Overview

URL www.eventsatrefinery.com/weddings/
IP199.34.228.42
ASNWEEBLY
Location United States
Report completed2022-09-19 10:14:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-19 2 www.eventsatrefinery.com/weddings/ Phishing
2022-09-19 2 www.eventsatrefinery.com/weddings/ Phishing
2022-09-19 2 www.eventsatrefinery.com/weddings.html Phishing
2022-09-19 2 www.eventsatrefinery.com/files/main_style.css?1662995059 Phishing
2022-09-19 2 www.eventsatrefinery.com/files/templateArtifacts.js?1662995059 Phishing
2022-09-19 2 www.eventsatrefinery.com/files/theme/custom.js?1531150540 Phishing
2022-09-19 2 www.eventsatrefinery.com/files/theme/mobile.js?1531150540 Phishing
2022-09-19 2 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/ceremony.jpg?1 (...) Phishing
2022-09-19 2 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/ceremony-1.jpg (...) Phishing
2022-09-19 2 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/carly-colin-03 (...) Phishing
2022-09-19 2 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/image0-1_orig.jpeg Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-19 07:42:24 UTC 93.184.220.29
mnemonic passive DNS cdn2.editmysite.com (20) 11564 2012-10-02 18:27:39 UTC 2022-09-19 08:22:37 UTC 151.101.85.46
mnemonic passive DNS region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-19 05:15:41 UTC 216.239.32.36 Domain (google.com) ranked at: 1
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-19 04:27:19 UTC 142.250.74.3
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-19 01:41:31 UTC 44.235.202.207
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-19 04:27:13 UTC 142.250.74.3
mnemonic passive DNS www.editmysite.com (1) 43381 2017-01-29 18:23:39 UTC 2022-09-19 09:16:13 UTC 74.115.50.67
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-19 06:53:21 UTC 143.204.55.115
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-19 04:28:44 UTC 23.36.76.226
mnemonic passive DNS www.eventsatrefinery.com (18) 0 2015-03-14 06:00:20 UTC 2022-09-19 10:14:04 UTC 199.34.228.42 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-19 04:30:26 UTC 34.117.237.239
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-19 09:08:48 UTC 142.250.74.10
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-19 04:28:17 UTC 142.251.1.157
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-19 04:29:43 UTC 142.250.74.136
mnemonic passive DNS maps.gstatic.com (1) 0 2016-01-11 16:55:17 UTC 2022-09-19 07:15:10 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-19 04:39:15 UTC 143.204.55.49
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-19 04:27:30 UTC 142.250.74.72
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-19 04:20:29 UTC 34.120.237.76
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-19 04:39:15 UTC 54.149.101.24
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-19 04:37:12 UTC 104.18.21.226
mnemonic passive DNS www.weebly.com (1) 21455 2014-01-19 01:07:09 UTC 2022-09-19 09:01:52 UTC 74.115.50.110


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.42

Date UQ / IDS / BL URL IP
2022-11-04 22:37:51 +0000
0 - 0 - 6 loginsupportamazon.com/ 199.34.228.42
2022-09-19 10:14:17 +0000
0 - 0 - 11 www.eventsatrefinery.com/weddings/ 199.34.228.42
2022-09-06 21:27:38 +0000
0 - 0 - 1 www.sandiegocountyrecordersociety.org/ 199.34.228.42
2022-09-03 12:11:54 +0000
0 - 0 - 1 www.beanscafeandbakery.com/ 199.34.228.42
2022-09-03 09:36:19 +0000
0 - 0 - 1 www.ieee-isicas2022.org/ 199.34.228.42

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-12-05 11:32:51 +0000
0 - 0 - 10 walletconnect-selfservicevalidation.weebly.co (...) 199.34.228.54
2022-12-05 11:32:30 +0000
0 - 0 - 12 walletconnect-selfservicevalidation.weebly.co (...) 199.34.228.54
2022-12-05 11:16:11 +0000
0 - 0 - 10 kjhtgbkh.weebly.com/ 199.34.228.53
2022-12-05 11:15:57 +0000
0 - 0 - 10 kiuoiuyf.weebly.com/ 199.34.228.54
2022-12-05 10:43:50 +0000
0 - 0 - 8 attgyuigyyi89009.weebly.com/ 199.34.228.53

