firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 09:57:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HRC_QoovnWdzBsaN_S-uYasLdmFhFsH8a8phJ87m5PBUMWhswacffg==
Age: 989
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3246
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 10:14:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nRTKojxLocYnfHggJKDncIdQIF3HNaq3t4MYLcQQWNFhjPmDm2mAgw==
age: 20333
X-Firefox-Spdy: h2
www.eventsatrefinery.com/weddings/
199.34.228.42301 Moved Permanently 414 B URL HTTP/1.1 www.eventsatrefinery.com/weddings/
IP 199.34.228.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 00409e9bc22c0b34485c2fe87a436dac
b30dca87d8fd84dd34b45ec69f01ff7508fc3fe3
b7735a182a78b43dd308f7aaee5250c0e05fe96b14637bc12499469e24803daf
Analyzer Verdict Alert fortinet Phishing
GET /weddings/ HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:14:06 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.eventsatrefinery.com
Vary: X-W-SSL,User-Agent
Location: https://www.eventsatrefinery.com/weddings/
X-Host: grn104.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 414
Keep-Alive: timeout=10, max=57
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:14:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 10:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 10:19:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SE-LYmvgDY5YDl5Ds7WUXW7zqCfCz6mdawlykmExk7cVr8R6is9RNw==
Age: 644
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1005
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:06 GMT
Last-Modified: Mon, 19 Sep 2022 09:57:22 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a25fe60c43d9f757e059359b69e22bac
97bd5558763ae9cfec314b48529846bc72645fcd
41686cc397508100b91e5158b3c7ff3c33b57b729284c0092698c40a0b392d93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41686CC397508100B91E5158B3C7FF3C33B57B729284C0092698C40A0B392D93"
Last-Modified: Sun, 18 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 16:14:06 GMT
Date: Mon, 19 Sep 2022 10:14:06 GMT
Connection: keep-alive
www.eventsatrefinery.com/weddings/
199.34.228.42302 Found 302 B URL HTTP/1.1 www.eventsatrefinery.com/weddings/
IP 199.34.228.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 58b0ec53d14302114b56749e6b8e023e
eb8a43b09ecc198961ed243b251cd28566e5e4a7
3ecd5b8056416e3b0a69b8d799150e4d55342db1ff80939ba784f4cc393260b4
Analyzer Verdict Alert fortinet Phishing
GET /weddings/ HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Mon, 19 Sep 2022 10:14:06 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.eventsatrefinery.com
Vary: X-W-SSL,User-Agent
Cache-Control: private
Location: /weddings.html
X-Host: grn138.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 302
Keep-Alive: timeout=10, max=39
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pHHzyLtd3JQ4yj/nwkVnzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zrTSftJxC7wl5wcJ4nO8knjx0M0=
www.eventsatrefinery.com/weddings.html
199.34.228.42200 OK 10 kB URL HTTP/1.1 www.eventsatrefinery.com/weddings.html
IP 199.34.228.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2439), with CRLF, LF line terminators
Hash ef3cea7d703287de1e7dab2de74f9fa1
c535731e49cde3bebd03657a66a82c57be61aba9
cbd6ddd9031785bc13eeb7a9b04ea4859011fd4d8b569abfce945022aa785e60
Analyzer Verdict Alert fortinet Phishing
GET /weddings.html HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: is_mobile=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:14:07 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: language=en; expires=Mon, 03-Oct-2022 10:14:07 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"22ca33fd7c868ae4e2ba56a0859d500f-gzip"
Content-Encoding: gzip
X-Host: grn41.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 10131
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/css/sites.css?buildTime=1662672764
151.101.85.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1662672764
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1662672764 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 20:48:41 GMT
etag: W/"631a5529-347ac"
expires: Thu, 22 Sep 2022 21:34:22 GMT
cache-control: max-age=1209600
x-host: grn118.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909584
x-served-by: cache-sjc10056-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 16
x-timer: S1663582447.331287,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Tangerine/font.css?2
151.101.85.46200 OK 276 B URL HTTP/2 cdn2.editmysite.com/fonts/Tangerine/font.css?2
IP 151.101.85.46:0
Hash de5386463df9a3ab54e19dcbd107616e
56ba54b2045fed521b3460dae4010d6dabc322ef
2e1377b145747127f86208f06d769be29b2a78382d354360a6048943d0f75e84
GET /fonts/Tangerine/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-352"
expires: Thu, 22 Sep 2022 18:11:31 GMT
cache-control: max-age=1209600
x-host: blu80.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921755
