r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12953
Expires: Sun, 05 Mar 2023 12:16:12 GMT
Date: Sun, 05 Mar 2023 08:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash edf4102b9efce8261382541ecd721da5
23a30610ea113c9f93b0ce302ce3df010bd56f05
88c132ab9697f01e979e74208e0ae12ec410c26b7a79f0cead4f9c8f86d12fda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88C132AB9697F01E979E74208E0AE12EC410C26B7A79F0CEAD4F9C8F86D12FDA"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10833
Expires: Sun, 05 Mar 2023 11:40:52 GMT
Date: Sun, 05 Mar 2023 08:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d2383d0b67af7368d8e13a3013f4065a
cdf951e84f87d010cf40b76f7b91e82ad17f374f
5463c186f7f30f83be61e91a980c749b70089e48b234d73a6e7eeb179cfd7ee9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5463C186F7F30F83BE61E91A980C749B70089E48B234D73A6E7EEB179CFD7EE9"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15438
Expires: Sun, 05 Mar 2023 12:57:37 GMT
Date: Sun, 05 Mar 2023 08:40:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Mar 2023 08:13:13 GMT
content-type: application/json
age: 1626
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dKrI7cWcmrsGBltduZnXDFJhCAfBc/w3L2SAhAPG/nU1u9DDEZ8lirCHBu8ADdV71T2VjXO+TO4=
x-amz-request-id: 9RZ7BMYKFBERFZ2F
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Mar 2023 08:16:38 GMT
age: 1421
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Mar 2023 08:40:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sfr-client.weebly.com/
199.34.228.54301 Moved Permanently 366 B IP 199.34.228.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 393b0363c51e45035880fd775ad47fa3
31432d32dbcf8045c813e0b3ab8737b3758ddf5e
f92e357e01fb43c0190df57bc45596a0e718f5cd9638b8ba70dc2778d86a4e07
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
fortinet Phishing
GET / HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Mar 2023 08:40:19 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=sfr-client.weebly.com
Vary: X-W-SSL,User-Agent
Location: https://sfr-client.weebly.com/
X-Host: grn110.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 366
Keep-Alive: timeout=10, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Mar 2023 08:12:29 GMT
age: 1671
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ed5f6330c043e318166527eb56a9f97c
73a8ff337fb6da5cd6dd1f25ae7c47b7013bd146
a729db2100596281087c28da4e6f57f7a2905a3ba7eca29b15ed679f93b4d4ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 88040
Cache-Control: max-age=159129
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:20 GMT
Etag: "6402c825-1d7"
Expires: Tue, 07 Mar 2023 04:52:29 GMT
Last-Modified: Sat, 04 Mar 2023 04:25:09 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e44d064b81b73efe46cc420f8ae34410
229b99f9754fdce4f543513a0942ba63f67dc057
69b84b87493304be0456180f60ddf01f51a96fffa86fe8dddc8dd920fb262f06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69B84B87493304BE0456180F60DDF01F51A96FFFA86FE8DDDC8DD920FB262F06"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12902
Expires: Sun, 05 Mar 2023 12:15:22 GMT
Date: Sun, 05 Mar 2023 08:40:20 GMT
Connection: keep-alive
sfr-client.weebly.com/
199.34.228.54200 OK 6.7 kB IP 199.34.228.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1350), with CRLF, LF line terminators
Hash 3ced28256e2d108de86efa371ce14e03
006d6890c15cbd90bbe2362e9670f01762922aee
62569e3aae2258698ff6654adbdbfa25706fbad6642ebc198d2015065531fb71
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
fortinet Phishing
GET / HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 08:40:20 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=sfr-client.weebly.com
language=en; expires=Sun, 19-Mar-2023 08:40:20 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"686d6c1fe499784151b1b13b70a238bb-gzip"
Content-Encoding: gzip
X-Host: grn56.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 6692
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UHnKu1iKOxITrrQtjyb+xQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZdE6Pddn74a0BsGrq6rupaRzKZg=
cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1677879501
151.101.193.46200 OK 1.4 kB URL HTTP/2 cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1677879501