Last 1 reports on domain: eventsatrefinery.com

Date UQ / IDS / BL URL IP
2022-09-19 10:14:17 +0000
0 - 0 - 11 www.eventsatrefinery.com/weddings/ 199.34.228.42

No other reports with similar screenshot



JavaScript

Executed Scripts (38)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (80)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 09:57:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HRC_QoovnWdzBsaN_S-uYasLdmFhFsH8a8phJ87m5PBUMWhswacffg==
Age: 989


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3246
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 10:14:06 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nRTKojxLocYnfHggJKDncIdQIF3HNaq3t4MYLcQQWNFhjPmDm2mAgw==
age: 20333
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /weddings/ HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.42
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 19 Sep 2022 10:14:06 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.eventsatrefinery.com
Vary: X-W-SSL,User-Agent
Location: https://www.eventsatrefinery.com/weddings/
X-Host: grn104.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 414
Keep-Alive: timeout=10, max=57
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   414
Md5:    00409e9bc22c0b34485c2fe87a436dac
Sha1:   b30dca87d8fd84dd34b45ec69f01ff7508fc3fe3
Sha256: b7735a182a78b43dd308f7aaee5250c0e05fe96b14637bc12499469e24803daf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 19 Sep 2022 10:14:06 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 10:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 10:19:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SE-LYmvgDY5YDl5Ds7WUXW7zqCfCz6mdawlykmExk7cVr8R6is9RNw==
Age: 644


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1005
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:14:06 GMT
Last-Modified: Mon, 19 Sep 2022 09:57:22 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "41686CC397508100B91E5158B3C7FF3C33B57B729284C0092698C40A0B392D93"
Last-Modified: Sun, 18 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 16:14:06 GMT
Date: Mon, 19 Sep 2022 10:14:06 GMT
Connection: keep-alive

                                        
                                            GET /weddings/ HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.42
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 19 Sep 2022 10:14:06 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.eventsatrefinery.com
Vary: X-W-SSL,User-Agent
Cache-Control: private
Location: /weddings.html
X-Host: grn138.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 302
Keep-Alive: timeout=10, max=39
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   302
Md5:    58b0ec53d14302114b56749e6b8e023e
Sha1:   eb8a43b09ecc198961ed243b251cd28566e5e4a7
Sha256: 3ecd5b8056416e3b0a69b8d799150e4d55342db1ff80939ba784f4cc393260b4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pHHzyLtd3JQ4yj/nwkVnzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.149.101.24
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zrTSftJxC7wl5wcJ4nO8knjx0M0=

                                        
                                            GET /weddings.html HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: is_mobile=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 19 Sep 2022 10:14:07 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: language=en; expires=Mon, 03-Oct-2022 10:14:07 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"22ca33fd7c868ae4e2ba56a0859d500f-gzip"
Content-Encoding: gzip
X-Host: grn41.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 10131
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2439), with CRLF, LF line terminators
Size:   10131
Md5:    ef3cea7d703287de1e7dab2de74f9fa1
Sha1:   c535731e49cde3bebd03657a66a82c57be61aba9
Sha256: cbd6ddd9031785bc13eeb7a9b04ea4859011fd4d8b569abfce945022aa785e60

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css/sites.css?buildTime=1662672764 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:48:41 GMT
etag: W/"631a5529-347ac"
expires: Thu, 22 Sep 2022 21:34:22 GMT
cache-control: max-age=1209600
x-host: grn118.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909584
x-served-by: cache-sjc10056-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 16
x-timer: S1663582447.331287,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /fonts/Tangerine/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-352"
expires: Thu, 22 Sep 2022 18:11:31 GMT
cache-control: max-age=1209600
x-host: blu80.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921755
x-served-by: cache-sjc10036-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.331266,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 276
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   276
Md5:    de5386463df9a3ab54e19dcbd107616e
Sha1:   56ba54b2045fed521b3460dae4010d6dabc322ef
Sha256: 2e1377b145747127f86208f06d769be29b2a78382d354360a6048943d0f75e84
                                        
                                            GET /fonts/Questrial/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-1b0"
expires: Thu, 22 Sep 2022 18:07:19 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 922008
x-served-by: cache-sjc10048-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663582447.331429,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 242
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   242
Md5:    451e60ea53a33ced6c4735a750c3776e
Sha1:   7d0eb98a70da6db4d27cafa48b0cd26e78d7e89c
Sha256: 547a6d7141f4ea9bf30c398b8f021f81859e89ee3172e85675877a87a3f9220c
                                        
