175D5B3E19D320627A03CD186DAB10281E18296009F"
Last-Modified: Sat, 03 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Mon, 05 Sep 2022 23:05:13 GMT
Date: Mon, 05 Sep 2022 17:05:38 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wFxJ6bFuNg97OB96mrA3Dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.214.236.46
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SeeDp7zoC3qD3EoniVyMYMtTHaM=

                                        
                                            GET /store/p3/Registration275.html HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Sep 2022 17:05:38 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.whitridgewellness.com language=en; expires=Mon, 19-Sep-2022 17:05:38 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"f90f08ed7bb802cb0cc63d082a050f52-gzip"
Content-Encoding: gzip
X-Host: grn135.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16871
Keep-Alive: timeout=10, max=62
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42204)
Size:   16871
Md5:    c41cfb82fc4b019ab6f0ff008fd6c8e4
Sha1:   7bece46995e802a39f259451afe65e6ca8acf6ad
Sha256: 1aae085bdf6ab676febb4519864362f5053f55a12d7037f1a28e749e69cc8a54
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 09:37:50 GMT
expires: Sun, 03 Sep 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 199668
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            GET /files/theme/MutationObserver.js HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 14:16:26 GMT
x-rgw-object-type: Normal
ETag: W/"e52201e96af18dd02c85eb627c843491"
x-amz-request-id: tx000000000000001cb3a61-00628495b0-b9fbc20-sfo1
X-Storage-Bucket: z3974
X-Storage-Object: 397452d9f6a2ea6a2135b45c9e40139c68ac6661f3bab4413e7299586ccb408a
X-Host: grn70.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   6842
Md5:    a502a64ac17dab318a72b5c6f667e5d6
Sha1:   9b623c5cdc2c288649ff13504131ea2c382e700d
Sha256: b0d53c00940847c4638accf26f204ef4569affa4a686ebcc5d3cc87d1697aa9d
                                        
                                            GET /js/site/commerce-core.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-f57e"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: grn118.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 252861
x-served-by: cache-sjc10059-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 41
x-timer: S1662397539.887144,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17388
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32011)
Size:   17388
Md5:    e32a0ae988b9f1c9de6f0f70bfa0ffbd
Sha1:   c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
Sha256: fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
                                        
                                            GET /js/site/main.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-74804"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: blu133.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 252860
x-served-by: cache-sjc10030-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1662397539.886805,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/site/main-commerce-browse.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-f92d"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: grn49.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 252861
x-served-by: cache-sjc10069-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 39
x-timer: S1662397539.887651,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16977
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Size:   16977
Md5:    15eaf839ff82242f8d02b1f60c073760
Sha1:   ed5886bbb71827073b52523683a95f0a051f8c40
Sha256: c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
                                        
                                            GET /js/site/main-membership-site.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-19348"
expires: Fri, 16 Sep 2022 18:51:51 GMT
cache-control: max-age=1209600
x-host: grn108.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 252827
x-served-by: cache-sjc10039-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 1
x-timer: S1662397539.887464,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 27201
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32007)
Size:   27201
Md5:    bfef4e8e43513f50fec5f5089fecb596
Sha1:   d5d4682830e6b4e411808f3858d00327c4f3f289
Sha256: 5e25e899214cefcbab913246dcaef601475e142ac7d3ffc785f44b991f543fce
                                        
                                            GET /js/lang/en/stl.js?buildTime=1662144649& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:12:14 GMT
etag: "6312477e-2c44e"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: blu9.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 252861
x-served-by: cache-sjc10051-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 99
x-timer: S1662397539.887867,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32802
Md5:    40ee71f2f2de93b9561845efa9a0cbbc
Sha1:   13451e3fb165d1ad524d9863d8344eab4a2fe353
Sha256: 41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
                                        