IP 151.101.193.46:0
File type ASCII text, with very long lines (3600), with no line terminators
Hash 121a5b9688d8e70ee7bb06cc79491f76
3a28220baa7d8879270c8311bed7dddefa7e43e9
181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
GET /js/site/footerSignup.js?buildTime=1677879501 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 03 Mar 2023 21:12:05 GMT
etag: "640262a5-e10"
expires: Fri, 17 Mar 2023 21:40:51 GMT
cache-control: max-age=1209600
x-host: blu94.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:20 GMT
age: 125969
x-served-by: cache-sjc10041-SJC, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 55, 256
x-timer: S1678005621.849497,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
151.101.193.46200 OK 9.7 kB URL HTTP/2 cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP 151.101.193.46:0
File type PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Hash 6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdujQNpHaXULXK5hWOudOsrFbrCOJBmkXkf6lNHnzHxB1q3PphW4yFVZQbxms7rfGEwEu0IdDaAyLbpAPqDN6NvCrqCgiKDD
cache-control: public, max-age=86400, s-maxage=259200
expires: Thu, 06 Oct 2022 22:59:09 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
content-type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:20 GMT
via: 1.1 varnish
age: 207154
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 707
x-timer: S1678005621.851141,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6da779acb12dfc1041cbaf3a5c1f5ff3
4f1749a2339a8af009b5b02bb427071ef06bd5f3
45407bbfb8b7ec7d6459716c907161aca7f563ecbff0812b2687e00181c1b425
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1633968478
151.101.193.46200 OK 159 kB URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1633968478
IP 151.101.193.46:0
File type ASCII text, with very long lines (32007)
Size 159 kB (158939 bytes)
Hash a37c49a899f5bdffb83845807fb2eb12
c78a51cd35cbc54cfeadd9c7edd24e523a62ab23
e7d5d644d6d55333a7bdbef73944899b2a834c89b8811779d684359360cba9e2
GET /js/site/main-customer-accounts-site.js?buildTime=1633968478 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 22 Feb 2023 23:48:00 GMT
etag: "63f6a9b0-82537"
expires: Thu, 09 Mar 2023 05:41:36 GMT
cache-control: max-age=1209600
x-host: grn90.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:20 GMT
age: 874725
x-served-by: cache-sjc10071-SJC, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 277, 1
x-timer: S1678005621.849718,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158939
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1599154363
151.101.193.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1599154363
IP 151.101.193.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1599154363 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 21 Feb 2023 20:40:27 GMT
etag: "63f52c3b-f47"
expires: Wed, 08 Mar 2023 08:38:59 GMT
cache-control: max-age=1209600
x-host: blu80.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:20 GMT
age: 950481
x-served-by: cache-sjc10059-SJC, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 65, 1
x-timer: S1678005621.866892,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6da779acb12dfc1041cbaf3a5c1f5ff3
4f1749a2339a8af009b5b02bb427071ef06bd5f3
45407bbfb8b7ec7d6459716c907161aca7f563ecbff0812b2687e00181c1b425
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/css/social-icons.css?buildtime=1599154363
151.101.193.46200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1599154363
IP 151.101.193.46:0
File type ASCII text, with very long lines (13080)
Hash d9230c6a0edb34789e98e9864a965bd6
1a966e6f36218d11cc3e49834039ccece07228c4
029d5bbd088722fca97062874624c637e2676a9d1cb4a461662fb612dc40cdaf
GET /css/social-icons.css?buildtime=1599154363 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 27 Feb 2023 18:53:04 GMT
etag: W/"63fcfc10-3319"
expires: Tue, 14 Mar 2023 09:08:48 GMT
cache-control: max-age=1209600
x-host: grn47.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:20 GMT
age: 430292
x-served-by: cache-sjc10053-SJC, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 53, 1
x-timer: S1678005621.867186,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1638
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1633968478