                                            GET /fonts/Lato/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:44 GMT
etag: "631a2868-a0c"
expires: Thu, 22 Sep 2022 18:06:24 GMT
cache-control: max-age=1209600
x-host: grn132.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 922062
x-served-by: cache-sjc10060-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 26
x-timer: S1663582447.332350,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 365
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   365
Md5:    f6aec8855300407d88c732db5b97c3cf
Sha1:   a6a4c862f86744cbf3f5477e830c9f80ab986eaf
Sha256: 6f00c364d20ef3193c0b008183501117dec28fe7a538ccebdc4492f5c9b281d3
                                        
                                            GET /fonts/Montserrat/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:44 GMT
etag: "631a2868-354"
expires: Thu, 22 Sep 2022 18:07:56 GMT
cache-control: max-age=1209600
x-host: grn142.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921971
x-served-by: cache-sjc10037-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 71
x-timer: S1663582447.332378,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 276
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   276
Md5:    559eefb63fcae2a3f85471dd3903016a
Sha1:   5e4a9f5b529f2f6d2ee1de511231f856e673066c
Sha256: 09110f0d179c52677e2caf24d4bad70e5d717acb2eff2887ac36dbc1d9583fae
                                        
                                            GET /fonts/CAC_Champagne/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:43 GMT
etag: "631a2867-aa"
expires: Tue, 27 Sep 2022 11:10:27 GMT
cache-control: max-age=1209600
x-host: blu18.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 515019
x-served-by: cache-sjc10034-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663582447.332482,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 134
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   134
Md5:    f0934a2ae08e7e44f111a557a14b8e20
Sha1:   7cf3af0d49886972d5dfce8bf73117367b83639b
Sha256: 880f676256e84e01bcc270fc95e3d08bb5077011f14f53555257ddc769722120
                                        
                                            GET /js/lang/en/stl.js?buildTime=1662672764& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:47:36 GMT
etag: "631a54e8-2c44e"
expires: Thu, 22 Sep 2022 21:34:22 GMT
cache-control: max-age=1209600
x-host: grn117.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909586
x-served-by: cache-sjc10059-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 13
x-timer: S1663582447.334905,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32802
Md5:    40ee71f2f2de93b9561845efa9a0cbbc
Sha1:   13451e3fb165d1ad524d9863d8344eab4a2fe353
Sha256: 41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
                                        
                                            GET /css/social-icons.css?buildtime=1662672764 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:48:41 GMT
etag: W/"631a5529-3319"
expires: Thu, 22 Sep 2022 21:34:49 GMT
cache-control: max-age=1209600
x-host: blu83.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909558
x-served-by: cache-sjc10067-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 40
x-timer: S1663582447.339900,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1639
Md5:    8d187cb7374eeeae857b6a61a61de0f4
Sha1:   b44aac11580606735fa1aa8b9637f56268267b0a
Sha256: 427bb56305a151eebd863996d75a06a7a3efe1a9861eefdea80c820ffcd4fb20
                                        
                                            GET /fonts/Gentium_Basic/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:43 GMT
etag: "631a2867-aa"
expires: Thu, 22 Sep 2022 18:07:35 GMT
cache-control: max-age=1209600
x-host: blu122.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921992
x-served-by: cache-sjc10044-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.339865,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 136
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   136
Md5:    b6fe410f05835777bf7dace9ff8b5212
Sha1:   b7a6edb6d3b897d8173b92c1b24d1029f8db5154
Sha256: ea430f275b5dc20736aba1d34f94726af83998725f7ac10814a3a462bf5b7641
                                        
                                            GET /js/site/main.js?buildTime=1662672764 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:49:09 GMT
etag: "631a5545-74804"
expires: Thu, 22 Sep 2022 21:36:04 GMT
cache-control: max-age=1209600
x-host: blu39.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909482
x-served-by: cache-sjc10052-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.335102,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "56A06FA7E342B9113988767B66F806500F5DA49E"
Expires: Mon, 19 Sep 2022 21:00:00 GMT
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1108
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d18d7828e6b505-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    ac585dbab5d739ae5abd2e8a134b806f
Sha1:   6902409e0654f78cc4f95f5d7a7c00aa2333239c
Sha256: ed6c00c85f886af4be1b25a9be2240befe74f33aed9104bea058b7f1273b8004
                                        