                                            GET /css/old/fancybox.css?1646063574 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 23 Aug 2022 17:52:20 GMT
etag: "630513d4-f47"
expires: Wed, 07 Sep 2022 12:49:07 GMT
cache-control: max-age=1209600
x-host: grn135.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 1052191
x-served-by: cache-sjc10058-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662397539.920374,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /css/social-icons.css?buildtime=1646063574 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 29 Aug 2022 23:13:51 GMT
etag: W/"630d482f-3319"
expires: Tue, 13 Sep 2022 08:10:09 GMT
cache-control: max-age=1209600
x-host: grn121.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 550529
x-served-by: cache-sjc10049-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662397539.921695,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1639
Md5:    3f04f9b5521931c6dc265ce2cc081c2e
Sha1:   277c7c76bdac30baef3a6fcc67edb36c78c1d206
Sha256: 81b4e500c74df13e12bcc46a896b896f2f81f20a721c52bb5011e547e9666632

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/sites.css?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:15 GMT
etag: W/"631247bb-342c0"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: grn13.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 252860
x-served-by: cache-sjc10060-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 301
x-timer: S1662397539.919080,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29723
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29723
Md5:    47fce46b49e95d7c570a5fa1600f25a7
Sha1:   d927380977eae6001d9734e67ea666b261a520e4
Sha256: c81b992fe5e5b2ab4c92f2dbb28e6755aaf1ff26f8df15b306f1118423fa3785
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/plugins.js HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001ae94c4-006284793b-b9fbc20-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu27.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   15721
Md5:    43e6b0bb6eb6524188831a282f7656d7
Sha1:   44e73fe367fc1fb8efee7eefac557b7d76ef0f44
Sha256: 9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
                                        
                                            GET /files/theme/custom-1.js HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 03 Dec 2021 02:31:47 GMT
x-rgw-object-type: Normal
ETag: W/"beb222c03c3fdd6af710530b7df1c408"
x-amz-request-id: tx000000000000001dfa612-006284a5eb-b9fbc64-sfo1
X-Storage-Bucket: z6fce
X-Storage-Object: 6fceda9df3549c1857609bca8bb9bd132aaef3ec76adeb82b0a62c698cae0011
X-Host: grn32.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   4096
Md5:    7960b13ef773e1c8965d668d5b212834
Sha1:   35f276ab77c975720b8cfa8eeb0ca8cc297725ed
Sha256: 1f897564d4aacb23ab3203c848e47b42417156d404d065c1e81d6c3bca0cccc4
                                        
                                            GET /files/templateArtifacts.js?1646340544 HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu134.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (2943)
Size:   3238
Md5:    42d7de4855289978ab87af4c84606fab
Sha1:   ea27ac7eee05428080b9fad15ebe0db1024b9b58
Sha256: a2a58642519c93a10f937d8a84549395361d8db1239be8bbd67532c57fe28aa9
                                        
                                            GET /files/main_style.css?1646340544 HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu27.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (815)
Size:   7157
Md5:    88f42dd95760a7a3c168d9060964144d
Sha1:   01ea47babab3c3ceeeecc571188dccbaac58449b
Sha256: 44d66d1587f8463289c8034735640bad39e71246e2e91ab4a37928829bf594c0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/dist/lead-form.js HTTP/1.1 
Host: cdn-promote.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/plain; charset=us-ascii
                                        
server: nginx
last-modified: Tue, 10 Aug 2021 11:25:35 GMT
x-rgw-object-type: Normal
etag: W/"f6a6919f92ab898bfbe5a02b5e7f3501"
x-amz-request-id: tx0000000000000016971e0-0061a79618-a9f3e81-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/promote/public/js/dist/lead-form.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
x-w-dc: SFO
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:39 GMT
age: 23962858
x-served-by: cache-sjc10049-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 82, 10
x-timer: S1662397540.520531,VS0,VE0
vary: Accept-Encoding
content-length: 6503
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17913), with no line terminators
Size:   6503
Md5:    9c3ab94faaa8f2d4fa6f0e3bee17560e
Sha1:   5d89b454fabbe779557087727480a1df96378128
Sha256: 7b92ba484a19854e5292895abb0f2367d5666386edf0e66bde8e69fa667779d0
                                        
                                            GET /files/theme/jquery.trend.js HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 3775
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 08:22:06 GMT
x-rgw-object-type: Normal
ETag: "4beccebe0a060b2b2c43de5c2d4512ef"
x-amz-request-id: tx000000000000001b11728-0062847b79-b9fbc20-sfo1
X-Storage-Bucket: z446f
X-Storage-Object: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
X-Host: blu49.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3775
Md5:    4beccebe0a060b2b2c43de5c2d4512ef
Sha1:   250a779dd017877b9f360b264cf072d9e87974ff
Sha256: 446f48f512ecc0b771af3c21a3036de3a1c5740d1e6bdbb61448834326d0c738
                                        