151.101.193.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1633968478
IP 151.101.193.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 29c20b995313a7d26dca333c33383d9f
46af545a03a3f9739a9e284e46420a8fae692c98
028e76db03ee4ec81d6f5cd961b0006251a51b088d3a7d03ebc87be3fc7303f8
GET /css/sites.css?buildTime=1633968478 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 27 Feb 2023 18:53:04 GMT
etag: W/"63fcfc10-337f6"
expires: Tue, 14 Mar 2023 07:54:43 GMT
cache-control: max-age=1209600
x-host: grn116.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:20 GMT
age: 434738
x-served-by: cache-sjc10049-SJC, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 37, 1
x-timer: S1678005621.861031,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29663
X-Firefox-Spdy: h2
sfr-client.weebly.com/files/main_style.css?1599230657
199.34.228.54200 OK 6.6 kB URL HTTP/1.1 sfr-client.weebly.com/files/main_style.css?1599230657
IP 199.34.228.54:0
File type ASCII text, with very long lines (670)
Hash 4001b12bea20f0bb2cbd48e30cbfa3f1
a9c92db7caed52ba94bda413965d8bc10104aef1
7281b3a2444e2d6037a9a772dc33052f1ef159802d7358cdf0e1f2ada19423dd
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
fortinet Phishing
GET /files/main_style.css?1599230657 HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu61.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6da779acb12dfc1041cbaf3a5c1f5ff3
4f1749a2339a8af009b5b02bb427071ef06bd5f3
45407bbfb8b7ec7d6459716c907161aca7f563ecbff0812b2687e00181c1b425
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
151.101.66.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 151.101.66.133:0
Hash e14424c54588353d98a816df52ed94a8
5bcbf7d5168266934051d92ea62c08fc2bdba888
32ea5ddfeb112728a53c468accc490ccfccc238b0ec3c3f3ad7e7db8ec6b647c
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "EAB1ACE881A8BAD73D60D39690F8AF770A4ACA8B"
Expires: Sun, 05 Mar 2023 20:00:00 UTC
Last-Modified: Sun, 05 Mar 2023 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sun, 05 Mar 2023 08:40:20 GMT
Via: 1.1 varnish
Age: 1661
X-Served-By: cache-bma1635-BMA
X-Cache: HIT
X-Cache-Hits: 2
X-Timer: S1678005621.975107,VS0,VE0
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Mar 2023 09:56:12 GMT
expires: Sun, 03 Mar 2024 09:56:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 81848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6da779acb12dfc1041cbaf3a5c1f5ff3
4f1749a2339a8af009b5b02bb427071ef06bd5f3
45407bbfb8b7ec7d6459716c907161aca7f563ecbff0812b2687e00181c1b425
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/lang/fr_CA/stl.js?buildTime=1633968478&
151.101.193.46200 OK 36 kB URL HTTP/2 cdn2.editmysite.com/js/lang/fr_CA/stl.js?buildTime=1633968478&
IP 151.101.193.46:0
File type Unicode text, UTF-8 text, with very long lines (64436)
Hash 7b7c60adc5d9931754677f81e0a1221f
dbf8af29177c5cf33aaf7e22685a091712bf2e30
8709785b844706998d14ffd713e78151c2fd3d1ae50a27aa614ebf60e887128c
GET /js/lang/fr_CA/stl.js?buildTime=1633968478& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 28 Feb 2023 19:50:28 GMT
etag: "63fe5b04-2efda"
expires: Wed, 15 Mar 2023 09:33:25 GMT
cache-control: max-age=1209600
x-host: blu10.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:21 GMT
age: 342415
x-served-by: cache-sjc10037-SJC, cache-bma1644-BMA
x-cache: HIT, MISS
x-cache-hits: 29, 0
x-timer: S1678005621.849262,VS0,VE164
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 36286
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/fr/stl.js?buildTime=1599154363&
151.101.193.46404 Not Found 146 B URL HTTP/2 cdn2.editmysite.com/js/lang/fr/stl.js?buildTime=1599154363&
IP 151.101.193.46:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /js/lang/fr/stl.js?buildTime=1599154363& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
content-type: text/html
x-host: grn127.sf2p.intern.weebly.net
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 05 Mar 2023 08:40:21 GMT
x-served-by: cache-sjc10071-SJC, cache-bma1644-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1678005621.855476,VS0,VE172
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146
X-Firefox-Spdy: h2
sfr-client.weebly.com/files/theme/custom.js?1570137717