                                            GET /files/main_style.css?1662995059 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn140.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (437)
Size:   5172
Md5:    decb33e20de6fdc074248ecb50a4ac40
Sha1:   26e102d037d455c3dd3c0798902fd31e3cc88a0a
Sha256: 83bbc8d5f5a54c7a2d913f8378927b9231891b1093c3d04770fe0947d0cfad76

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "56A06FA7E342B9113988767B66F806500F5DA49E"
Expires: Mon, 19 Sep 2022 21:00:00 GMT
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1108
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d18d785938b505-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    ac585dbab5d739ae5abd2e8a134b806f
Sha1:   6902409e0654f78cc4f95f5d7a7c00aa2333239c
Sha256: ed6c00c85f886af4be1b25a9be2240befe74f33aed9104bea058b7f1273b8004
                                        
                                            GET /fonts/Raleway/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-6b1"
expires: Thu, 22 Sep 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: grn98.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921986
x-served-by: cache-sjc10057-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 36
x-timer: S1663582447.427317,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 318
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   318
Md5:    2ad8307758bc44c36781537e65c682df
Sha1:   d11b12c6899d51858b94a1e244c1de96ff9ebec6
Sha256: 86d13d47326e5c4024a04dc04c67a7d084a86c4ab5384446a4ee5981aa730540
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/old/fancybox.css?1662672764 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:48:48 GMT
etag: "631a5530-f47"
expires: Thu, 22 Sep 2022 21:36:07 GMT
cache-control: max-age=1209600
x-host: blu86.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909479
x-served-by: cache-sjc10050-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 21
x-timer: S1663582447.432801,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-5XQ2W5RVFM HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 10:14:07 GMT
expires: Mon, 19 Sep 2022 10:14:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20189)
Size:   75225
Md5:    da62319ef0dd7e511b5d95e6b1e2fe7a
Sha1:   a7f5aaa631149c74d5db189f38a6a3fea46d9af8
Sha256: 6e814d86de7c951621fe7e3bcb78e3e196d3ddc3ff84b6158e4bf3361e07aab3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fonts/Muli/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
x-host: blu127.sf2p.intern.weebly.net
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 19 Sep 2022 10:14:07 GMT
x-served-by: cache-sjc10073-SJC, cache-bma1636-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663582447.332038,VS0,VE193
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /files/theme/plugins.js?1531150540 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 21 May 2021 20:17:30 GMT
x-rgw-object-type: Normal
ETag: W/"7f6df4939d4102a752a5c1989d81afd4"
x-amz-request-id: tx000000000000000c79baa-0061a70535-a9f41e7-sfo1
X-Storage-Bucket: z6ee5
X-Storage-Object: 6ee5ff05679a26a9027cbb63cadee08104fa248a93d3582a333a5d134c25460b
X-Host: blu42.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   18996
Md5:    17c0b51cd6ba1b91479bfe0274feed18
Sha1:   785a5cfa1ee86fd40b1a9deab58477ac101cb20a
Sha256: 64fa489daea8001c79f266c076946a1dd2b3568d3c6810bc1db9fb27529dee28
                                        
                                            GET /files/templateArtifacts.js?1662995059 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu41.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (1630)
Size:   1632
Md5:    e0836e8203c22b8e4086f27e91e86f5a
Sha1:   28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
Sha256: 32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/custom.js?1531150540 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Length: 3233
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 11:38:28 GMT
x-rgw-object-type: Normal
ETag: "6ddabf9ec1dae07f541de3e009969179"
x-amz-request-id: tx0000000000000000439b9-006258b622-4d6022f-las
X-Storage-Bucket: zc057
X-Storage-Object: c057541328f3e6fcee23c1ec11a2d1d57dc8450e5ad366d56d41df4202955765
X-Host: grn49.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3233
Md5:    6ddabf9ec1dae07f541de3e009969179
Sha1:   37359e9551b6247c7a8fe9f2d7f6a05e18ccb7d5
Sha256: c057541328f3e6fcee23c1ec11a2d1d57dc8450e5ad366d56d41df4202955765

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/mobile.js?1531150540 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 22 May 2021 22:42:27 GMT
x-rgw-object-type: Normal
ETag: W/"008fd6990b3bdf96b9d46f87e52a7730"
x-amz-request-id: tx000000000000000043cc9-006258b626-4d6022f-las
X-Storage-Bucket: z52fc
X-Storage-Object: 52fce566223a538d2037cd7f8ee707362452d0e935d018f857322f10c4446e64
X-Host: blu41.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   3048
Md5:    df46997a63ceb84c8708e197225bf22e
Sha1:   461b6fa23df29f7da9b3a03f3dba6f846bedf917
Sha256: 84881ad46cfd8cd5adf57ee99e47fd4790e655d5bfc4e45e0b833f0beeacb602