x-served-by: cache-sjc10036-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.331266,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 276
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Questrial/font.css?2
151.101.85.46200 OK 242 B URL HTTP/2 cdn2.editmysite.com/fonts/Questrial/font.css?2
IP 151.101.85.46:0
Hash 451e60ea53a33ced6c4735a750c3776e
7d0eb98a70da6db4d27cafa48b0cd26e78d7e89c
547a6d7141f4ea9bf30c398b8f021f81859e89ee3172e85675877a87a3f9220c
GET /fonts/Questrial/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-1b0"
expires: Thu, 22 Sep 2022 18:07:19 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 922008
x-served-by: cache-sjc10048-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663582447.331429,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 242
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Lato/font.css?2
151.101.85.46200 OK 365 B URL HTTP/2 cdn2.editmysite.com/fonts/Lato/font.css?2
IP 151.101.85.46:0
Hash f6aec8855300407d88c732db5b97c3cf
a6a4c862f86744cbf3f5477e830c9f80ab986eaf
6f00c364d20ef3193c0b008183501117dec28fe7a538ccebdc4492f5c9b281d3
GET /fonts/Lato/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 17:37:44 GMT
etag: "631a2868-a0c"
expires: Thu, 22 Sep 2022 18:06:24 GMT
cache-control: max-age=1209600
x-host: grn132.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 922062
x-served-by: cache-sjc10060-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 26
x-timer: S1663582447.332350,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 365
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Montserrat/font.css?2
151.101.85.46200 OK 276 B URL HTTP/2 cdn2.editmysite.com/fonts/Montserrat/font.css?2
IP 151.101.85.46:0
Hash 559eefb63fcae2a3f85471dd3903016a
5e4a9f5b529f2f6d2ee1de511231f856e673066c
09110f0d179c52677e2caf24d4bad70e5d717acb2eff2887ac36dbc1d9583fae
GET /fonts/Montserrat/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 17:37:44 GMT
etag: "631a2868-354"
expires: Thu, 22 Sep 2022 18:07:56 GMT
cache-control: max-age=1209600
x-host: grn142.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921971
x-served-by: cache-sjc10037-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 71
x-timer: S1663582447.332378,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 276
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/CAC_Champagne/font.css?2
151.101.85.46200 OK 134 B URL HTTP/2 cdn2.editmysite.com/fonts/CAC_Champagne/font.css?2
IP 151.101.85.46:0
Hash f0934a2ae08e7e44f111a557a14b8e20
7cf3af0d49886972d5dfce8bf73117367b83639b
880f676256e84e01bcc270fc95e3d08bb5077011f14f53555257ddc769722120
GET /fonts/CAC_Champagne/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 17:37:43 GMT
etag: "631a2867-aa"
expires: Tue, 27 Sep 2022 11:10:27 GMT
cache-control: max-age=1209600
x-host: blu18.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 515019
x-served-by: cache-sjc10034-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663582447.332482,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 134
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1662672764&
151.101.85.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1662672764&
IP 151.101.85.46:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Hash 40ee71f2f2de93b9561845efa9a0cbbc
13451e3fb165d1ad524d9863d8344eab4a2fe353
41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
GET /js/lang/en/stl.js?buildTime=1662672764& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 20:47:36 GMT
etag: "631a54e8-2c44e"
expires: Thu, 22 Sep 2022 21:34:22 GMT
cache-control: max-age=1209600
x-host: grn117.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909586
x-served-by: cache-sjc10059-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 13
x-timer: S1663582447.334905,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1662672764
151.101.85.46200 OK 1.6 kB URL HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1662672764
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash 8d187cb7374eeeae857b6a61a61de0f4
b44aac11580606735fa1aa8b9637f56268267b0a
427bb56305a151eebd863996d75a06a7a3efe1a9861eefdea80c820ffcd4fb20
GET /css/social-icons.css?buildtime=1662672764 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 20:48:41 GMT
etag: W/"631a5529-3319"
expires: Thu, 22 Sep 2022 21:34:49 GMT
cache-control: max-age=1209600
x-host: blu83.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909558
x-served-by: cache-sjc10067-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 40
x-timer: S1663582447.339900,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Gentium_Basic/font.css?2
151.101.85.46200 OK 136 B URL HTTP/2 cdn2.editmysite.com/fonts/Gentium_Basic/font.css?2
IP 151.101.85.46:0
Hash b6fe410f05835777bf7dace9ff8b5212
b7a6edb6d3b897d8173b92c1b24d1029f8db5154
ea430f275b5dc20736aba1d34f94726af83998725f7ac10814a3a462bf5b7641
GET /fonts/Gentium_Basic/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 17:37:43 GMT
etag: "631a2867-aa"
expires: Thu, 22 Sep 2022 18:07:35 GMT