                                            GET /files/theme/jquery.revealer.js HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 2828
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 13:57:33 GMT
x-rgw-object-type: Normal
ETag: "c22ab67199a33d876512504cda4ff55b"
x-amz-request-id: tx000000000000000dccc36-0061a71c42-a9f1ce7-sfo1
X-Storage-Bucket: zc4cd
X-Storage-Object: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2828
Md5:    c22ab67199a33d876512504cda4ff55b
Sha1:   36e96eae4644b6028532974fe5186a072792cb37
Sha256: c4cd233d3d6b0f184e99d5017e521b4c6f9106d3e546864a8ba516189b934311
                                        
                                            GET /s/robotomono/v22/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 16:11:24 GMT
expires: Sat, 02 Sep 2023 16:11:24 GMT
cache-control: public, max-age=31536000
age: 262455
last-modified: Mon, 11 Jul 2022 18:56:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22168, version 1.0\012- data
Size:   22168
Md5:    aecf4656f9d639613cf46bf25e28a08b
Sha1:   b51fb5207f34b7283474875e2493591784c09947
Sha256: f39f934bc7f7b1b4dfa532f4b38dac960a3a7ad6bb9789a412f03bdcb4abd9f5
                                        
                                            GET /files/theme/jquery.pxuMenu.js HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 3697
Connection: keep-alive
Last-Modified: Mon, 25 Apr 2022 13:50:18 GMT
x-rgw-object-type: Normal
ETag: "ac373d716afe4270df40f60417b0f418"
x-amz-request-id: tx000000000000001d7ccea-006284a5f7-b9fbc77-sfo1
X-Storage-Bucket: zf755
X-Storage-Object: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
X-Host: blu49.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   3697
Md5:    ac373d716afe4270df40f60417b0f418
Sha1:   aba148148c771bb66b0b4aeab6eac8eb40352745
Sha256: f75570c56743e8c705cb06f5f1f9b1f8f2cc13119f5e2acda2f3bb8d987de94a
                                        
                                            GET /css/lead-form-container.css HTTP/1.1 
Host: cdn-promote.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Tue, 10 Aug 2021 11:25:36 GMT
x-rgw-object-type: Normal
etag: W/"e1f6bead12a463ee94a92c03c89576b0"
x-amz-request-id: tx000000000000001fedfe4-0062c2ea39-c0351b0-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
x-w-dc: SFO
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:39 GMT
age: 5456426
x-served-by: cache-sjc10053-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 5
x-timer: S1662397540.548675,VS0,VE0
vary: Accept-Encoding
content-length: 2556
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2556
Md5:    f49deb495f5715676201192cc84ca9ca
Sha1:   af807c6d7de4438d59c542b4ad2c0335e9b56ca5
Sha256: e36504ff62d4680d78bd30b6dbd6950d2aa5b0fc5a58d81f833f37bf2c07a102
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1074
Md5:    ace18e02dee893b45af3bfd56f1ec9a8
Sha1:   989c22c9a583070f81b3276861a273b0e49a542a
Sha256: c779057d6f9b7ebc95e507dcb96a0a9e39029aadb9a3306b446223a54d3b3103

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 30 Aug 2022 19:50:08 GMT
etag: "630e69f0-124fe"
expires: Thu, 15 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:39 GMT
age: 376018
x-served-by: cache-sjc10034-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3694
x-timer: S1662397540.638913,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 17:06:27 GMT
expires: Fri, 01 Sep 2023 17:06:27 GMT
cache-control: public, max-age=31536000
age: 345552
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Size:   21248
Md5:    481105857aba99f91faa3cd9a360e8e1
Sha1:   a2d8dcb59555878d359c2bebbc8be6985d26d7d2
Sha256: f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
                                        