199.34.228.54200 OK 1.8 kB URL HTTP/1.1 sfr-client.weebly.com/files/theme/custom.js?1570137717
IP 199.34.228.54:0
Hash 17da665a1a7e21ed9787d7251b707343
a69b47d92bb45f5305e4325ef2782a0132d51c73
4958b591154a835ddda0838cde60113f9d438d0eedd71712c85044f68c806c90
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
fortinet Phishing
GET /files/theme/custom.js?1570137717 HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 17 May 2022 17:39:40 GMT
x-rgw-object-type: Normal
ETag: W/"a8cdf2852674b9b682c1be61454a75a0"
x-amz-request-id: tx000000000000001b971a1-0062847c6e-b9fbc29-sfo1
X-Storage-Bucket: z4e2f
X-Storage-Object: 4e2f6074e5a0daab0f207bd3b9fc89b10a5383c373bfc8c54fe5dabfd48f240e
X-Host: blu64.sf2p.intern.weebly.net
Content-Encoding: gzip
sfr-client.weebly.com/files/templateArtifacts.js?1599230657
199.34.228.54200 OK 1.6 kB URL HTTP/1.1 sfr-client.weebly.com/files/templateArtifacts.js?1599230657
IP 199.34.228.54:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
fortinet Phishing
GET /files/templateArtifacts.js?1599230657 HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:21 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn27.sf2p.intern.weebly.net
Content-Encoding: gzip
sfr-client.weebly.com/files/theme/plugins.js?1570137717
199.34.228.54200 OK 16 kB URL HTTP/1.1 sfr-client.weebly.com/files/theme/plugins.js?1570137717
IP 199.34.228.54:0
Hash 43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
GET /files/theme/plugins.js?1570137717 HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b40535-0062847a75-b9fbc64-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: grn42.sf2p.intern.weebly.net
Content-Encoding: gzip
sfr-client.weebly.com/uploads/1/3/3/6/133678280/t-l-chargement_orig.jpg
199.34.228.54200 OK 6.6 kB URL HTTP/1.1 sfr-client.weebly.com/uploads/1/3/3/6/133678280/t-l-chargement_orig.jpg
IP 199.34.228.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Hash 01279b4dff3b81e1c63a99ba4d85693f
9e434c4680c9f99cd8906486a69743a1c660561f
e3a06fa174db3d32a5eaa0bce219fdfe42af6bf8aa3c64a4cffa8694bd5cf259
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
GET /uploads/1/3/3/6/133678280/t-l-chargement_orig.jpg HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:21 GMT
Content-Type: image/jpeg
Content-Length: 6588
Connection: keep-alive
Last-Modified: Tue, 26 Mar 2019 23:43:11 GMT
x-rgw-object-type: Normal
ETag: "01279b4dff3b81e1c63a99ba4d85693f"
x-amz-request-id: tx00000000000006e6c7846-0063df0163-c696eea-sfo1
X-Storage-Bucket: ze3a0
X-Storage-Object: e3a06fa174db3d32a5eaa0bce219fdfe42af6bf8aa3c64a4cffa8694bd5cf259
X-Host: grn46.sf2p.intern.weebly.net
Accept-Ranges: bytes
sfr-client.weebly.com/uploads/1/3/3/6/133678280/t-l-chargement.jpg
199.34.228.54200 OK 6.6 kB URL HTTP/1.1 sfr-client.weebly.com/uploads/1/3/3/6/133678280/t-l-chargement.jpg
IP 199.34.228.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Hash 01279b4dff3b81e1c63a99ba4d85693f
9e434c4680c9f99cd8906486a69743a1c660561f
e3a06fa174db3d32a5eaa0bce219fdfe42af6bf8aa3c64a4cffa8694bd5cf259
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
GET /uploads/1/3/3/6/133678280/t-l-chargement.jpg HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:21 GMT
Content-Type: image/jpeg
Content-Length: 6588
Connection: keep-alive
Last-Modified: Tue, 26 Mar 2019 23:43:11 GMT
x-rgw-object-type: Normal
ETag: "01279b4dff3b81e1c63a99ba4d85693f"
x-amz-request-id: tx000000000000073a22130-0063e7754b-c695612-sfo1
X-Storage-Bucket: ze3a0
X-Storage-Object: e3a06fa174db3d32a5eaa0bce219fdfe42af6bf8aa3c64a4cffa8694bd5cf259
X-Host: blu81.sf2p.intern.weebly.net
Accept-Ranges: bytes
use.typekit.net/nxe1ajf.js
23.36.76.186200 OK 6.7 kB URL HTTP/2 use.typekit.net/nxe1ajf.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 9189ca8b387979d5f2feeae6aad5ee64
938a8a1410b1927887df90e08aca8f587fb82fec
0429adbc18a19bede29b164f41a4ab37e2193bb45ec37471cc361c3292536f28
GET /nxe1ajf.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6739
date: Sun, 05 Mar 2023 08:40:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bba672a94dfc9e79665ea44b23f9c19b
2458a0439e4567374f0475945def58c7da12660c
baebcf0e9740e2dde753635e7d46c61eb293957c0497a75d56cabf6af212ddb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