cache-control: max-age=1209600
x-host: blu122.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921992
x-served-by: cache-sjc10044-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.339865,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 136
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1662672764
151.101.85.46200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1662672764
IP 151.101.85.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1662672764 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 20:49:09 GMT
etag: "631a5545-74804"
expires: Thu, 22 Sep 2022 21:36:04 GMT
cache-control: max-age=1209600
x-host: blu39.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909482
x-served-by: cache-sjc10052-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.335102,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.21.226:0
Hash ac585dbab5d739ae5abd2e8a134b806f
6902409e0654f78cc4f95f5d7a7c00aa2333239c
ed6c00c85f886af4be1b25a9be2240befe74f33aed9104bea058b7f1273b8004
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "56A06FA7E342B9113988767B66F806500F5DA49E"
Expires: Mon, 19 Sep 2022 21:00:00 GMT
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1108
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d18d7828e6b505-OSL
www.eventsatrefinery.com/files/main_style.css?1662995059
199.34.228.42200 OK 5.2 kB URL HTTP/1.1 www.eventsatrefinery.com/files/main_style.css?1662995059
IP 199.34.228.42:0
File type ASCII text, with very long lines (437)
Hash decb33e20de6fdc074248ecb50a4ac40
26e102d037d455c3dd3c0798902fd31e3cc88a0a
83bbc8d5f5a54c7a2d913f8378927b9231891b1093c3d04770fe0947d0cfad76
Analyzer Verdict Alert fortinet Phishing
GET /files/main_style.css?1662995059 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn140.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.21.226:0
Hash ac585dbab5d739ae5abd2e8a134b806f
6902409e0654f78cc4f95f5d7a7c00aa2333239c
ed6c00c85f886af4be1b25a9be2240befe74f33aed9104bea058b7f1273b8004
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "56A06FA7E342B9113988767B66F806500F5DA49E"
Expires: Mon, 19 Sep 2022 21:00:00 GMT
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1108
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d18d785938b505-OSL
cdn2.editmysite.com/fonts/Raleway/font.css?2
151.101.85.46200 OK 318 B URL HTTP/2 cdn2.editmysite.com/fonts/Raleway/font.css?2
IP 151.101.85.46:0
Hash 2ad8307758bc44c36781537e65c682df
d11b12c6899d51858b94a1e244c1de96ff9ebec6
86d13d47326e5c4024a04dc04c67a7d084a86c4ab5384446a4ee5981aa730540
GET /fonts/Raleway/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-6b1"
expires: Thu, 22 Sep 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: grn98.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 921986
x-served-by: cache-sjc10057-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 36
x-timer: S1663582447.427317,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 318
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/css/old/fancybox.css?1662672764
151.101.85.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1662672764
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1662672764 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 20:48:48 GMT
etag: "631a5530-f47"
expires: Thu, 22 Sep 2022 21:36:07 GMT
cache-control: max-age=1209600
x-host: blu86.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909479
x-served-by: cache-sjc10050-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 21
x-timer: S1663582447.432801,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-5XQ2W5RVFM
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-5XQ2W5RVFM
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash da62319ef0dd7e511b5d95e6b1e2fe7a
a7f5aaa631149c74d5db189f38a6a3fea46d9af8
6e814d86de7c951621fe7e3bcb78e3e196d3ddc3ff84b6158e4bf3361e07aab3
GET /gtag/js?id=G-5XQ2W5RVFM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 10:14:07 GMT
expires: Mon, 19 Sep 2022 10:14:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/fonts/Muli/font.css?2
151.101.85.46404 Not Found 146 B URL HTTP/2 cdn2.editmysite.com/fonts/Muli/font.css?2
IP 151.101.85.46:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /fonts/Muli/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html
x-host: blu127.sf2p.intern.weebly.net
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 19 Sep 2022 10:14:07 GMT
x-served-by: cache-sjc10073-SJC, cache-bma1636-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663582447.332038,VS0,VE193
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 146
X-Firefox-Spdy: h2
www.eventsatrefinery.com/files/theme/plugins.js?1531150540
199.34.228.42200 OK 19 kB URL HTTP/1.1 www.eventsatrefinery.com/files/theme/plugins.js?1531150540
IP 199.34.228.42:0
Hash 17c0b51cd6ba1b91479bfe0274feed18
785a5cfa1ee86fd40b1a9deab58477ac101cb20a
64fa489daea8001c79f266c076946a1dd2b3568d3c6810bc1db9fb27529dee28