                                            GET /css?family=Open+Sans:400italic,700italic,300,400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 17:05:38 GMT
date: Mon, 05 Sep 2022 17:05:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23882
Md5:    c34a5af5c12a5aa0ba6e5c8ca315c4f2
Sha1:   8dc17ec4a9675d222d13d96e46055be36f3b05f5
Sha256: 86c16ee363f6d1fe02e7549357150c6589f6022e267eb6d55abd5aef2790da29
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 518118
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   24124
Md5:    d2aedb796bf18655b6b091dedd1eafc7
Sha1:   f4dc4e02aa89fa6bbd9b873eabadd0a27f36f1cd
Sha256: 2e4855c101501a0e7827b60874956ddf9b115561c5b0c9b14a14d0a3c9418db8

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /uploads/9/7/3/8/97380776/s797357616549992621_p3_i4_w480.jpeg?width=160 HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 4674
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "XrfU/Qn7buGkE7S4xI+wqH8bRReZtqMUbkEohfl8DSM"
Fastly-Io-Info: ifsz=54005 idim=480x640 ifmt=jpeg ofsz=4674 odim=160x213 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx000000000000036215213-0063162c63-bfe27ea-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zca0c
X-Storage-Object: ca0c374a2a224138c3cbf81b8edd282b5215bbf21c220785d0e6c37a571c72c5
Accept-Ranges: bytes
Via: 1.1 varnish
Age: 0
X-Served-By: cache-sjc10072-SJC
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662397540.618290,VS0,VE64
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn29.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 160x213, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   4674
Md5:    afe05464d442b8d801ef112b69c3e70e
Sha1:   7a3252bc9f4e73c8c6a6251ff99c98ac28ec092f
Sha256: 42ffc4c0d756e512a0be3010bece050f3b85ffd92bd7bd5618d68e6941a4fc78
                                        
                                            GET /uploads/9/7/3/8/97380776/s797357616549992621_p3_i6_w720.jpeg?width=160 HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 6000
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "Ba+jeGXZVDiUzHIwQYubL7LCVmBEEisDKJKXkDGpaA0"
Fastly-Io-Info: ifsz=82996 idim=720x960 ifmt=jpeg ofsz=6000 odim=160x213 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx000000000000036215210-0063162c63-bfe27ea-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z3672
X-Storage-Object: 36724af465f107edc9f83ba0dc5708e39a2d2413c3e86a17a201cb645af74f2d
Accept-Ranges: bytes
Via: 1.1 varnish
Age: 0
X-Served-By: cache-sjc10081-SJC
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662397540.613364,VS0,VE83
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu24.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 160x213, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6000
Md5:    ad8c4085973f8ef6deea755f2fe33ac4
Sha1:   fc6e6b818345821d2c0fb5e427543847cb2b1a95
Sha256: bc42393a0c0b875c21948790faf9faf40ba043cc6f8fda5849f0e52948f340a3
                                        
                                            GET /files/theme/images/arrow-light.svg?1646340544 HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/files/main_style.css?1646340544
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: image/svg+xml; charset=us-ascii
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 886
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 04:38:52 GMT
x-rgw-object-type: Normal
ETag: "552eb2e04260fc0733e5633d15c6aeaa"
x-amz-request-id: tx000000000000001e6bc94-006284ad27-b9fbc64-sfo1
X-Storage-Bucket: z705f
X-Storage-Object: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
Content-Disposition: attachment
X-Host: grn70.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   886
Md5:    552eb2e04260fc0733e5633d15c6aeaa
Sha1:   0a9efcc3b0ebabb23a49a00061fd8200eded1613
Sha256: 705ff3240de004523ff9d628b28aad705ad3f0ceb046312495265a4042c67570
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:05:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:05:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:05:39 GMT
Connection: keep-alive