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 14 Sep 2022 16:18:50 GMT
etag: "6321feea-124fe"
expires: Thu, 29 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 351327
x-served-by: cache-sjc10051-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 3186
x-timer: S1663582448.078217,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /fonts/Raleway/regular.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-5320"
expires: Thu, 22 Sep 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: blu93.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 921987
x-served-by: cache-sjc10058-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 29
x-timer: S1663582448.098863,VS0,VE0
access-control-allow-origin: *
content-length: 21280
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Size:   21280
Md5:    16911581ab7ea10687a5aee74cbc5612
Sha1:   b0b24248345739209d753a4ac77ccfc1f627b219
Sha256: c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
                                        
                                            GET /fonts/Tangerine/regular.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-5b08"
expires: Thu, 22 Sep 2022 18:18:06 GMT
cache-control: max-age=1209600
x-host: grn25.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 921361
x-served-by: cache-sjc10073-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582448.104639,VS0,VE1
access-control-allow-origin: *
content-length: 23304
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23304, version 1.0\012- data
Size:   23304
Md5:    b7e6355b20dd4ed479af5b3dec002897
Sha1:   ceb6b354452bbba6394faa5cd5a6463b69319ec9
Sha256: cb4e7c0a159ec0cc2bdab8e3cd4b5541cf77748e1f07d4719eb5835c3afcabce
                                        
                                            GET /fonts/Gentium_Basic/regular.ttf HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 12:25:49 GMT
etag: "6319df4d-41af8"
expires: Thu, 22 Sep 2022 18:07:36 GMT
cache-control: max-age=1209600
x-host: grn31.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 921992
x-served-by: cache-sjc10025-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3
x-timer: S1663582448.109634,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 102574
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 22 tables, 1st "Feat", 89 names, Macintosh, Copyright (c) SIL International, 2003-2008.Gentium BasicRegularSILInternational: Gentium Basic: \012- data
Size:   102574
Md5:    5f258530e0f7f49b9baf229abf563036
Sha1:   a73f57f1c908b24031a731b9b2b152288b499bb8
Sha256: 7f1bed69faaa46284857e8613b44d8e2377a749fca017f39571dca5058bf66da
                                        
                                            GET /fonts/Tangerine/bold.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-60e4"
expires: Mon, 26 Sep 2022 12:59:34 GMT
cache-control: max-age=1209600
x-host: grn9.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 594873
x-served-by: cache-sjc10052-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582448.109431,VS0,VE1
access-control-allow-origin: *
content-length: 24804
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24804, version 1.0\012- data
Size:   24804
Md5:    b30f43e654ab324a5fa33870c3650b11
Sha1:   851391675b505b0fff0e4ebab9f9046cf821d918
Sha256: 0dbef693a0e3502c8b77d77874867ae7e87514309f644009b0a5aa4d52a2536b
                                        
                                            GET /fonts/wSocial/wsocial.woff?ts=1662670121405 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 17:37:46 GMT
etag: "631a286a-a4c"
expires: Thu, 22 Sep 2022 21:30:38 GMT
cache-control: max-age=1209600
x-host: blu74.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 909810
x-served-by: cache-sjc10062-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 22
x-timer: S1663582448.117767,VS0,VE0
access-control-allow-origin: *
content-length: 2636
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 2636, version 1.0\012- data
Size:   2636
Md5:    0e88795b66eeac48b209209aa0179411
Sha1:   983e16566390f9167c6c4fbbdb052623fc01a631
Sha256: e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
                                        
                                            GET /uploads/1/4/0/7/140725637/published/ceremony.jpg?1655832305 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 6530
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 17:23:28 GMT
x-rgw-object-type: Normal
ETag: "1068c39ac75dd34d544bfb8f47984921"
x-amz-request-id: tx000000000000004311df6-006327a278-c699baa-sfo1
X-Storage-Bucket: zb6a0
X-Storage-Object: b6a01a6800b9bca5d10b3f6e2f3210dd6a9c0cfe2262ce5401a3407d7825c731
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 205x137, components 3\012- data
Size:   6530
Md5:    1068c39ac75dd34d544bfb8f47984921
Sha1:   b381c93bad478ce491a6434cce08e6155a9449f0
Sha256: b6a01a6800b9bca5d10b3f6e2f3210dd6a9c0cfe2262ce5401a3407d7825c731