GET /files/theme/plugins.js?1531150540 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 21 May 2021 20:17:30 GMT
x-rgw-object-type: Normal
ETag: W/"7f6df4939d4102a752a5c1989d81afd4"
x-amz-request-id: tx000000000000000c79baa-0061a70535-a9f41e7-sfo1
X-Storage-Bucket: z6ee5
X-Storage-Object: 6ee5ff05679a26a9027cbb63cadee08104fa248a93d3582a333a5d134c25460b
X-Host: blu42.sf2p.intern.weebly.net
Content-Encoding: gzip
www.eventsatrefinery.com/files/templateArtifacts.js?1662995059
199.34.228.42200 OK 1.6 kB URL HTTP/1.1 www.eventsatrefinery.com/files/templateArtifacts.js?1662995059
IP 199.34.228.42:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Phishing
GET /files/templateArtifacts.js?1662995059 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu41.sf2p.intern.weebly.net
Content-Encoding: gzip
www.eventsatrefinery.com/files/theme/custom.js?1531150540
199.34.228.42200 OK 3.2 kB URL HTTP/1.1 www.eventsatrefinery.com/files/theme/custom.js?1531150540
IP 199.34.228.42:0
Hash 6ddabf9ec1dae07f541de3e009969179
37359e9551b6247c7a8fe9f2d7f6a05e18ccb7d5
c057541328f3e6fcee23c1ec11a2d1d57dc8450e5ad366d56d41df4202955765
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/custom.js?1531150540 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Type: application/javascript
Content-Length: 3233
Connection: keep-alive
Last-Modified: Sat, 19 Mar 2022 11:38:28 GMT
x-rgw-object-type: Normal
ETag: "6ddabf9ec1dae07f541de3e009969179"
x-amz-request-id: tx0000000000000000439b9-006258b622-4d6022f-las
X-Storage-Bucket: zc057
X-Storage-Object: c057541328f3e6fcee23c1ec11a2d1d57dc8450e5ad366d56d41df4202955765
X-Host: grn49.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.eventsatrefinery.com/files/theme/mobile.js?1531150540
199.34.228.42200 OK 3.0 kB URL HTTP/1.1 www.eventsatrefinery.com/files/theme/mobile.js?1531150540
IP 199.34.228.42:0
Hash df46997a63ceb84c8708e197225bf22e
461b6fa23df29f7da9b3a03f3dba6f846bedf917
84881ad46cfd8cd5adf57ee99e47fd4790e655d5bfc4e45e0b833f0beeacb602
Analyzer Verdict Alert fortinet Phishing
GET /files/theme/mobile.js?1531150540 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 22 May 2021 22:42:27 GMT
x-rgw-object-type: Normal
ETag: W/"008fd6990b3bdf96b9d46f87e52a7730"
x-amz-request-id: tx000000000000000043cc9-006258b626-4d6022f-las
X-Storage-Bucket: z52fc
X-Storage-Object: 52fce566223a538d2037cd7f8ee707362452d0e935d018f857322f10c4446e64
X-Host: blu41.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 16:18:50 GMT
etag: "6321feea-124fe"
expires: Thu, 29 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 351327
x-served-by: cache-sjc10051-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 3186
x-timer: S1663582448.078217,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Raleway/regular.woff2
151.101.85.46200 OK 21 kB URL HTTP/2 cdn2.editmysite.com/fonts/Raleway/regular.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Hash 16911581ab7ea10687a5aee74cbc5612
b0b24248345739209d753a4ac77ccfc1f627b219
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
GET /fonts/Raleway/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-5320"
expires: Thu, 22 Sep 2022 18:07:41 GMT
cache-control: max-age=1209600
x-host: blu93.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 921987
x-served-by: cache-sjc10058-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 29
x-timer: S1663582448.098863,VS0,VE0
access-control-allow-origin: *
content-length: 21280
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Tangerine/regular.woff2
151.101.85.46200 OK 23 kB URL HTTP/2 cdn2.editmysite.com/fonts/Tangerine/regular.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 23304, version 1.0\012- data
Hash b7e6355b20dd4ed479af5b3dec002897
ceb6b354452bbba6394faa5cd5a6463b69319ec9
cb4e7c0a159ec0cc2bdab8e3cd4b5541cf77748e1f07d4719eb5835c3afcabce
GET /fonts/Tangerine/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-5b08"
expires: Thu, 22 Sep 2022 18:18:06 GMT
cache-control: max-age=1209600
x-host: grn25.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 921361
x-served-by: cache-sjc10073-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582448.104639,VS0,VE1
access-control-allow-origin: *
content-length: 23304
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Gentium_Basic/regular.ttf
151.101.85.46200 OK 103 kB URL HTTP/2 cdn2.editmysite.com/fonts/Gentium_Basic/regular.ttf
IP 151.101.85.46:0
File type TrueType Font data, 22 tables, 1st "Feat", 89 names, Macintosh, Copyright (c) SIL International, 2003-2008.Gentium BasicRegularSILInternational: Gentium Basic: \012- data
Size 103 kB (102574 bytes)
Hash 5f258530e0f7f49b9baf229abf563036
a73f57f1c908b24031a731b9b2b152288b499bb8
7f1bed69faaa46284857e8613b44d8e2377a749fca017f39571dca5058bf66da
GET /fonts/Gentium_Basic/regular.ttf HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
last-modified: Thu, 08 Sep 2022 12:25:49 GMT
etag: "6319df4d-41af8"
expires: Thu, 22 Sep 2022 18:07:36 GMT
cache-control: max-age=1209600