                                        
                                            GET /uploads/9/7/3/8/97380776/s797357616549992621_p3_i5_w480.jpeg?width=160 HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 6062
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "MJWdzkWqRsgwpWLv0oTCu80jls0Q36nyCnzs99uxhI0"
Fastly-Io-Info: ifsz=58704 idim=480x640 ifmt=jpeg ofsz=6062 odim=160x213 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx0000000000000362a526a-0063162c63-c0351c8-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zac1d
X-Storage-Object: ac1df044f6f709ccf476037f98536ef91ff8889c4d8c65047f71ea7e71b26bd1
Accept-Ranges: bytes
Via: 1.1 varnish
Age: 0
X-Served-By: cache-sjc10080-SJC
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1662397540.616194,VS0,VE161
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn70.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 160x213, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6062
Md5:    b910bb00e5a15bff0baafffe7a4f9155
Sha1:   c87c58294df27ea44f8334842b94b866db43e3b4
Sha256: 509231b53dfc741be3ab1252e6217b3eaf97b6e9205e8573eae6bca9a11b8842
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 17:05:39 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 69611
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10770
Md5:    5231760bb81282416f2bd27a4261099e
Sha1:   e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9
Sha256: e0762821086503aef75013b60a4e340d6fbf9b1006fc7f8b4e079440afce8c67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VgP7BDBmd5A5bAmRgO88geep419uZ0TQop4jEmRkx-q9rX4PUJZOCQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:16:55 GMT
age: 67724
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7830
Md5:    290f6551c5ac539ea60810b135750f17
Sha1:   3633391a8dd87ef10fcb0d04d7b309738affc4a7
Sha256: d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GuATNx2xnWnEl0cr_2ZWZo_jOWbHlSBYksIeHFDoHAK9o5Tf0PPliQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:29 GMT
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
age: 68530
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8469
Md5:    30bf854fd3e27e2313a3d26fc43b9990
Sha1:   032acf1bfb0c8e2cbce8f2ff4d2964424b044951
Sha256: 7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb02d6c5a-0de9-46ef-a520-7d4abc462665.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6843
x-amzn-requestid: ca7fff53-2e11-4d32-8c00-addf87fecba9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3PB1FyboAMF7ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c53e-1e9f1fc57216b33d7cc1b78b;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:08:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OqDFOsh7vOOtmz4bKY62Elo78qWXwkwqlIkdxKdoUA09A8QETuLP4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:28:16 GMT
age: 49043
etag: "7d7f746dcffaad1043ada767d129398def8afefb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6843
Md5:    06b22b568dc9be561f921f9f4d768b81
Sha1:   7d7f746dcffaad1043ada767d129398def8afefb
Sha256: 801a8e02377a4cc97793dea161f7171e371bcb65575a18c0b2a732af8d754acb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4260
x-amzn-requestid: 024510ab-0cb7-421e-805b-fa54501d1e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpjFQGPVIAMFytQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d4bbb-4492cd20474c37337f8a5521;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 23:28:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Wk8myA4exuK32he7TlFoJtvtqHb0WcDhvSuo6-aN0dMcxIr7cDkU5Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:04:04 GMT
age: 68495
etag: "21f33eca6863c382c216c16799d1bea83e40fbd9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4260
Md5:    7877df05329f39350f4907a067f5840e
Sha1:   21f33eca6863c382c216c16799d1bea83e40fbd9
Sha256: 94b943383bbd05d11ac0f9c3672e315c9cfaa5cb2299c3779195f08491969fa8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XY2liZJvZjSSNT0u90GlCn3HGPxVaYO4xztkeALLJOTRRwruDELcvg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:48:06 GMT
age: 69453
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 678
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 17:05:39 GMT
Last-Modified: Mon, 05 Sep 2022 16:54:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 678
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 17:05:39 GMT
Last-Modified: Mon, 05 Sep 2022 16:54:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /uploads/9/7/3/8/97380776/s797357616549992621_p3_i4_w480.jpeg HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:39 GMT
Content-Length: 54005
Connection: keep-alive
Last-Modified: Thu, 11 Nov 2021 23:28:47 GMT
x-rgw-object-type: Normal
ETag: "938f4daf1d1c53aba232ad3ad85a26cd"
x-amz-request-id: tx00000000000003621520e-0063162c63-bfe27ea-sfo1
X-Storage-Bucket: zca0c
X-Storage-Object: ca0c374a2a224138c3cbf81b8edd282b5215bbf21c220785d0e6c37a571c72c5
X-Host: blu27.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x640, components 3\012- data
Size:   54005
Md5:    938f4daf1d1c53aba232ad3ad85a26cd
Sha1:   b5f8cacf8d83584bbb364f19dbe0407e078f00f0
Sha256: ca0c374a2a224138c3cbf81b8edd282b5215bbf21c220785d0e6c37a571c72c5
                                        