142.250.74.74200 OK 992 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
IP 142.250.74.74:0
Hash 860fc410cc80300e5fb1fa0fe098f020
299db810d3faf9bfd527ebfa0d6e96d519ce4ed6
864fd9b74f3ae46da8690de655b22b5559773e2d7ac37ff57da2368f286299e3
GET /css?family=Montserrat:400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Mar 2023 08:40:20 GMT
date: Sun, 05 Mar 2023 08:40:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bba672a94dfc9e79665ea44b23f9c19b
2458a0439e4567374f0475945def58c7da12660c
baebcf0e9740e2dde753635e7d46c61eb293957c0497a75d56cabf6af212ddb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?_=1678005621845
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1678005621845
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash b7a83b95075ffc461accfebe3f5ae0d8
23c7d59dbb1fe2f6a19f437bb4ee8b40de681200
c9b3fdaaa3a280ccf7519fc927ef5b74e432cda963d812b921d94575c0f1cc3d
GET /recaptcha/api.js?_=1678005621845 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 05 Mar 2023 08:40:21 GMT
date: Sun, 05 Mar 2023 08:40:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
23.36.76.186200 OK 29 kB URL HTTP/2 use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 29052, version 1.0\012- data
Hash 3437e060c8710bccafd202e3da9a25dc
8e1bbee3d09332165b23156a05b43641f8d9f913
0656089e2e797a739897875d68a79ca62256a3c76ab3f4c31cb2f363cd778fee
GET /af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29052
etag: "a6e56bc1473094b110819c4cfa4169b4a97bd255"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 05 Mar 2023 08:40:21 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data
Hash 6c288957e1ea69636d76b434a53c65ef
b8e0e2074136f3b167567d532312cc0f838bdf5f
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc
GET /af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26888
etag: "49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 05 Mar 2023 08:40:21 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
23.36.76.186200 OK 27 kB URL HTTP/2 use.typekit.net/af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26568, version 1.0\012- data
Hash 69d7f21af427ec644440343c1bcd0606
186c5445f00e61e82a73ce3207965ce28c410f72
2a1074cd5044c672760ad745fdbbd125381d63a86f5380b57a1dd28ad0da0d75
GET /af/32d3ee/0000000000000000000132e0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26568
etag: "c11943bfe7851ce643a829e2f815ebf55030b555"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 05 Mar 2023 08:40:21 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3
23.36.76.186200 OK 28 kB URL HTTP/2 use.typekit.net/af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27788, version 1.0\012- data
Hash ccc7b72fb1a80abb8cbafa94de34a554
0c68982548e2af3c6d6e8c49128be51e3f5dd0d1
3d25e0efebb8648cd1fcb31872cf5200c2e577259ad589b6e802bb1d95d03efe
GET /af/099730/0000000000000000000132e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27788
etag: "d76106a15ff619ce03b2c3ca28b4559b159b1b63"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 05 Mar 2023 08:40:21 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Sun, 05 Mar 2023 10:30:03 GMT
Date: Sun, 05 Mar 2023 08:40:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Sun, 05 Mar 2023 10:30:03 GMT
Date: Sun, 05 Mar 2023 08:40:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Sun, 05 Mar 2023 10:30:03 GMT
Date: Sun, 05 Mar 2023 08:40:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 180ddc8b6a8499123feedc5fa6c2ddeb
c2e4086345f937e01d139408a22e7186643c247f
41a9d9eb5b2b6e75d941f1ee8332e6d971beff7cafbebe2cf6e717daf4c2763b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9efde266-ca49-41eb-9487-44e134916b4f.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9efde266-ca49-41eb-9487-44e134916b4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 724fa48ccca0d3c13ff4b7d6f37b9d83
464c721a0b21748887983c18b374919fded7a9ec
2f9c5afbf0cf73ef947f3a1befe80aab80c1ba62a0b1c4d4484ad1508b8c0e62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9efde266-ca49-41eb-9487-44e134916b4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: 8260d57d-a18a-47c2-b1ab-e3446828fb72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BRnFOFpIIAMFQ5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6403b887-6aad3a6721a923a2785af45e;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 21:30:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AgSjPLDX3q6HTwtAmDzATddl8ZVrjex8_knBealJq5Il1vUC16nMhA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 21:54:33 GMT