x-host: grn31.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 921992
x-served-by: cache-sjc10025-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3
x-timer: S1663582448.109634,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 102574
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Tangerine/bold.woff2
151.101.85.46200 OK 25 kB URL HTTP/2 cdn2.editmysite.com/fonts/Tangerine/bold.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 24804, version 1.0\012- data
Hash b30f43e654ab324a5fa33870c3650b11
851391675b505b0fff0e4ebab9f9046cf821d918
0dbef693a0e3502c8b77d77874867ae7e87514309f644009b0a5aa4d52a2536b
GET /fonts/Tangerine/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Thu, 08 Sep 2022 17:37:45 GMT
etag: "631a2869-60e4"
expires: Mon, 26 Sep 2022 12:59:34 GMT
cache-control: max-age=1209600
x-host: grn9.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 594873
x-served-by: cache-sjc10052-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582448.109431,VS0,VE1
access-control-allow-origin: *
content-length: 24804
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1662670121405
151.101.85.46200 OK 2.6 kB URL HTTP/2 cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1662670121405
IP 151.101.85.46:0
File type Web Open Font Format, TrueType, length 2636, version 1.0\012- data
Hash 0e88795b66eeac48b209209aa0179411
983e16566390f9167c6c4fbbdb052623fc01a631
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
GET /fonts/wSocial/wsocial.woff?ts=1662670121405 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff
last-modified: Thu, 08 Sep 2022 17:37:46 GMT
etag: "631a286a-a4c"
expires: Thu, 22 Sep 2022 21:30:38 GMT
cache-control: max-age=1209600
x-host: blu74.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:08 GMT
age: 909810
x-served-by: cache-sjc10062-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 22
x-timer: S1663582448.117767,VS0,VE0
access-control-allow-origin: *
content-length: 2636
X-Firefox-Spdy: h2
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/ceremony.jpg?1655832305
199.34.228.42200 OK 6.5 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/ceremony.jpg?1655832305
IP 199.34.228.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 205x137, components 3\012- data
Hash 1068c39ac75dd34d544bfb8f47984921
b381c93bad478ce491a6434cce08e6155a9449f0
b6a01a6800b9bca5d10b3f6e2f3210dd6a9c0cfe2262ce5401a3407d7825c731
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/4/0/7/140725637/published/ceremony.jpg?1655832305 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: image/jpeg
Content-Length: 6530
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 17:23:28 GMT
x-rgw-object-type: Normal
ETag: "1068c39ac75dd34d544bfb8f47984921"
x-amz-request-id: tx000000000000004311df6-006327a278-c699baa-sfo1
X-Storage-Bucket: zb6a0
X-Storage-Object: b6a01a6800b9bca5d10b3f6e2f3210dd6a9c0cfe2262ce5401a3407d7825c731
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/ceremony-1.jpg?1655832256
199.34.228.42200 OK 22 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/ceremony-1.jpg?1655832256
IP 199.34.228.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 274x183, components 3\012- data
Hash 4fbf1702a2be7132362e5b4bb46bbd50
846a954cfcf801c042c4e41a018b1348f5cfee26
a964860f2ea69674bff6627a8fbc074e87cb3f477730088e4248a3d5e86489ac
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/4/0/7/140725637/published/ceremony-1.jpg?1655832256 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: image/jpeg
Content-Length: 21721
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 17:24:16 GMT
x-rgw-object-type: Normal
ETag: "4fbf1702a2be7132362e5b4bb46bbd50"
x-amz-request-id: tx000000000000003b30666-00632840f0-c67eadd-sfo1
X-Storage-Bucket: za964
X-Storage-Object: a964860f2ea69674bff6627a8fbc074e87cb3f477730088e4248a3d5e86489ac
X-Host: grn61.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d23fe85ca3dd1eed42c2a20bf11d3a38
2603a4dc7ef490ad4bbfad91efeec8ac4a13b4b6
6b6dfbfe520b5bb8ae2b706703243227250b1be730009fdcb77ee10a99a26869
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3533
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:08 GMT
Last-Modified: Mon, 19 Sep 2022 09:15:15 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10590
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 10:14:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 44215
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:54:31 GMT
age: 22777
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/carly-colin-0381-1000-600x600.jpg?1654741418
199.34.228.42200 OK 51 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/carly-colin-0381-1000-600x600.jpg?1654741418
IP 199.34.228.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 441x441, components 3\012- data
Hash 56a3093ce09d50dd5019ec1b0a530558
d21ad0632a3ad05c36b8757d0f876a1d240142a8
1eef2298539e4b07859387179a9d1a5ef6d9d3dda21c235d0c89e3ab82693f27