                                            GET /images/blank.gif HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: image/gif
                                        
x-guploader-uploadid: ADPycduKZ_kFfNBpoD5fME2PaWE7UyZ4ohtgMS1mdcJa_E8QIorhqbEqBUCe54XuR9OZIrdCwT7ZExnWwZOlaezz9zTc-w
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 02 Sep 2022 01:55:11 GMT
last-modified: Thu, 25 May 2017 17:16:27 GMT
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-goog-generation: 1495732587263081
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:40 GMT
via: 1.1 varnish
age: 51943
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662397540.184032,VS0,VE1
access-control-allow-origin: *
content-length: 43
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    fc94fb0c3ed8a8f909dbc7630a0987ff
Sha1:   56d45f8a17f5078a20af9962c992ca4678450765
Sha256: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 17:05:40 GMT
Last-Modified: Mon, 05 Sep 2022 15:16:34 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Uf2-oeqwxfv87qhiT1E4CC5D49o8RhUW5ogaPEyUlLtRy6lsWn-ipQ==
Age: 6546

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 17:05:40 GMT
Last-Modified: Mon, 05 Sep 2022 15:33:22 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qVRhq0zoNpfhYHF8IrK51DB1OVxuY7GE3ABGTj55kTVkqpuulPMaKw==
Age: 5538

                                        
                                            OPTIONS /leadForm/8e22e0c6-1232-471e-af34-7cf80ab37c3c HTTP/1.1 
Host: promote.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://www.whitridgewellness.com/
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.106
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 05 Sep 2022 17:05:40 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: accept, content-type, x-xsrf-token, x-csrf-token, x-requested-with
P3P: CP: IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
X-Orchestra:
X-Conductor:
X-Host: blu133.sf2p.intern.weebly.net
X-Revision: 0116df8d875b50b7bdb676284700d5b90355a9bc
X-Request-ID: bd8d386eebb3fa28249800b8235481d2
Content-Encoding: gzip
X-W-DC: SFO

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.8
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 05 Sep 2022 16:29:20 GMT
expires: Mon, 05 Sep 2022 18:29:20 GMT
cache-control: public, max-age=7200
age: 2180
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.whitridgewellness.com/
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.82.13.103
HTTP/2 200 OK
                                        
date: Mon, 05 Sep 2022 17:05:40 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.whitridgewellness.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:05:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /leadForm/8e22e0c6-1232-471e-af34-7cf80ab37c3c HTTP/1.1 
Host: promote.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.106
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 05 Sep 2022 17:05:40 GMT
Access-Control-Allow-Origin: *
P3P: CP: IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
X-Orchestra:
X-Conductor:
X-Host: blu133.sf2p.intern.weebly.net
X-Revision: 0116df8d875b50b7bdb676284700d5b90355a9bc
X-Request-ID: acab6728c8af65681fe16c2f18c8f678
Content-Encoding: gzip
X-W-DC: SFO


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2733), with no line terminators
Size:   1121
Md5:    7e957db4fd7c5e14ff9d89124beee6ee
Sha1:   3aad63d73240ec5b534459849cc63e2e683c70a5
Sha256: d257e654194489e0d9792061dda82d926c0dca6e26b8e2b079688beef5976595
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en; _snow_ses.a569=*; _snow_id.a569=90c1e501-2346-477a-a3e3-435122448273.1662397535.1.1662397535.1662397535.d4c69dd4-b473-415f-a607-09c0385f51c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:05:40 GMT
Content-Length: 16958
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 04:34:45 GMT
x-rgw-object-type: Normal
ETag: "b7de8df973435cbb408790fe765910e1"
x-amz-request-id: tx000000000000036ab6525-0063162c64-bfe36ba-sfo1
X-Storage-Bucket: z06a8
X-Storage-Object: 06a80b505380e8cd5b1417395a94b946d5bdffffec317c116ef2229ff29ddf20
X-Host: blu14.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Size:   16958
Md5:    b7de8df973435cbb408790fe765910e1
Sha1:   a0854ba5fa3904262bab2ff8e71b43b9064de3dd
Sha256: 06a80b505380e8cd5b1417395a94b946d5bdffffec317c116ef2229ff29ddf20
                                        