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /uploads/1/4/0/7/140725637/published/ceremony-1.jpg?1655832256 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 21721
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 17:24:16 GMT
x-rgw-object-type: Normal
ETag: "4fbf1702a2be7132362e5b4bb46bbd50"
x-amz-request-id: tx000000000000003b30666-00632840f0-c67eadd-sfo1
X-Storage-Bucket: za964
X-Storage-Object: a964860f2ea69674bff6627a8fbc074e87cb3f477730088e4248a3d5e86489ac
X-Host: grn61.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 274x183, components 3\012- data
Size:   21721
Md5:    4fbf1702a2be7132362e5b4bb46bbd50
Sha1:   846a954cfcf801c042c4e41a018b1348f5cfee26
Sha256: a964860f2ea69674bff6627a8fbc074e87cb3f477730088e4248a3d5e86489ac

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3533
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:14:08 GMT
Last-Modified: Mon, 19 Sep 2022 09:15:15 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10590
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 10:14:08 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
age: 44215
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5064
Md5:    e4098577adb98eae5ba4a8b5e143df71
Sha1:   b0ad467f2837d103f8a96fb732bd34176c4c7110
Sha256: 83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:54:31 GMT
age: 22777
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9901
Md5:    da8b8819fc21dcfb224ce0e7ecdc6772
Sha1:   e460ad4376cd118a6fe8b6b050af9398117d9531
Sha256: 9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
                                        
                                            GET /uploads/1/4/0/7/140725637/published/carly-colin-0381-1000-600x600.jpg?1654741418 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 50680
Connection: keep-alive
Last-Modified: Thu, 09 Jun 2022 02:21:34 GMT
x-rgw-object-type: Normal
ETag: "56a3093ce09d50dd5019ec1b0a530558"
x-amz-request-id: tx000000000000003b16225-00632840f0-c6aed46-sfo1
X-Storage-Bucket: z1eef
X-Storage-Object: 1eef2298539e4b07859387179a9d1a5ef6d9d3dda21c235d0c89e3ab82693f27
X-Host: grn73.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 441x441, components 3\012- data
Size:   50680
Md5:    56a3093ce09d50dd5019ec1b0a530558
Sha1:   d21ad0632a3ad05c36b8757d0f876a1d240142a8
Sha256: 1eef2298539e4b07859387179a9d1a5ef6d9d3dda21c235d0c89e3ab82693f27

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
age: 44429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11712
Md5:    65ee14de38a7fcd768ede2f1915c74e4
Sha1:   85119aaf7195d59efc55e36d026bd026060195aa
Sha256: 62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 23409
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10721
Md5:    87bddc1f919e51c976d5377040861ea6
Sha1:   f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
Sha256: 28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
age: 44429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5866
Md5:    1105b56cf779b6df1cbd081bbd0cda50
Sha1:   58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
Sha256: 10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5570
x-amzn-requestid: a20f5fb2-9c4a-4124-bc27-6b7cf99c5a73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn64FEKXoAMFbzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e99-0edcfdf505c4467b31355e71;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jp6TEMqaAAIs3jUsysER2sqaEob7LrzeR0vwp5I-gWSZsPxaFW4Vlg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:54:26 GMT
age: 44382
etag: "7deb4e0fc838bcfffb532ff1f92f4036b35571f2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5570
Md5:    5b174f977a78acf5f28935f44cac702d
Sha1:   7deb4e0fc838bcfffb532ff1f92f4036b35571f2
Sha256: 7e87fe13d3127a1c8e89f72c1455349d9edcb89eeb2a9b103d191095ddc69751
                                        
                                            GET /uploads/1/4/0/7/140725637/classic-reception_orig.jpg HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 92698
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 16:37:25 GMT
x-rgw-object-type: Normal
ETag: "8711d15726e4bed5370fa21de6593db8"
x-amz-request-id: tx000000000000003b455e8-00632698b7-c669cc6-sfo1
X-Storage-Bucket: ze2d6
X-Storage-Object: e2d64e86c746896fc8177af2b18c08f056c46dd540e700849fa8c9c04ec24427
X-Host: blu42.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 533x800, components 3\012- data
Size:   92698
Md5:    8711d15726e4bed5370fa21de6593db8
Sha1:   f3773ed2aaef5ee1615359769afe1e6c52bb64fe
Sha256: e2d64e86c746896fc8177af2b18c08f056c46dd540e700849fa8c9c04ec24427
                                        