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/4/0/7/140725637/published/carly-colin-0381-1000-600x600.jpg?1654741418 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: image/jpeg
Content-Length: 50680
Connection: keep-alive
Last-Modified: Thu, 09 Jun 2022 02:21:34 GMT
x-rgw-object-type: Normal
ETag: "56a3093ce09d50dd5019ec1b0a530558"
x-amz-request-id: tx000000000000003b16225-00632840f0-c6aed46-sfo1
X-Storage-Bucket: z1eef
X-Storage-Object: 1eef2298539e4b07859387179a9d1a5ef6d9d3dda21c235d0c89e3ab82693f27
X-Host: grn73.sf2p.intern.weebly.net
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
age: 44429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 23409
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
age: 44429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b174f977a78acf5f28935f44cac702d
7deb4e0fc838bcfffb532ff1f92f4036b35571f2
7e87fe13d3127a1c8e89f72c1455349d9edcb89eeb2a9b103d191095ddc69751
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5570
x-amzn-requestid: a20f5fb2-9c4a-4124-bc27-6b7cf99c5a73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn64FEKXoAMFbzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e99-0edcfdf505c4467b31355e71;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jp6TEMqaAAIs3jUsysER2sqaEob7LrzeR0vwp5I-gWSZsPxaFW4Vlg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:54:26 GMT
age: 44382
etag: "7deb4e0fc838bcfffb532ff1f92f4036b35571f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/classic-reception_orig.jpg
199.34.228.42200 OK 93 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/classic-reception_orig.jpg
IP 199.34.228.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 533x800, components 3\012- data
Hash 8711d15726e4bed5370fa21de6593db8
f3773ed2aaef5ee1615359769afe1e6c52bb64fe
e2d64e86c746896fc8177af2b18c08f056c46dd540e700849fa8c9c04ec24427
GET /uploads/1/4/0/7/140725637/classic-reception_orig.jpg HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: image/jpeg
Content-Length: 92698
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 16:37:25 GMT
x-rgw-object-type: Normal
ETag: "8711d15726e4bed5370fa21de6593db8"
x-amz-request-id: tx000000000000003b455e8-00632698b7-c669cc6-sfo1
X-Storage-Bucket: ze2d6
X-Storage-Object: e2d64e86c746896fc8177af2b18c08f056c46dd540e700849fa8c9c04ec24427
X-Host: blu42.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/bridal-suite_orig.jpg
199.34.228.42200 OK 239 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/bridal-suite_orig.jpg
IP 199.34.228.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1100x735, components 3\012- data
Size 239 kB (239026 bytes)
Hash dfcd0e36b911e6eeb2cbb8f64041ebee
5022e34a54bb3f55e84d6a5a0e280677b4bdf2d7
7012b5600ea7981717a60be0574b64243e046500371d62361dff5c0cde57cfc6
GET /uploads/1/4/0/7/140725637/bridal-suite_orig.jpg HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: image/jpeg
Content-Length: 239026
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 16:31:58 GMT
x-rgw-object-type: Normal
ETag: "dfcd0e36b911e6eeb2cbb8f64041ebee"
x-amz-request-id: tx000000000000004a6cc6a-00632840f0-c695612-sfo1
X-Storage-Bucket: z7012
X-Storage-Object: 7012b5600ea7981717a60be0574b64243e046500371d62361dff5c0cde57cfc6
X-Host: grn49.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/1528227866-8f076c51a141f691-wadsworthwedding079.webp?1654794884
199.34.228.42404 Not Found 3.7 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/published/1528227866-8f076c51a141f691-wadsworthwedding079.webp?1654794884
IP 199.34.228.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Hash 2eeb3e560ca8f369be20ceb5858a4701
6c53e6b66c1bc6d0b93116e14fb79c30424bf36c
ac2d9485acf7e9c29d94d31f19d3aedda958cd4f6119ddc888fbbde52d6078dd
GET /uploads/1/4/0/7/140725637/published/1528227866-8f076c51a141f691-wadsworthwedding079.webp?1654794884 HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: text/html
Content-Length: 3739
Connection: keep-alive
ETag: "61c39c46-e9b"
X-Host: blu74.sf2p.intern.weebly.net
www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false
74.115.50.110302 Found 0 B URL HTTP/1.1 www.weebly.com/weebly/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false
IP 74.115.50.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /weebly/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Mon, 19 Sep 2022 10:14:08 GMT
Server: Apache
Location: https://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false
X-Host: blu75.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-editor=GAGABNAK; Domain=weebly.com; Path=/
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash dec7b99388c1844d66dc4f30bb8417b6
486a2beeeb6956a3516dabcb9f35703f553d7fe8
2c3b1797ba4151cf0dff0466566c72c74009f067084006e38277bca7e434d5d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:14:08 GMT
Last-Modified: Mon, 19 Sep 2022 08:42:20 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e9v0W_XT0TvyCnWH6JDHQGCjlkPK6wHMAZP52suGGmjT02G8gW6J9Q==