age: 38749
etag: "464c721a0b21748887983c18b374919fded7a9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F795ecacb-d60f-4ebd-9c27-d56d31879359.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F795ecacb-d60f-4ebd-9c27-d56d31879359.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30a283761df22152c7777e2b6748170c
c24ca70c42e0c0f5f7bb70c3323e7fa558fba52e
83c6faefa479bfa1d251e7d6f10639fdfa3ecc0d8bf07fde051afcd7604b5c79
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F795ecacb-d60f-4ebd-9c27-d56d31879359.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 150b2f7f-3105-4da7-a590-3530f9c12031
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BCcBeE49IAMFUYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fda6d5-7523951d1db3d3a6078ddf3a;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 07:01:41 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Y-anl4Yzm4qNgapxjJNKyKjpCjfJXFMKbia-6LxG2z8dWkpsWcTByA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 17:44:43 GMT
age: 53739
etag: "c24ca70c42e0c0f5f7bb70c3323e7fa558fba52e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7f5O-v2e1_OXVVveu0_kNtjOTnUAC5shUmd4JejtlrnliJsxeitcYA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 09:31:56 GMT
age: 83306
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe20ff76d-e949-4360-bacb-a5aa866991c2.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe20ff76d-e949-4360-bacb-a5aa866991c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce712849bedfd2e64ad065f809119622
3b581618a0a7152ead0245f3818905a3fbac55be
823d6c1a0eabcf57301d0a228fad56459e874b288b52d31ea2cc8fca1a51a30a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe20ff76d-e949-4360-bacb-a5aa866991c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9301
x-amzn-requestid: 245fb031-c71c-48c8-b775-9b9bc0aca8eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BFvhfG44IAMFb-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fef93c-5bbf00015ab2e70e79bbab75;Sampled=0
x-amzn-remapped-date: Wed, 01 Mar 2023 07:05:32 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: dlEywB7YIa1M1ccOXQ9TJUhWaS9hFLLVwKuaf8zhZY9uVN40LxJVvg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 09:24:08 GMT
age: 83774
etag: "3b581618a0a7152ead0245f3818905a3fbac55be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc73a562d-3182-4055-82e3-938416332d05.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc73a562d-3182-4055-82e3-938416332d05.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd303dfdd0f77d0a10b1dc379582a591
aae0b97676d1b8fd69fdbf4b07635bb0ba55d98a
d783edf76cc893cd1699ef88899c3bc106250fcca672834288f77f41092c1f49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc73a562d-3182-4055-82e3-938416332d05.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 6bbf5841-b2ad-4b12-b6b0-eaa5f3919339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BFdfnGLMoAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fedc63-3a24def37bff7b1a32d3f8fb;Sampled=0
x-amzn-remapped-date: Wed, 01 Mar 2023 05:02:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: cd_IuVlgZA15T9moplJ9BBmMXSs4zEkYf8Z1B24qXwqvf98lPohfIg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 06:08:29 GMT
age: 9113
etag: "aae0b97676d1b8fd69fdbf4b07635bb0ba55d98a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a70e83f-b7e9-4534-81e5-c582a7390ed1.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a70e83f-b7e9-4534-81e5-c582a7390ed1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01c0e5cc08dcb1f60725b0457a59c5be
cce18f4fa9f87134ad595f39d9dd53063eeee0bb
946386f9d6996edb7d6e3d0b502858ccb7d40afd04ec77f6b737997f88c51efc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a70e83f-b7e9-4534-81e5-c582a7390ed1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7940