                                            POST /ajax/api/JsonRPC/Membership/?Membership[Member::get_session_details] HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 75
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en; _snow_ses.a569=*; _snow_id.a569=90c1e501-2346-477a-a3e3-435122448273.1662397535.1.1662397535.1662397535.d4c69dd4-b473-415f-a607-09c0385f51c7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Mon, 05 Sep 2022 17:05:40 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: site_session=63162c647bf6d1.94321762; path=/ language=en; expires=Mon, 19-Sep-2022 17:05:40 GMT; Max-Age=1209600; path=/
X-Host: blu120.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 273
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   273
Md5:    28112993b1884f5de2e66ec6c699d4c9
Sha1:   e54316e1a8cf23b394155a7059c171eb484f2812
Sha256: 0aafd16d561e3081adb46877714000a5b6cde10bdf380a678c9a3af0a3c58267
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en; _snow_ses.a569=*; _snow_id.a569=90c1e501-2346-477a-a3e3-435122448273.1662397535.1.1662397535.1662397535.d4c69dd4-b473-415f-a607-09c0385f51c7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Mon, 05 Sep 2022 17:05:40 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu70.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2730
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (2730), with no line terminators
Size:   2730
Md5:    d078108ffca7a43aa1cc553b52839055
Sha1:   1cb860ddb2ae72ff3df299ad00ab6207f248f4a0
Sha256: bf31b344832a9b09ed988b2e89f09de8b373e26a11612c6e4d75aed99b73bbf1
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.whitridgewellness.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://www.whitridgewellness.com/store/p3/Registration275.html
Cookie: is_mobile=0; language=en; _snow_ses.a569=*; _snow_id.a569=90c1e501-2346-477a-a3e3-435122448273.1662397535.1.1662397535.1662397535.d4c69dd4-b473-415f-a607-09c0385f51c7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.76
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Mon, 05 Sep 2022 17:05:40 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu125.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=56
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1824
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.82.13.103
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Mon, 05 Sep 2022 17:05:40 GMT
content-length: 2
server: nginx
set-cookie: sp=d0184f3c-5ba6-4ba7-b7f3-02ccfd36f38a; Expires=Tue, 05 Sep 2023 17:05:40 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.whitridgewellness.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2704
Origin: https://www.whitridgewellness.com
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Cookie: sp=d0184f3c-5ba6-4ba7-b7f3-02ccfd36f38a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.82.13.103
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Mon, 05 Sep 2022 17:05:40 GMT
content-length: 2
server: nginx
set-cookie: sp=d0184f3c-5ba6-4ba7-b7f3-02ccfd36f38a; Expires=Tue, 05 Sep 2023 17:05:40 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.whitridgewellness.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /leadForm?form_id=8e22e0c6-1232-471e-af34-7cf80ab37c3c HTTP/1.1 
Host: promote.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.106
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 05 Sep 2022 17:05:41 GMT
P3P: CP: IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT
X-Orchestra:
X-Conductor:
X-Host: grn79.sf2p.intern.weebly.net
X-Revision: 0116df8d875b50b7bdb676284700d5b90355a9bc
X-Request-ID: a753f1b15e37f70e481366603bef51d6
Content-Encoding: gzip
X-W-DC: SFO


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2757)
Size:   2241
Md5:    21bac4e077e08f757fb1f1016f26b11f
Sha1:   14168ac5fc2824500a8c8f2234a022f169518dc6
Sha256: b1f23fafcc6679661ae5a163628459301c589ca830dd218c524f01a2c94f4a37
                                        
                                            GET /app/marketing/css/lead-form-df3d3424b4.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promote.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Thu, 03 Jun 2021 21:18:21 GMT
x-rgw-object-type: Normal
etag: W/"df3d3424b4d5161e5a3be9cbe0ec0941"
x-amz-request-id: tx00000000000004c6daa89-006226675c-a9f3e81-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:41 GMT
via: 1.1 varnish
age: 2388178
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1662397541.287734,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17606
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (385)
Size:   17606
Md5:    506d26d5922890930f52027886eab3b5
Sha1:   03e5fbff2b5b95614ecf3d6978dfd3a81626cf71
Sha256: e5d007a2c5867e00ceef51cc1b62f02563f078d8fc9bff985ff478992c40e899
                                        