Age: 5508
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash dec7b99388c1844d66dc4f30bb8417b6
486a2beeeb6956a3516dabcb9f35703f553d7fe8
2c3b1797ba4151cf0dff0466566c72c74009f067084006e38277bca7e434d5d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:14:08 GMT
Last-Modified: Mon, 19 Sep 2022 08:42:20 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BfNjWx-8Y3XRGOMCYAbVDrWkx-pBt1-65T4YM6KsuboUbos1Fju1Bw==
Age: 5508
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/print-release-pdf-43_orig.jpg
199.34.228.42200 OK 129 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/print-release-pdf-43_orig.jpg
IP 199.34.228.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1100x733, components 3\012- data
Size 129 kB (129436 bytes)
Hash 968a599547ec66858c83ac40d2b59c5a
1cd5fbb04668c7efabc3605d346d72f65544427a
3fe924154adc0faefbbd4c050b3453970d6942d10421d30a5c8a69ce5553958c
GET /uploads/1/4/0/7/140725637/print-release-pdf-43_orig.jpg HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: image/jpeg
Content-Length: 129436
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 02:03:51 GMT
x-rgw-object-type: Normal
ETag: "968a599547ec66858c83ac40d2b59c5a"
x-amz-request-id: tx0000000000000048d5ac5-00632840f0-c696eea-sfo1
X-Storage-Bucket: z3fe9
X-Storage-Object: 3fe924154adc0faefbbd4c050b3453970d6942d10421d30a5c8a69ce5553958c
X-Host: grn80.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.eventsatrefinery.com/
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:14:08 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.eventsatrefinery.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
www.eventsatrefinery.com/uploads/1/4/0/7/140725637/image0-1_orig.jpeg
199.34.228.42200 OK 336 kB URL HTTP/1.1 www.eventsatrefinery.com/uploads/1/4/0/7/140725637/image0-1_orig.jpeg
IP 199.34.228.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1005x1280, components 3\012- data
Size 336 kB (335830 bytes)
Hash aa2b54227ef35e257fab56c8ad77e8ee
fe40192f2c825b4dcd86fe8a0f6358f5e3c25967
edb6d7ce00a9b5c76fd49e0f4975f8fb533b4ba1f894f2ba9d0a15fad76700ab
Analyzer Verdict Alert fortinet Phishing
GET /uploads/1/4/0/7/140725637/image0-1_orig.jpeg HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:08 GMT
Content-Type: image/jpeg
Content-Length: 335830
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 16:38:32 GMT
x-rgw-object-type: Normal
ETag: "aa2b54227ef35e257fab56c8ad77e8ee"
x-amz-request-id: tx0000000000000048a1618-00632840f0-c699baa-sfo1
X-Storage-Bucket: zedb6
X-Storage-Object: edb6d7ce00a9b5c76fd49e0f4975f8fb533b4ba1f894f2ba9d0a15fad76700ab
X-Host: blu70.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf59df3dbdbcb5bd0d3f5b17f36c60f5
92cdef26456d0534dafe8544c7c7cd042f8b54d9
11e93295175b382ba2f5ccb79397f488a7abe3bd3709570f7dfd9ba721f2d409
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5683
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:09 GMT
Last-Modified: Mon, 19 Sep 2022 08:39:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
region1.analytics.google.com/g/collect?v=2&tid=G-5XQ2W5RVFM>m=2oe9e0&_p=1052437769&_gaz=1&cid=795031787.1663582429&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663582429&sct=1&seg=0&dl=https%3A%2F%2Fwww.eventsatrefinery.com%2Fweddings.html&dt=Weddings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-5XQ2W5RVFM>m=2oe9e0&_p=1052437769&_gaz=1&cid=795031787.1663582429&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663582429&sct=1&seg=0&dl=https%3A%2F%2Fwww.eventsatrefinery.com%2Fweddings.html&dt=Weddings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5XQ2W5RVFM>m=2oe9e0&_p=1052437769&_gaz=1&cid=795031787.1663582429&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663582429&sct=1&seg=0&dl=https%3A%2F%2Fwww.eventsatrefinery.com%2Fweddings.html&dt=Weddings&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.eventsatrefinery.com
date: Mon, 19 Sep 2022 10:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1808
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:14:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=1e090cdb-8c5c-4ab2-89f5-b3fd0df60a08; Expires=Tue, 19 Sep 2023 10:14:08 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.eventsatrefinery.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-5XQ2W5RVFM&cid=795031787.1663582429>m=2oe9e0&aip=1
142.251.1.157204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-5XQ2W5RVFM&cid=795031787.1663582429>m=2oe9e0&aip=1
IP 142.251.1.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5XQ2W5RVFM&cid=795031787.1663582429>m=2oe9e0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.eventsatrefinery.com
date: Mon, 19 Sep 2022 10:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.136200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.136:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 19 Sep 2022 08:17:11 GMT
expires: Mon, 19 Sep 2022 10:17:11 GMT
cache-control: public, max-age=7200
age: 7018