                                            GET /uploads/1/4/0/7/140725637/bridal-suite_orig.jpg HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 239026
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 16:31:58 GMT
x-rgw-object-type: Normal
ETag: "dfcd0e36b911e6eeb2cbb8f64041ebee"
x-amz-request-id: tx000000000000004a6cc6a-00632840f0-c695612-sfo1
X-Storage-Bucket: z7012
X-Storage-Object: 7012b5600ea7981717a60be0574b64243e046500371d62361dff5c0cde57cfc6
X-Host: grn49.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1100x735, components 3\012- data
Size:   239026
Md5:    dfcd0e36b911e6eeb2cbb8f64041ebee
Sha1:   5022e34a54bb3f55e84d6a5a0e280677b4bdf2d7
Sha256: 7012b5600ea7981717a60be0574b64243e046500371d62361dff5c0cde57cfc6
                                        
                                            GET /uploads/1/4/0/7/140725637/published/1528227866-8f076c51a141f691-wadsworthwedding079.webp?1654794884 HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 3739
Connection: keep-alive
ETag: "61c39c46-e9b"
X-Host: blu74.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size:   3739
Md5:    2eeb3e560ca8f369be20ceb5858a4701
Sha1:   6c53e6b66c1bc6d0b93116e14fb79c30424bf36c
Sha256: ac2d9485acf7e9c29d94d31f19d3aedda958cd4f6119ddc888fbbde52d6078dd
                                        
                                            GET /weebly/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.110
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 19 Sep 2022 10:14:08 GMT
Server: Apache
Location: https://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false
X-Host: blu75.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-editor=GAGABNAK; Domain=weebly.com; Path=/

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:14:08 GMT
Last-Modified: Mon, 19 Sep 2022 08:42:20 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e9v0W_XT0TvyCnWH6JDHQGCjlkPK6wHMAZP52suGGmjT02G8gW6J9Q==
Age: 5508

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:14:08 GMT
Last-Modified: Mon, 19 Sep 2022 08:42:20 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BfNjWx-8Y3XRGOMCYAbVDrWkx-pBt1-65T4YM6KsuboUbos1Fju1Bw==
Age: 5508

                                        
                                            GET /uploads/1/4/0/7/140725637/print-release-pdf-43_orig.jpg HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 129436
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 02:03:51 GMT
x-rgw-object-type: Normal
ETag: "968a599547ec66858c83ac40d2b59c5a"
x-amz-request-id: tx0000000000000048d5ac5-00632840f0-c696eea-sfo1
X-Storage-Bucket: z3fe9
X-Storage-Object: 3fe924154adc0faefbbd4c050b3453970d6942d10421d30a5c8a69ce5553958c
X-Host: grn80.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1100x733, components 3\012- data
Size:   129436
Md5:    968a599547ec66858c83ac40d2b59c5a
Sha1:   1cd5fbb04668c7efabc3605d346d72f65544427a
Sha256: 3fe924154adc0faefbbd4c050b3453970d6942d10421d30a5c8a69ce5553958c
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.eventsatrefinery.com/
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         44.235.202.207
HTTP/2 200 OK
                                        
date: Mon, 19 Sep 2022 10:14:08 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.eventsatrefinery.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2

                                        
                                            GET /uploads/1/4/0/7/140725637/image0-1_orig.jpeg HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Length: 335830
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 16:38:32 GMT
x-rgw-object-type: Normal
ETag: "aa2b54227ef35e257fab56c8ad77e8ee"
x-amz-request-id: tx0000000000000048a1618-00632840f0-c699baa-sfo1
X-Storage-Bucket: zedb6
X-Storage-Object: edb6d7ce00a9b5c76fd49e0f4975f8fb533b4ba1f894f2ba9d0a15fad76700ab
X-Host: blu70.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1005x1280, components 3\012- data
Size:   335830
Md5:    aa2b54227ef35e257fab56c8ad77e8ee
Sha1:   fe40192f2c825b4dcd86fe8a0f6358f5e3c25967
Sha256: edb6d7ce00a9b5c76fd49e0f4975f8fb533b4ba1f894f2ba9d0a15fad76700ab