                                            GET /app/marketing/css/ui-framework-7e6dd7c254.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promote.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Mar 2022 15:44:22 GMT
x-rgw-object-type: Normal
etag: W/"7e6dd7c254dbe3ea42ae5e892c284332"
x-amz-request-id: tx00000000000002466790c-0062fb1294-bfe27ea-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:41 GMT
via: 1.1 varnish
age: 1776081
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1662397541.287621,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 43648
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   43648
Md5:    9e80d55e8ce9c238f4d63b585a6ddae6
Sha1:   048fecad867e74b5dcead86cf0784415721661a1
Sha256: 4a061e1a185718747ea1a526204bf9b478eed9e1ba9b513f6c90b9c785e50d2c
                                        
                                            GET /app/marketing/js/vendor/modernizr/modernizr.js?0116df8d875b50b7bdb676284700d5b90355a9bc HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promote.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Thu, 03 Jun 2021 21:19:58 GMT
x-rgw-object-type: Normal
etag: W/"69e63efc1a79bf2cd6d1d42e43c5ce5a"
x-amz-request-id: tx00000000000001fd72247-0062b386d7-b9fbc7f-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/promote/public/js/vendor/modernizr/modernizr.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:41 GMT
via: 1.1 varnish
age: 433557
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1662397541.287961,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16668
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text
Size:   16668
Md5:    489af6693af36825893f3fa8501fb0dc
Sha1:   2b36d9a48df4e820ce5b02c57d50ebfcd8be5b86
Sha256: 11ddf911af5b05bac5e9057791544e60e8d21933d31844e8a016f72e2bcb1abc
                                        
                                            GET /app/marketing/js/dist/common.bundle.29bc818f43b935ef4c7b.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promote.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Fri, 08 Oct 2021 03:51:55 GMT
x-rgw-object-type: Normal
etag: W/"b55861c6b9c95c35920c26ab30f9536d"
x-amz-request-id: tx00000000000004ce56ad4-0062263469-a9f41e7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/promote/public/js/dist/common.bundle.29bc818f43b935ef4c7b.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:41 GMT
via: 1.1 varnish
age: 1772346
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 16139
x-timer: S1662397541.288539,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 321666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   321666
Md5:    afddea890f38da72c1b19f6e9816e545
Sha1:   e076e043d7fbcaa7ac9af02b9aa8e7d29309f4d3
Sha256: 6abf0f2cb5213ab74e15880710ffbc4bbc07a7f40ab87c1c10f0826619be1136
                                        
                                            GET /app/marketing/js/dist/leadform.en.5b674bca63e92ec8c5db.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promote.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 18:12:30 GMT
x-rgw-object-type: Normal
etag: W/"179c852e9874e61303342e39cd29ab5d"
x-amz-request-id: tx00000000000002cb41720-006307bd71-bfe27ea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/promote/public/js/dist/leadform.en.5b674bca63e92ec8c5db.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:41 GMT
via: 1.1 varnish
age: 945493
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662397541.289273,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 46424
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65465)
Size:   46424
Md5:    ee6e8ce3bbb11601b91fba109b6118e4
Sha1:   f4b3e96187e691d821d609c841b5ee6325bb21a4
Sha256: 3bb2a1191ede558a3168247a0d93dc7d5371fb6d7fa695bfd8c4ead816f1a705
                                        
                                            GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 17:05:39 GMT
date: Mon, 05 Sep 2022 17:05:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-82592"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: blu119.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 252860
x-served-by: cache-sjc10061-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662397539.888019,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 159023
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/lang/en/stl.js?buildTime=1646063574& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 22 Aug 2022 20:42:23 GMT
etag: "6303ea2f-2c44e"
expires: Tue, 06 Sep 2022 09:19:41 GMT
cache-control: max-age=1209600
x-host: blu42.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Sep 2022 17:05:38 GMT
age: 1151157
x-served-by: cache-sjc10076-SJC, cache-bma1649-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1662397539.893631,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Karla:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 17:05:38 GMT
date: Mon, 05 Sep 2022 17:05:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Karla:400,700|Oswald:700|Roboto+Mono:400,400i,700,700i HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.whitridgewellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 17:05:38 GMT
date: Mon, 05 Sep 2022 17:05:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---