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fd6f5d48a8eb6a76f7c699a235f6ed95
6dfe5af37fa0c7a6ed073d73d8be6e23ec4e1cc4
a7239c791a93ecf634d1afef2a09feae30f46decdbfa039403bd10394e444d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5XQ2W5RVFM&cid=795031787.1663582429>m=2oe9e0&aip=1&z=357617506
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5XQ2W5RVFM&cid=795031787.1663582429>m=2oe9e0&aip=1&z=357617506
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5XQ2W5RVFM&cid=795031787.1663582429>m=2oe9e0&aip=1&z=357617506 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fd6f5d48a8eb6a76f7c699a235f6ed95
6dfe5af37fa0c7a6ed073d73d8be6e23ec4e1cc4
a7239c791a93ecf634d1afef2a09feae30f46decdbfa039403bd10394e444d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eventsatrefinery.com/favicon.ico
199.34.228.42200 OK 4.3 kB URL HTTP/1.1 www.eventsatrefinery.com/favicon.ico
IP 199.34.228.42:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
GET /favicon.ico HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en; _snow_ses.a77a=*; _snow_id.a77a=a99e3782-a659-4d5b-902f-de1911414b96.1663582429.1.1663582429.1663582429.8faa0403-1887-45c2-b501-f8b66f0d02a4; _ga_5XQ2W5RVFM=GS1.1.1663582429.1.0.1663582429.60.0.0; _ga=GA1.1.795031787.1663582429
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 10:14:09 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000000c54fe5-0061a705c2-a9f1ce7-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu76.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.eventsatrefinery.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.42200 OK 348 B URL HTTP/1.1 www.eventsatrefinery.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.42:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.eventsatrefinery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.eventsatrefinery.com
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/weddings.html
Cookie: is_mobile=0; language=en; _snow_ses.a77a=*; _snow_id.a77a=a99e3782-a659-4d5b-902f-de1911414b96.1663582429.1.1663582429.1663582429.8faa0403-1887-45c2-b501-f8b66f0d02a4; _ga_5XQ2W5RVFM=GS1.1.1663582429.1.0.1663582429.60.0.0; _ga=GA1.1.795031787.1663582429
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:14:09 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn9.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=13
Connection: Keep-Alive
Content-Type: application/json
www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false
74.115.50.67200 OK 12 kB URL HTTP/1.1 www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false
IP 74.115.50.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Hash d08afc9b11adb8724f8620d638c45140
dc3e6ec4d8602e16af9c511048232b97aead3ac3
7e0ed8b6ecb948dce618c28832236db8f7611565dff5160971ea286be1e2b72d
GET /ajax/apps/generateMap.php?map=google&elementid=504644155433573702&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=0&typecontrol=0&zoom=15&long=-88.28435809999999&lat=40.1094937&domain=www&point=1&align=1&reseller=false HTTP/1.1
Host: www.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.eventsatrefinery.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:14:09 GMT
Server: Apache
X-Host: blu68.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11574
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-designer=LIFMBNAK; Domain=editmysite.com; Path=/
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/transparent.png
142.250.74.163200 OK 68 B URL HTTP/2 maps.gstatic.com/mapfiles/transparent.png
IP 142.250.74.163:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 8327a6037ae00a5be9f75e63ee1b9fbe
a812c79b0d125e4946b33446eae0353f518627e2
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Mon, 19 Sep 2022 10:14:10 GMT
expires: Mon, 19 Sep 2022 10:14:10 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.10:0
Hash 8ac0c2aac5499bbff1e5cd3a20596fe2
fcc3f527c5c2c4dc64473858c7ae94ab7b96ee97
ee6c28b8aefb5d3e79f8f0593a3ac128ba5c532e82b0744e17f47686a519ffe9
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 10:14:12 GMT
date: Mon, 19 Sep 2022 10:14:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.10:0
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 10:14:12 GMT
date: Mon, 19 Sep 2022 10:14:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1662672764
151.101.85.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1662672764
IP 151.101.85.46:0
GET /js/site/main-customer-accounts-site.js?buildTime=1662672764 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eventsatrefinery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 20:49:09 GMT
etag: "631a5545-82588"
expires: Thu, 22 Sep 2022 21:36:04 GMT
cache-control: max-age=1209600
x-host: grn57.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:14:07 GMT
age: 909482
x-served-by: cache-sjc10056-SJC, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663582447.339919,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158973
X-Firefox-Spdy: h2