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5683
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:14:09 GMT
Last-Modified: Mon, 19 Sep 2022 08:39:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /g/collect?v=2&tid=G-5XQ2W5RVFM&gtm=2oe9e0&_p=1052437769&_gaz=1&cid=795031787.1663582429&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663582429&sct=1&seg=0&dl=https%3A%2F%2Fwww.eventsatrefinery.com%2Fweddings.html&dt=Weddings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.analytics.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.eventsatrefinery.com
date: Mon, 19 Sep 2022 10:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1808
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.235.202.207
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 10:14:08 GMT
content-length: 2
server: nginx
set-cookie: sp=1e090cdb-8c5c-4ab2-89f5-b3fd0df60a08; Expires=Tue, 19 Sep 2023 10:14:08 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.eventsatrefinery.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /g/collect?v=2&tid=G-5XQ2W5RVFM&cid=795031787.1663582429&gtm=2oe9e0&aip=1 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         142.251.1.157
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.eventsatrefinery.com
date: Mon, 19 Sep 2022 10:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.136
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 19 Sep 2022 08:17:11 GMT
expires: Mon, 19 Sep 2022 10:17:11 GMT
cache-control: public, max-age=7200
age: 7018
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5XQ2W5RVFM&cid=795031787.1663582429&gtm=2oe9e0&aip=1&z=357617506 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en; _snow_ses.a77a=*; _snow_id.a77a=a99e3782-a659-4d5b-902f-de1911414b96.1663582429.1.1663582429.1663582429.8faa0403-1887-45c2-b501-f8b66f0d02a4; _ga_5XQ2W5RVFM=GS1.1.1663582429.1.0.1663582429.60.0.0; _ga=GA1.1.795031787.1663582429
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Mon, 19 Sep 2022 10:14:09 GMT
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000000c54fe5-0061a705c2-a9f1ce7-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu76.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    4d27526198ac873ccec96935198e0fb9
Sha1:   b98d8b73ad6a0f7477c3397561b4aab37bf262aa
Sha256: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.eventsatrefinery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en; _snow_ses.a77a=*; _snow_id.a77a=a99e3782-a659-4d5b-902f-de1911414b96.1663582429.1.1663582429.1663582429.8faa0403-1887-45c2-b501-f8b66f0d02a4; _ga_5XQ2W5RVFM=GS1.1.1663582429.1.0.1663582429.60.0.0; _ga=GA1.1.795031787.1663582429
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.42
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Mon, 19 Sep 2022 10:14:09 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn9.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=13
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
                                        
                                            GET /ajax/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false HTTP/1.1 
Host: www.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.eventsatrefinery.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.67
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 19 Sep 2022 10:14:09 GMT
Server: Apache
X-Host: blu68.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11574
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-designer=LIFMBNAK; Domain=editmysite.com; Path=/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Size:   11574
Md5:    d08afc9b11adb8724f8620d638c45140
Sha1:   dc3e6ec4d8602e16af9c511048232b97aead3ac3
Sha256: 7e0ed8b6ecb948dce618c28832236db8f7611565dff5160971ea286be1e2b72d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /mapfiles/transparent.png HTTP/1.1 
Host: maps.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Mon, 19 Sep 2022 10:14:10 GMT
expires: Mon, 19 Sep 2022 10:14:10 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    8327a6037ae00a5be9f75e63ee1b9fbe
Sha1:   a812c79b0d125e4946b33446eae0353f518627e2
Sha256: fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 10:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 10:14:12 GMT
date: Mon, 19 Sep 2022 10:14:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17092
Md5:    8ac0c2aac5499bbff1e5cd3a20596fe2
Sha1:   fcc3f527c5c2c4dc64473858c7ae94ab7b96ee97
Sha256: ee6c28b8aefb5d3e79f8f0593a3ac128ba5c532e82b0744e17f47686a519ffe9
                                        
                                            GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 10:14:12 GMT
date: Mon, 19 Sep 2022 10:14:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1662672764 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:49:09 GMT
etag: "631a5545-82588"
expires: Thu, 22 Sep 2022 21:36:04 GMT
cache-control: max-age=1209600
x-host: grn57.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909482
x-served-by: cache-sjc10056-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.339919,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158973
X-Firefox-Spdy: h2


--- Additional Info ---