x-amzn-requestid: 8034a87c-63ac-4d4d-a5b9-7506a68a333a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BRnGiEiSoAMFdXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6403b88f-20ff98782c40829143009388;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 21:30:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: cgWrQ3laxd9AmpoVHja7tXeM_gTlVZT332ZcFc_16Lxz2b3LaJzNhQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 21:54:46 GMT
age: 38736
etag: "cce18f4fa9f87134ad595f39d9dd53063eeee0bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=nxe1ajf&ht=tk&h=sfr-client.weebly.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1678005622000
23.33.119.26200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=nxe1ajf&ht=tk&h=sfr-client.weebly.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1678005622000
IP 23.33.119.26:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=nxe1ajf&ht=tk&h=sfr-client.weebly.com&f=10294.10295.10304.10305&a=3024360&js=1.21.0&app=typekit&e=js&_=1678005622000 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Sun, 05 Mar 2023 08:40:22 GMT
X-Firefox-Spdy: h2
sfr-client.weebly.com/files/theme/fonts/Unite_500.otf?1599230657
199.34.228.54200 OK 86 kB URL HTTP/1.1 sfr-client.weebly.com/files/theme/fonts/Unite_500.otf?1599230657
IP 199.34.228.54:0
File type OpenType font data\012- data
Hash 1f55925e52b9e71fd57108874184060d
e8acc9022336f58bb5ee2e2d4d98b51bebf45990
f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc
GET /files/theme/fonts/Unite_500.otf?1599230657 HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/files/main_style.css?1599230657
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:21 GMT
Content-Type: font/otf
Content-Length: 86528
Connection: keep-alive
Last-Modified: Fri, 08 May 2020 19:36:11 GMT
x-rgw-object-type: Normal
ETag: "1f55925e52b9e71fd57108874184060d"
x-amz-request-id: tx000000000000001baed13-0062847dcc-b9fbc29-sfo1
X-Storage-Bucket: zf02b
X-Storage-Object: f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc
X-Host: blu84.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 727bc09cc823d9dc550e69fae5ce424f
42bd786005c65dcd13dd7fd14851d9002cc4a7be
e5bdfc4261c7a15a269cae58c59917233ca72394b7897374924c4ddb1b2bc272
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86396
Date: Sun, 05 Mar 2023 08:40:22 GMT
Etag: "6402e179-1d7"
Expires: Mon, 06 Mar 2023 08:40:18 GMT
Last-Modified: Sat, 04 Mar 2023 06:13:13 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xVhwzZcF0Sc86xEZC1gn1-NxPLnxaLeCm5wMrxh3nbXxFOs40rC1Dw==
Age: 8825
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 727bc09cc823d9dc550e69fae5ce424f
42bd786005c65dcd13dd7fd14851d9002cc4a7be
e5bdfc4261c7a15a269cae58c59917233ca72394b7897374924c4ddb1b2bc272
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Mar 2023 08:40:22 GMT
Last-Modified: Sun, 05 Mar 2023 06:11:20 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: azMAXcWI2LUz0At8R0cSiPsdnWqZrzwXtevH9HrkrnpI7nvWuUMxDw==
Age: 8942
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 31ea98a505fba9fc9bfaead5eefc8135
25ca3b13f16687c34db17af4ce537b7abf4a3407
95b047f7de8bc7d5e5ff0d827abe39a6da4292319133c35fd7348c0efb9076ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.40200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.40:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 05 Mar 2023 06:41:40 GMT
expires: Sun, 05 Mar 2023 08:41:40 GMT
cache-control: public, max-age=7200
age: 7122
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
IP 142.250.74.35:0
File type HTML document, ASCII text, with very long lines (839)
Size 165 kB (164689 bytes)
Hash 7f27adb1216e4ddb02884fd68a1ec297
a33a85dfc58ca995fa184035b8fdb896866c361f
aeea36b977f073b902c2c5536b21f43e931fc2ac5ba3601db228e686457e9bc8
GET /recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 08:44:27 GMT
expires: Fri, 01 Mar 2024 08:44:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 258955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sfr-client.weebly.com/files/theme/fonts/Unite_700.otf?1599230657
199.34.228.54200 OK 90 kB URL HTTP/1.1 sfr-client.weebly.com/files/theme/fonts/Unite_700.otf?1599230657
IP 199.34.228.54:0
File type OpenType font data\012- data
Hash fa11c3ca7b2301d6b8da51b04985fb05
a9b9dae4568883ef65d130a8237343185d463f2a
36906b2b3f6a199b3c59e6d862bfb36ed52d5c8de14ce46da8a8c5890250eb17
GET /files/theme/fonts/Unite_700.otf?1599230657 HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/files/main_style.css?1599230657
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:21 GMT
Content-Type: font/otf
Content-Length: 89928
Connection: keep-alive
Last-Modified: Fri, 08 May 2020 19:36:11 GMT
x-rgw-object-type: Normal
ETag: "fa11c3ca7b2301d6b8da51b04985fb05"
x-amz-request-id: tx000000000000001b851d2-0062847b6d-b9fbc29-sfo1
X-Storage-Bucket: z3690
X-Storage-Object: 36906b2b3f6a199b3c59e6d862bfb36ed52d5c8de14ce46da8a8c5890250eb17
X-Host: blu87.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.229.8.112200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.229.8.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sfr-client.weebly.com/
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Mar 2023 08:40:22 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://sfr-client.weebly.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 31ea98a505fba9fc9bfaead5eefc8135
25ca3b13f16687c34db17af4ce537b7abf4a3407
95b047f7de8bc7d5e5ff0d827abe39a6da4292319133c35fd7348c0efb9076ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 08:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sfr-client.weebly.com/favicon.ico
199.34.228.54200 OK 4.3 kB URL HTTP/1.1 sfr-client.weebly.com/favicon.ico
IP 199.34.228.54:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
Analyzer Verdict Alert openphish SOCIETE FRANCAISE DU RADIOTELEPHONE
GET /favicon.ico HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.d760=*; _snow_id.d760=ec85275f-30cc-4ffd-8249-5a711d5c3f4a.1678005622.1.1678005622.1678005622.1669c647-f6bd-4f92-a012-61f8094e6629
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 08:40:22 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001ad46ef-0062847663-b9fbc7f-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: grn88.sf2p.intern.weebly.net
Accept-Ranges: bytes
sfr-client.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.54200 OK 447 B URL HTTP/1.1 sfr-client.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.54:0
File type JSON data\012- , ASCII text, with very long lines (447), with no line terminators
Hash 1253c5839c8dd11a8d6341822b48ad02
157932aaf5f7e1c58d5d01bad89aed78295f4fa5
6467d91723de84462db1feb41ad9cbae80848eda00a9ab63a5ea3d13780a43be
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: sfr-client.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Cookie: is_mobile=0; language=en; _snow_ses.d760=*; _snow_id.d760=ec85275f-30cc-4ffd-8249-5a711d5c3f4a.1678005622.1.1678005622.1678005622.1669c647-f6bd-4f92-a012-61f8094e6629
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 08:40:22 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn24.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 447
Keep-Alive: timeout=10, max=65
Connection: Keep-Alive
Content-Type: application/json
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.229.8.112200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.229.8.112:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1792
Origin: https://sfr-client.weebly.com
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Mar 2023 08:40:22 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d5ad54c0-e68d-4da5-bb95-79c503e41f46; Expires=Mon, 04 Mar 2024 08:40:22 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://sfr-client.weebly.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.74:0
GET /css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Mar 2023 08:40:20 GMT
date: Sun, 05 Mar 2023 08:40:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1633968478
151.101.193.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1633968478
IP 151.101.193.46:0
GET /js/site/main.js?buildTime=1633968478 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sfr-client.weebly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 01 Mar 2023 14:29:16 GMT
etag: "63ff613c-74804"
expires: Thu, 16 Mar 2023 08:16:32 GMT
cache-control: max-age=1209600
x-host: grn33.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 Mar 2023 08:40:20 GMT
age: 260629
x-served-by: cache-sjc10065-SJC, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 96, 1
x-timer: S1678005621.851774,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2